From: Stanislav Malyshev <stas@php.net>
Date: Mon, 28 Jul 2014 07:37:32 +0000 (-0700)
Subject: Merge branch 'PHP-5.5' into PHP-5.6
X-Git-Tag: php-5.6.0RC3~1^2~11
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c41ca948248219e0c098ece6805726e0f59be54f;p=php

Merge branch 'PHP-5.5' into PHP-5.6

* PHP-5.5:
  Fix missing type checks in various functions

Conflicts:
	ext/openssl/openssl.c
---

c41ca948248219e0c098ece6805726e0f59be54f
diff --cc NEWS
index 122e05ec1c,ec794468eb..abaeaba4e7
--- a/NEWS
+++ b/NEWS
@@@ -12,7 -39,9 +12,10 @@@ PH
      (Laruence, Dmitry)
    . Implemented FR #34407 (ucwords and Title Case). (Tjerk)
  
++- COM:
++  . Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas).
++
  - CLI server:
 -  . Implemented FR #67429 (CLI server is missing some new HTTP response codes).
 -    (Adam)
    . Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
      (Adam)
    . Fixed bug #67594 (Unable to access to apache_request_headers() elements).
@@@ -29,24 -57,26 +32,26 @@@
    . Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
      (Stas)
  
 -- OPCache:
 -  . Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault
 -    happen) (Dmitry, Laruence)
 -
  - pgsql:
 -  . Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756),
 -    which affected builds against libpq < 7.3. (Adam)
 +  . Fixed bug #67555 (Cannot build against libpq 7.3). (Adam)
 +
 +- OpenSSL:
++  . Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
 +  . Fixed bug #67609 (TLS connections fail behind HTTP proxy). (Daniel Lowrey)
 +  . Fixed broken build against OpenSSL older than 0.9.8 where ECDH unavailable.
 +    (Lior Kaplan)
 +  . Fixed bug #67666 (Subject altNames doesn't support wildcard matching). (Tjerk)
  
  - Phar:
    . Fixed bug #67587 (Redirection loop on nginx with FPM). (Christian Weiske)
  
  - SPL:
    . Fixed bug #67539 (ArrayIterator use-after-free due to object change during 
 -    sorting). (CVE-2014-4698) (research at insighti dot org, Laruence)
 +    sorting). (research at insighti dot org, Laruence)
    . Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) (Laruence)
  
 -- Streams:
 -  . Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects). (Adam)
 -
  - Session:
++  . Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).
    . Fixed bug #66827 (Session raises E_NOTICE when session name variable is array).
      (Yasuo)