]>
granicus.if.org Git - php/log
Stanislav Malyshev [Wed, 11 Jun 2014 06:17:30 +0000 (23:17 -0700)]
Fix bug #66127 (Segmentation fault with ArrayObject unset)
Stanislav Malyshev [Wed, 11 Jun 2014 04:17:37 +0000 (21:17 -0700)]
5.4.30 rc1
Remi Collet [Tue, 10 Jun 2014 12:35:14 +0000 (14:35 +0200)]
NEWS
Remi Collet [Tue, 10 Jun 2014 12:33:37 +0000 (14:33 +0200)]
Fixed Bug #67413 fileinfo: cdf_read_property_info insufficient boundary chec
Upstream:
https://github.com/file/file/commit/
93e063ee374b6a75729df9e7201fb511e47e259d
Adapted for C standard.
Remi Collet [Tue, 10 Jun 2014 12:23:31 +0000 (14:23 +0200)]
NEWS
Remi Collet [Tue, 10 Jun 2014 12:22:04 +0000 (14:22 +0200)]
Bug #67412 fileinfo: cdf_count_chain insufficient boundary check
Upstream:
https://github.com/file/file/commit/
40bade80cbe2af1d0b2cd0420cebd5d5905a2382
Remi Collet [Tue, 10 Jun 2014 12:16:00 +0000 (14:16 +0200)]
NEWS
Remi Collet [Tue, 10 Jun 2014 12:13:14 +0000 (14:13 +0200)]
Fixed Bug #67411 fileinfo: cdf_check_stream_offset insufficient boundary check
Upstream:
https://github.com/file/file/commit/
36fadd29849b8087af9f4586f89dbf74ea45be67
Remi Collet [Tue, 10 Jun 2014 12:04:27 +0000 (14:04 +0200)]
NEWS
Remi Collet [Tue, 10 Jun 2014 12:02:36 +0000 (14:02 +0200)]
Fixed Bug #67410 fileinfo: mconvert incorrect handling of truncated pascal string size
Upstream
https://github.com/file/file/commit/
27a14bc7ba285a0a5ebfdb55e54001aa11932b08
Remi Collet [Tue, 10 Jun 2014 08:31:17 +0000 (10:31 +0200)]
NEWS
Remi Collet [Tue, 10 Jun 2014 08:28:34 +0000 (10:28 +0200)]
Fixed bug #67406 built-in web-server segfaults on startup
Reproduce on aarch64.
From select man page:
"select() may update the timeout argument to indicate how much time was left."
So "const" is not ok.
Stanislav Malyshev [Mon, 9 Jun 2014 06:00:38 +0000 (23:00 -0700)]
Fixed bug #67399 (putenv with empty variable may lead to crash)
Matteo Beccati [Wed, 4 Jun 2014 11:26:24 +0000 (13:26 +0200)]
Fixed DOM tests when using libxml2 versions patched against CVE-2014-0191
DOMDocument::substituteEntities needs to be set to true in order for
external entities to be parsed.
Stanislav Malyshev [Mon, 9 Jun 2014 02:38:07 +0000 (19:38 -0700)]
add news
Boro Sitnikovski [Thu, 26 Sep 2013 00:03:48 +0000 (02:03 +0200)]
Bug 49898
__getCookies() method implementation
Stanislav Malyshev [Mon, 9 Jun 2014 02:03:50 +0000 (19:03 -0700)]
fix order
Levi Morrison [Tue, 13 May 2014 03:53:08 +0000 (21:53 -0600)]
Fix bug 666222
This also adds some smaller, isolated tests related to bug 66622.
