]> granicus.if.org Git - php/commit
projects / php / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(merge: 50d6fd6 3fe5094)
Merge branch 'PHP-5.6'
authorStanislav Malyshev <stas@php.net>
Tue, 1 Sep 2015 19:40:10 +0000 (12:40 -0700)
committerStanislav Malyshev <stas@php.net>
Wed, 2 Sep 2015 07:37:20 +0000 (00:37 -0700)
commit9b1a224d4e994219a6ef1d1d8fdcc1b0598ba3ab
tree491094c4c38e550cce8f1bc157b6e526e260b976tree | snapshot
parent50d6fd6a032aad352d0daa52540698131813a4eccommit | diff
parent3fe509443ccaebd5626f18490f36f088cde16d3fcommit | diff
Merge branch 'PHP-5.6'

* PHP-5.6: (21 commits)
  fix unit tests
  update NEWS
  add NEWS for fixes
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix bug ##70284 (Use after free vulnerability in unserialize() with GMP)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  ...

Conflicts:
ext/exif/exif.c
ext/gmp/gmp.c
ext/pcre/php_pcre.c
ext/session/session.c
ext/session/tests/session_decode_variation3.phpt
ext/soap/soap.c
ext/spl/spl_observer.c
ext/standard/var.c
ext/standard/var_unserializer.c
ext/standard/var_unserializer.re
ext/xsl/xsltprocessor.c
17 files changed:
Zend/zend_API.c diff1 | diff2 | blob | history
ext/exif/exif.c diff1 | diff2 | blob | history
ext/gmp/gmp.c diff1 | diff2 | blob | history
ext/gmp/tests/bug70284.phpt | diff2 | blob | history
ext/hash/hash_haval.c diff1 | diff2 | blob | history
ext/pcre/php_pcre.c diff1 | diff2 | blob | history
ext/session/session.c diff1 | diff2 | blob | history
ext/session/tests/session_decode_error2.phpt diff1 | diff2 | blob | history
ext/soap/soap.c diff1 | diff2 | blob | history
ext/spl/spl_dllist.c diff1 | diff2 | blob | history
ext/standard/tests/serialize/bug70172_2.phpt | diff2 | blob | history
ext/standard/tests/serialize/bug70219.phpt | diff2 | blob | history
ext/standard/var.c diff1 | diff2 | blob | history
ext/standard/var_unserializer.c diff1 | diff2 | blob | history
ext/standard/var_unserializer.re diff1 | diff2 | blob | history
ext/xsl/xsltprocessor.c diff1 | diff2 | blob | history
ext/zip/php_zip.c diff1 | diff2 | blob | history
Unnamed repository; edit this file 'description' to name the repository.