Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI InterfaceHEADmaster | Remi Collet | 43 hours | 7 | -10/+599 |
| | | | | | | | | | | | | GHSA-4w77-75f9-2c8w Fix OOB access in ldap_escape CVE-2024-8932 Fix Integer overflow in the dblib/firebird quoter causing OOB writes CVE-2024-11236 Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs CVE-2024-11234 Fix Single byte overread with convert.quoted-printable-decode filter CVE-2024-11233 | ||||
* | rename patches | Remi Collet | 11 days | 4 | -7/+7 |
| | |||||
* | Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI | Remi Collet | 2024-09-26 | 6 | -7/+767 |
| | | | | | | | | | | | | | CVE-2024-4577 Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability CVE-2024-8926 Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 Fix Logs from childrens may be altered CVE-2024-9026 Fix Erroneous parsing of multipart form data CVE-2024-8925 use ICU 74.2 | ||||
* | add backport for https://bugs.php.net/79589 | Remi Collet | 2024-08-26 | 3 | -7/+47 |
| | | | | error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading | ||||
* | use oracle client library version 23.5 on x86_64 | Remi Collet | 2024-07-31 | 2 | -405/+401 |
| | |||||
* | Fix filter bypass in filter_var FILTER_VALIDATE_URL | Remi Collet | 2024-06-05 | 3 | -8/+197 |
| | | | | CVE-2024-5458 | ||||
* | Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix | Remi Collet | 2024-04-10 | 4 | -4/+288 |
| | | | | | | CVE-2024-2756 Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 | ||||
* | patch test suite for zlib-ng | Remi Collet | 2024-03-07 | 4 | -3/+646 |
| | |||||
* | add build patch for GCC 14 | Remi Collet | 2024-02-14 | 2 | -2/+40 |
| | | | | use oracle client library version 21.13 on x86_64 | ||||
* | use ICU 73.2 | Remi Collet | 2023-12-12 | 3 | -8/+48 |
| | | | | | use oracle client library version 21.12 on x86_64, 19.19 on aarch64 add fixes for libxml 2.11 and 2.12 from 8.1 | ||||
* | refresh | Remi Collet | 2023-12-07 | 7 | -41/+680 |
| | |||||
* | use oracle client library version 21.11 on x86_64, 19.19 on aarch64 | Remi Collet | 2023-09-22 | 2 | -15/+28 |
| | | | | use official Oracle Instant Client RPM | ||||
* | Fix Security issue with external entity loading in XML without enabling it | Remi Collet | 2023-08-01 | 4 | -8/+752 |
| | | | | | | | GHSA-3qrf-m4j2-pcrr CVE-2023-3823 Fix Buffer mismanagement in phar_dir_read() GHSA-jqcx-ccgc-xwhv CVE-2023-3824 move httpd/nginx wants directive to config files in /etc | ||||
* | refresh patches | Remi Collet | 2023-06-26 | 3 | -89/+136 |
| | |||||
* | more upstream patch | Remi Collet | 2023-06-06 | 1 | -0/+24 |
| | |||||
* | Fix Missing error check and insufficient random bytes in HTTP Digest | Remi Collet | 2023-06-06 | 4 | -597/+901 |
| | | | | | authentication for SOAP GHSA-76gg-c692-v2mw | ||||
* | use ICU 72.1 | Remi Collet | 2023-05-11 | 3 | -29/+36 |
| | | | | | | use oracle client library version 21.10 fix possible buffer overflow in date define %php74___phpize and %php74___phpconfig | ||||
* | F38: enable imap extension | Remi Collet | 2023-02-21 | 2 | -6/+7 |
| | |||||
* | minor fix for NEWS | Remi Collet | 2023-02-14 | 1 | -0/+25 |
| | |||||
* | fix #81744: Password_verify() always return true with some hash | Remi Collet | 2023-02-14 | 5 | -9/+437 |