Conflicts:
Zend/zend_vm_def.h
Zend/zend_vm_execute.h
Jefersson Nathan [Tue, 23 Apr 2013 11:24:15 +0000 (08:24 -0300)]
Fixed identation on file
Jefersson Nathan [Mon, 12 May 2014 16:37:47 +0000 (13:37 -0300)]
Fix align indentation
Paul Oehler [Tue, 13 May 2014 17:38:25 +0000 (13:38 -0400)]
Added support for parsing ssl certificates using GeneralizedTime format.
fix bug #65698
fix bug #66636
Jeff Welch [Sun, 8 Jun 2014 08:09:14 +0000 (04:09 -0400)]
Remove superfluous echos.
Remi Collet [Fri, 6 Jun 2014 12:17:54 +0000 (14:17 +0200)]
NEWS
Remi Collet [Fri, 6 Jun 2014 12:16:04 +0000 (14:16 +0200)]
Fix bug #67390 insecure temporary file use in the configure script
Remi Collet [Thu, 5 Jun 2014 15:45:22 +0000 (17:45 +0200)]
drop exec perm on doc files
Remi Collet [Thu, 5 Jun 2014 15:33:40 +0000 (17:33 +0200)]
fix test for 5.4/5.5
Remi Collet [Thu, 5 Jun 2014 12:00:00 +0000 (14:00 +0200)]
add test for previous fix
Remi Collet [Thu, 5 Jun 2014 11:45:25 +0000 (13:45 +0200)]
NEWS
Remi Collet [Thu, 5 Jun 2014 11:39:46 +0000 (13:39 +0200)]
Fix regression introduce in fix for bug #67118
The fix was correct but break some code (at least in Horde)
This is a temporary workaround to fix regressioni in 5.4, 5.5 and 5.6
This make php_date_initialize more consistent
- on success return 1 + time initiliazed
- on failure return 0 + time = zero
which is check by DATE_CHECK_INITIALIZED by later method call
Will restore consistency with other date classes in master.
Stanislav Malyshev [Wed, 4 Jun 2014 08:09:37 +0000 (01:09 -0700)]
update NEWS
Anatol Belski [Tue, 3 Jun 2014 18:43:58 +0000 (20:43 +0200)]
Fixed regression introduced by patch for bug #67072
This applies to 5.4 and 5.5 only as a legacy fix.
Remi Collet [Tue, 3 Jun 2014 09:28:07 +0000 (11:28 +0200)]
(re)add cve number in NEWS, from 5.4.29
Remi Collet [Tue, 3 Jun 2014 09:08:46 +0000 (11:08 +0200)]
NEWS
Remi Collet [Tue, 3 Jun 2014 09:05:00 +0000 (11:05 +0200)]
Fix bug #67326 fileinfo: cdf_read_short_sector insufficient boundary check
Upstream fix https://github.com/file/file/commit/
6d209c1c489457397a5763bca4b28e43aac90391 .patch
Only revelant part applied
Xinchen Hui [Sun, 1 Jun 2014 11:41:01 +0000 (19:41 +0800)]
Fixed bug #67359 (Segfault in recursiveDirectoryIterator)
Adam Harvey [Thu, 29 May 2014 17:49:32 +0000 (17:49 +0000)]
Check for zero-length keys in spl_array_skip_protected and don't skip them.
Fixes bug #67360 (Missing element after ArrayObject::getIterator).
Anatol Belski [Tue, 27 May 2014 20:36:12 +0000 (22:36 +0200)]
updated libmagic.patch for 5.4+
Stanislav Malyshev [Tue, 27 May 2014 18:26:24 +0000 (11:26 -0700)]
update NEWS
Stanislav Malyshev [Mon, 12 May 2014 01:44:14 +0000 (18:44 -0700)]
Fix bug #67249: printf out-of-bounds read
Matteo Beccati [Tue, 27 May 2014 09:54:34 +0000 (11:54 +0200)]
Escape non-printable characters in the junit XML output
XML doesn't allow most of the characters < 0x20 and binary output
breaks XML parsers. Such characters are not allowed as entities
either, so the generated entities are escaped in order to be printed
as text.
