]> granicus.if.org Git - php/commitdiff
projects / php / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | combined (merge: d002037 2a65544)
Merge branch 'PHP-7.0.8' into PHP-7.0
authorStanislav Malyshev <stas@php.net>
Tue, 21 Jun 2016 07:25:49 +0000 (00:25 -0700)
committerStanislav Malyshev <stas@php.net>
Tue, 21 Jun 2016 07:25:49 +0000 (00:25 -0700)
* PHP-7.0.8:
  iFixed bug #72446 - Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
  update NEWS
  fix tests
  fix build
  Fix bug #72455:  Heap Overflow due to integer overflows
  Fix bug #72434: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fixed ##72433: Use After Free Vulnerability in PHP's GC algorithm and unserialize
  Fix bug #72407: NULL Pointer Dereference at _gdScaleVert
  Fix bug #72402: _php_mb_regex_ereg_replace_exec - double free
  Fix bug #72298 pass2_no_dither out-of-bounds access
  Fixed #72339 Integer Overflow in _gd2GetHeader() resulting in heap overflow
  Fix bug #72262 - do not overflow int
  Fix bug #72400 and #72403 - prevent signed int overflows for string lengths
  Fix bug #72275: don't allow smart_str to overflow int
  Fix bug #72340: Double Free Courruption in wddx_deserialize
  Fix bug #72321 - use efree() for emalloc allocation
  5.6.23RC1
  fix NEWS
  set versions

Conflicts:
configure.in
main/php_version.h

1  2 
ext/gd/libgd/gd.c patch | diff1 | diff2 | blob | history
ext/mbstring/php_mbregex.c patch | diff1 | diff2 | blob | history

diff --cc ext/gd/libgd/gd.c
Simple merge
diff --cc ext/mbstring/php_mbregex.c
Simple merge
Unnamed repository; edit this file 'description' to name the repository.