| | | | | | | | | | CVE-2023-0567 fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 fix DOS vulnerability when parsing multipart request body CVE-2023-0662 add dependency on pcre2 minimal version | ||||
* | pdo: fix #81740: PDO::quote() may return unquoted string | Remi Collet | 2022-12-19 | 2 | -2/+106 |
| | | | | | CVE-2022-31631 use oracle client library version 21.8 | ||||
* | Update to 7.4.33 - http://www.php.net/releases/7_4_33.php | Remi Collet | 2022-11-01 | 3 | -190/+6 |
| | |||||
* | add upstream fix for CVE-2022-31630 and CVE-2022-37454 | Remi Collet | 2022-10-26 | 3 | -1/+191 |
| | |||||
* | Update to 7.4.32 - http://www.php.net/releases/7_4_32.php | Remi Collet | 2022-09-28 | 3 | -148/+335 |
| | | | | use ICU 71.1 | ||||
* | Update to 7.4.30 - http://www.php.net/releases/7_4_30.php | Remi Collet | 2022-06-07 | 2 | -5/+10 |
| | | | | use oracle client library version 21.6 | ||||
* | Update to 7.4.29 - http://www.php.net/releases/7_4_29.php | Remi Collet | 2022-04-12 | 2 | -6/+7 |
| | |||||
* | handle tzdata up to .26 | Remi Collet | 2022-02-23 | 1 | -8/+18 |
| | |||||
* | retrieve tzdata version | Remi Collet | 2022-02-22 | 2 | -21/+69 |
| | | | | use oracle client library version 21.5 | ||||
* | Update to 7.4.28 - http://www.php.net/releases/7_4_28.php | Remi Collet | 2022-02-15 | 2 | -10/+11 |
| | |||||
* | Update to 7.4.27 - http://www.php.net/releases/7_4_27.php | Remi Collet | 2021-12-15 | 2 | -9/+14 |
| | |||||
* | ensure we use libgd >= 2.3 | Remi Collet | 2021-12-02 | 1 | -7/+5 |
| | |||||
* | update to 7.4.27RC1 | Remi Collet | 2021-12-01 | 2 | -5/+9 |
| | | | | use oracle client library version 21.4 | ||||
* | improve openssl 3 patch | Remi Collet | 2021-11-18 | 1 | -24/+127 |
| | |||||
* | Update to 7.4.26 - http://www.php.net/releases/7_4_26.php | Remi Collet | 2021-11-16 | 2 | -3/+6 |
| | |||||
* | add patch for OpenSSL 3.0, backported from 8.1 | Remi Collet | 2021-11-09 | 4 | -4/+2498 |
| | |||||
* | update to 7.4.26RC1 | Remi Collet | 2021-11-03 | 2 | -10/+12 |
| | |||||
* | bump | Remi Collet | 2021-10-26 | 1 | -1/+1 |
| | |||||
* | dba: enable qdbm backend | Remi Collet | 2021-10-26 | 1 | -0/+16 |
| | |||||
* | Update to 7.4.25 - http://www.php.net/releases/7_4_25.php | Remi Collet | 2021-10-20 | 2 | -3/+6 |
| | |||||
* | update to 7.4.24RC1 | Remi Collet | 2021-10-06 | 2 | -11/+17 |
| | | | | use libicu version 69 | ||||
* | Update to 7.4.24 - http://www.php.net/releases/7_4_24.php | Remi Collet | 2021-09-21 | 2 | -2/+5 |
| | |||||
* | update to 7.4.24RC1 | Remi Collet | 2021-09-08 | 2 | -4/+8 |
| | | | | use oracle client library version 21.3 | ||||
* | Update to 7.4.23 - http://www.php.net/releases/7_4_23.php | Remi Collet | 2021-08-24 | 2 | -2/+5 |
| | |||||
* | update to 7.4.23RC1 | Remi Collet | 2021-08-10 | 2 | -3/+6 |
| | |||||
* | Update to 7.4.22 - http://www.php.net/releases/7_4_22.php | Remi Collet | 2021-07-28 | 2 | -2/+5 |
| | |||||
* | update to 7.4.22RC1 | Remi Collet | 2021-07-13 | 2 | -3/+6 |
| | |||||
* | Update to 7.4.21 - http://www.php.net/releases/7_4_21.php | Remi Collet | 2021-06-29 | 2 | -5/+8 |
| | |||||
* | update to 7.4.21RC1 | Remi Collet | 2021-06-16 | 3 | -3/+25 |
| | | | | ignore unsupported "threads" option on password_hash | ||||
* | Update to 7.4.20 - http://www.php.net/releases/7_4_20.php | Remi Collet | 2021-06-02 | 2 | -3/+6 |
| | |||||
* | fix snmp extension build with net-snmp without DES | Remi Collet | 2021-05-27 | 2 | -1/+45 |
| |