Matteo Beccati [Tue, 27 May 2014 09:04:48 +0000 (11:04 +0200)]
Fixed broken XML junit output due to escaping of CDATA sections
I've removed CDATA and used htmlspecialchars as the output might not be UTF-8 safe, as pointed out by ircmaxell in
26b37f1792dfaf9b0b30f81e492c8f68b9ece571
Anatol Belski [Thu, 24 Apr 2014 17:50:23 +0000 (19:50 +0200)]
backport this piece from 5.6, related to the #66307 fix
Anatol Belski [Thu, 24 Apr 2014 17:30:34 +0000 (19:30 +0200)]
Fixed bug #66307 Fileinfo crashes with powerpoint files
Stanislav Malyshev [Tue, 27 May 2014 00:50:14 +0000 (17:50 -0700)]
Fix bug #67328 (fileinfo: numerous file_printf calls resulting in performance degradation)
Upstream patch: https://github.com/file/file/commit/
b8acc83781d5a24cc5101e525d15efe0482c280d
Stanislav Malyshev [Tue, 27 May 2014 00:42:18 +0000 (17:42 -0700)]
Fix bug #67327: fileinfo: CDF infinite loop in nelements DoS
Upstream fix: https://github.com/file/file/commit/
f97486ef5dc3e8735440edc4fc8808c63e1a3ef0
Matteo Beccati [Sat, 24 May 2014 22:07:52 +0000 (00:07 +0200)]
Fix broken Junit output with --disable-cgi
Adam Harvey [Fri, 23 May 2014 15:07:19 +0000 (15:07 +0000)]
Fix broken test caused by
fdb2709 .
Adam Harvey [Thu, 22 May 2014 22:36:55 +0000 (22:36 +0000)]
Fix run-tests.php with Valgrind >= 3.10.0.
The version test that we had in run-tests.php assumed that the major and minor
version numbers were always single digits. This removes that assumption and
also uses version_compare() for the comparison instead of naively converting it
to an integer.
Adam Harvey [Wed, 21 May 2014 19:55:09 +0000 (14:55 -0500)]
Add microseconds to the serialised form of DateTime objects.
Fixes bug #67308 (Serialize of DateTime truncates fractions of second).
Matteo Beccati [Wed, 21 May 2014 16:58:14 +0000 (18:58 +0200)]
Improved test for bug #62479
Stanislav Malyshev [Mon, 19 May 2014 06:43:59 +0000 (23:43 -0700)]
Merge branch 'PHP-5.3' into PHP-5.4
* PHP-5.3:
fix typo in ODBC code
Fix bug #67060: use default mode of 660
Conflicts:
ext/odbc/php_odbc.c
Stanislav Malyshev [Mon, 19 May 2014 06:42:30 +0000 (23:42 -0700)]
fix typo in ODBC code
Stanislav Malyshev [Wed, 14 May 2014 05:20:15 +0000 (22:20 -0700)]
5.4.30 next
Stanislav Malyshev [Wed, 14 May 2014 00:07:35 +0000 (17:07 -0700)]
update NEWS
Stanislav Malyshev [Tue, 13 May 2014 23:52:17 +0000 (16:52 -0700)]
Merge branch 'bug67251' into PHP-5.4
* bug67251:
Fix bug #67251 - date_parse_from_format out-of-bounds read
Conflicts:
ext/date/lib/parse_date.c
Stanislav Malyshev [Tue, 13 May 2014 23:44:24 +0000 (16:44 -0700)]
Merge branch 'bug67252' into PHP-5.4
* bug67252:
