]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: 15e9f4b 48cfd11)
Merge branch 'PHP-5.4' into PHP-5.5
authorStanislav Malyshev <stas@php.net>
Tue, 1 Sep 2015 18:42:19 +0000 (11:42 -0700)
committerStanislav Malyshev <stas@php.net>
Tue, 1 Sep 2015 18:42:19 +0000 (11:42 -0700)
* PHP-5.4:
  Improve fix for #70172
  Fix bug #70312 - HAVAL gives wrong hashes in specific cases
  fix test
  add test
  Fix bug #70366 - use-after-free vulnerability in unserialize() with SplDoublyLinkedList
  Fix bug #70365 - use-after-free vulnerability in unserialize() with SplObjectStorage
  Fix bug #70172 - Use After Free Vulnerability in unserialize()
  Fix bug #70388 - SOAP serialize_function_call() type confusion
  Fixed bug #70350: ZipArchive::extractTo allows for directory traversal when creating directories
  Improve fix for #70385
  Fix bug #70345 (Multiple vulnerabilities related to PCRE functions)
  Fix bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes)
  Fix bug #70219 (Use after free vulnerability in session deserializer)
  Fix for bug #69782
  Add CVE IDs asigned (post release) to PHP 5.4.43
  Add CVE IDs asigned to #69085 (PHP 5.4.39)
  5.4.45 next

Conflicts:
configure.in
ext/pcre/php_pcre.c
ext/standard/var_unserializer.c
ext/standard/var_unserializer.re
main/php_version.h

12 files changed:
1  2 
ext/exif/exif.c patch | diff1 | diff2 | blob | history
ext/hash/hash_haval.c patch | diff1 | diff2 | blob | history
ext/pcre/php_pcre.c patch | diff1 | diff2 | blob | history
ext/session/session.c patch | diff1 | diff2 | blob | history
ext/soap/soap.c patch | diff1 | diff2 | blob | history
ext/spl/spl_dllist.c patch | diff1 | diff2 | blob | history
ext/spl/spl_observer.c patch | diff1 | diff2 | blob | history
ext/standard/var.c patch | diff1 | diff2 | blob | history
ext/standard/var_unserializer.c patch | diff1 | diff2 | blob | history
ext/standard/var_unserializer.re patch | diff1 | diff2 | blob | history
ext/xsl/xsltprocessor.c patch | diff1 | diff2 | blob | history
ext/zip/php_zip.c patch | diff1 | diff2 | blob | history

diff --cc ext/exif/exif.c
Simple merge
diff --cc ext/hash/hash_haval.c
Simple merge
diff --cc ext/pcre/php_pcre.c
Simple merge
diff --cc ext/session/session.c
Simple merge
diff --cc ext/soap/soap.c
Simple merge
diff --cc ext/spl/spl_dllist.c
Simple merge
diff --cc ext/spl/spl_observer.c
Simple merge
diff --cc ext/standard/var.c
Simple merge
diff --cc ext/standard/var_unserializer.c
Simple merge
diff --cc ext/standard/var_unserializer.re
Simple merge
diff --cc ext/xsl/xsltprocessor.c
Simple merge
diff --cc ext/zip/php_zip.c
Simple merge
Unnamed repository; edit this file 'description' to name the repository.