fix bug #67253: timelib_meridian_with_check out-of-bounds read
Fix bug #67252: convert_uudecode out-of-bounds read
Stanislav Malyshev [Tue, 13 May 2014 23:42:23 +0000 (16:42 -0700)]
Merge branch 'bug67250' into PHP-5.4
* bug67250:
Fix bug #67250 (iptcparse out-of-bounds read)
Derick Rethans [Tue, 13 May 2014 15:36:58 +0000 (16:36 +0100)]
- Updated to version 2014.3 (2014c)
Stanislav Malyshev [Mon, 12 May 2014 17:53:45 +0000 (10:53 -0700)]
fix test - output can be chunked
Stanislav Malyshev [Tue, 15 Apr 2014 17:43:24 +0000 (10:43 -0700)]
Fix bug #67060: use default mode of 660
Stanislav Malyshev [Mon, 12 May 2014 04:09:11 +0000 (21:09 -0700)]
fix bug #67253: timelib_meridian_with_check out-of-bounds read
Stanislav Malyshev [Mon, 12 May 2014 03:29:27 +0000 (20:29 -0700)]
Fix bug #67252: convert_uudecode out-of-bounds read
Stanislav Malyshev [Mon, 12 May 2014 02:34:21 +0000 (19:34 -0700)]
Fix bug #67251 - date_parse_from_format out-of-bounds read
Stanislav Malyshev [Mon, 12 May 2014 02:09:19 +0000 (19:09 -0700)]
Fix bug #67250 (iptcparse out-of-bounds read)
Stanislav Malyshev [Mon, 12 May 2014 00:54:27 +0000 (17:54 -0700)]
Fix bug #67247 spl_fixedarray_resize integer overflow
Stanislav Malyshev [Mon, 12 May 2014 00:43:28 +0000 (17:43 -0700)]
fix news
Bob Weinand [Sun, 11 May 2014 13:13:40 +0000 (15:13 +0200)]
Updated NEWS
Bob Weinand [Sun, 11 May 2014 13:11:03 +0000 (15:11 +0200)]
Fix Linux specific fail in error traces (cherry-picked and fix for bug #67245)
Linux apparently does not like memcpy in overlapping regions...
Felipe Pena [Sun, 11 May 2014 12:45:17 +0000 (09:45 -0300)]
- Fixed off-by-one in phar_build (patch by crrodriguez at opensuse dot org)
Felipe Pena [Sat, 10 May 2014 14:55:42 +0000 (11:55 -0300)]
- Move checking
Felipe Pena [Sat, 10 May 2014 14:53:40 +0000 (11:53 -0300)]
- Fixed missing NULL check in SimpleXMLElement::xpath()
Felipe Pena [Sat, 10 May 2014 14:39:08 +0000 (11:39 -0300)]
- Fixed missing NULL check
Stanislav Malyshev [Thu, 8 May 2014 08:59:39 +0000 (01:59 -0700)]
oops, 5.4 and 5.5 use malloc in TSRM
Stanislav Malyshev [Wed, 7 May 2014 20:28:03 +0000 (13:28 -0700)]
Fix memory leak in TSRM
Dmitry Stogov [Thu, 10 Apr 2014 08:14:11 +0000 (12:14 +0400)]
Fixed test (it requires ext/hash)
Dmitry Stogov [Fri, 11 Apr 2014 08:43:35 +0000 (12:43 +0400)]
Fixed tests (they might fail from time to time because of session GC)
Adam Harvey [Fri, 2 May 2014 17:23:09 +0000 (10:23 -0700)]
Fix author name on the #63228 patch.
Adam Harvey [Thu, 1 May 2014 18:21:34 +0000 (11:21 -0700)]
Use the right path for the suggested PHP invocation in ext_skel.
Fixes bug #67160 (ext_skel outputs incorrect information).
Ferenc Kovacs [Thu, 1 May 2014 08:50:08 +0000 (10:50 +0200)]
add missing NEWS entry to the correct release where it was added
Stanislav Malyshev [Tue, 15 Apr 2014 17:43:24 +0000 (10:43 -0700)]
Fix bug #67060: use default mode of 660
Anatol Belski [Tue, 29 Apr 2014 11:40:44 +0000 (13:40 +0200)]
Fixed bug #66431 Special Character via COM Interface (CP_UTF8)
Popa Adrian Marius [Mon, 28 Apr 2014 09:13:11 +0000 (12:13 +0300)]
Merge branch 'PHP-5.3' into PHP-5.4
* PHP-5.3:
Cleanup ZEND_MODULE_API_NO =>
20050922
Popa Adrian Marius [Mon, 28 Apr 2014 09:12:52 +0000 (12:12 +0300)]
Cleanup ZEND_MODULE_API_NO =>
20050922
Anatol Belski [Fri, 25 Apr 2014 15:39:53 +0000 (17:39 +0200)]
fixed test
Anatol Belski [Fri, 25 Apr 2014 15:23:26 +0000 (17:23 +0200)]
Fixed bug #67118 DateTime constructor crash with invalid data
Stanislav Malyshev [Fri, 25 Apr 2014 06:58:38 +0000 (23:58 -0700)]
add a test case previously broken by a bad fix
Stanislav Malyshev [Fri, 25 Apr 2014 06:49:52 +0000 (23:49 -0700)]
Revert "Fixed bug #64604"
This reverts commit
b05c088a3abf8e4c6fb6e40418423a9e2dd3d929 .
Breaks parsing urls where query has : in it, like: /foo/bar?baz=goo:boo
Anatol Belski [Thu, 24 Apr 2014 08:51:42 +0000 (10:51 +0200)]
fix dll export
Jakub Zelenka [Mon, 21 Apr 2014 12:02:20 +0000 (13:02 +0100)]
Fix accepting ill-formed UTF-8 characters
Conflicts:
ext/phar/phar_path_check.c
Danack [Thu, 13 Feb 2014 14:48:51 +0000 (14:48 +0000)]
Allow valid multi-byte utf-8 characters to be allowed as file names in phar archives.
Rouven Weßling [Mon, 24 Feb 2014 13:45:42 +0000 (14:45 +0100)]
Fix a compiler warning in php_rand.h
Julio Pintos [Fri, 14 Mar 2014 19:47:30 +0000 (16:47 -0300)]
Fix #66908: php-fpm reload leaks epoll_create() file descriptor
This patch fixes descriptor leak which could lead to DoS once Max open files is reached
Boro Sitnikovski [Mon, 14 Apr 2014 08:02:11 +0000 (10:02 +0200)]
Fix bug #65701: Do not use cache for file file copy
Anatol Belski [Fri, 18 Apr 2014 13:43:05 +0000 (15:43 +0200)]
UPGRADING note about bug #67072
Anatol Belski [Fri, 18 Apr 2014 13:13:32 +0000 (15:13 +0200)]
Improved the fix for bug #67072, thanks Nikita
Levi Morrison [Thu, 17 Apr 2014 14:46:38 +0000 (08:46 -0600)]
These links to ~helly don't work anymore.
Anatol Belski [Thu, 17 Apr 2014 08:48:14 +0000 (10:48 +0200)]
Fixed bug #67072 Echoing unserialized "SplFileObject" crash
The actual issue lays in the unserializer code which doesn't honor
the unserialize callback. By contrast, the serialize callback is
respected. This leads to the situation that even if a class has
disabled the serialization explicitly, user could still construct
a vulnerable string which would result bad things when trying
to unserialize.
This conserns also the classes implementing Serializable as well
as some core classes disabling serialize/unserialize callbacks
explicitly (PDO, SimpleXML, SplFileInfo and co). As of now, the
flow is first to call the unserialize callback (if available),
then call __wakeup. If the unserialize callback returns with no
success, no object is instantiated. This makes the scheme used
by internal classes effective, to disable unserialize just assign
zend_class_unserialize_deny as callback.
Anatol Belski [Wed, 16 Apr 2014 13:06:57 +0000 (15:06 +0200)]
correct the bug #67081 fix
Anatol Belski [Wed, 16 Apr 2014 12:13:45 +0000 (14:13 +0200)]
Fixed bug #67081 DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset
Stanislav Malyshev [Tue, 15 Apr 2014 23:51:38 +0000 (16:51 -0700)]
5.4.29 is next