Skip to content
Security backports for EOL versions of PHP.
C PHP C++ M4 Shell Objective-C Other
Branch: PHP-5.6-securi…
Clone or download
cmb69 and remicollet Fix #77919: Potential UAF in Phar RSHUTDOWN
We have to properly clean up in case phar_flush() is failing.

We also make the expectation of the respective test case less liberal
to avoid missing such bugs in the future.

(cherry picked from commit cd1101e8c87aa175c2d5e87ddec656e50ef4ab5d)
Latest commit 245e501 Jul 29, 2019
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
TSRM fix HANDLE leak Aug 29, 2016
Zend Fix bug #74603 - use correct buffer size Jul 5, 2017
build Happy new year (Update copyright to 2016) Jan 2, 2016
ext Fix #77919: Potential UAF in Phar RSHUTDOWN Jul 30, 2019
main Fix bug #77630 - safer rename() procedure Mar 6, 2019
netware Happy new year (Update copyright to 2016) Jan 1, 2016
pear Removed safe_mode Apr 26, 2010
sapi Fix for bug #76582 Sep 9, 2018
scripts Happy new year (Update copyright to 2016) Jan 2, 2016
tests backport 9a07245 from 7.0 Jan 11, 2016
travis Merge branch 'PHP-5.5' into PHP-5.6 Oct 19, 2015
win32 Fix potential "expanded command line too long" build errors Apr 30, 2019
.editorconfig Limit editorconfig to C code Sep 5, 2016
.gdbinit The printf modifier for a double is just %f Apr 1, 2013
.gitattributes Merge branch 'PHP-5.4' into PHP-5.5 Jul 20, 2014
.gitignore A picture is worth a thousand message digests Sep 11, 2016
.travis.yml fix the travis build for PHP-5.6 using precise instead of trusty Oct 24, 2017
CODING_STANDARDS
CREDITS Let's pretend this is up-to-date now Apr 22, 2002
EXTENSIONS [ci skip] Set FPM maintainership Feb 24, 2018
INSTALL typo fixes - https://github.com/vlajos/misspell_fixer Nov 23, 2014
LICENSE
Makefile.frag Invoke re2c with --no-generation-date to prevent unintentional / unne… Dec 6, 2012
Makefile.gcov exclude datelib from coverage report as asked by Derick Oct 24, 2015
Makefile.global Align spacing in make install messages Feb 8, 2016
NEWS Fix #77919: Potential UAF in Phar RSHUTDOWN Jul 30, 2019
README.EXT_SKEL Fix English and improve by Stas. Thanks :) Jan 27, 2014
README.GIT-RULES Adjust Git-Rules Jul 29, 2015
README.MAILINGLIST_RULES MFH Jan 17, 2008
README.NEW-OUTPUT-API fix protos, and unintential double-patched content May 31, 2010
README.PARAMETER_PARSING_API Merge branch 'PHP-5.4' into PHP-5.5 Jun 10, 2013
README.REDIST.BINS - update blowfish to 1.2 (Solar Designer) Jul 18, 2011
README.RELEASE_PROCESS Merge branch 'PHP-5.4' into PHP-5.5 Apr 17, 2015
README.SELF-CONTAINED-EXTENSIONS added notes about the PECL site conformity Oct 14, 2013
README.STREAMS Constify streams API and a few other calls down the rabbit hole. Jul 30, 2013
README.SUBMITTING_PATCH Merge branch 'PHP-5.5' into PHP-5.6 Jan 27, 2014
README.TESTING Change automaticaly to automatically Jan 21, 2014
README.TESTING2 typo fixes - https://github.com/vlajos/misspell_fixer Nov 23, 2014
README.UNIX-BUILD-SYSTEM Update documentation for PHP 5. Jul 3, 2003
README.WIN32-BUILD-SYSTEM - if they are outdated/wrong, no need to confuse the users Feb 4, 2010
README.input_filter Merge branch 'PHP-5.3' into PHP-5.4 Mar 20, 2012
README.md Fix typos Apr 4, 2019
README.namespaces drop exec perm on doc files Jun 5, 2014
UPGRADING Disable rsh/ssh functionality in imap by default (bug #77153) Nov 20, 2018
UPGRADING.INTERNALS better heading for UPGRADING.INTERNALS Aug 25, 2014
acinclude.m4 acinclude.m4: fix krb5-config detection and usage in PHP_SETUP_KERBEROS. Nov 26, 2016
buildconf Make "buildconf --force" more robust, per IRC chat. Not backported to… Mar 6, 2012
buildconf.bat MFH: Check if configure script was copied, and output an error if it … Jan 2, 2009
config.guess config.guess: add ppc64le / ppcle support by Anton Blanchard <anton@s… Aug 27, 2014
config.sub Merge branch 'PHP-5.4' into PHP-5.5 Feb 26, 2013
configure.in switch back to 5.6.40 Apr 2, 2019
footer
genfiles make it possible to set the re2c and yacc paths via environment varia… Jun 10, 2015
header Happy new year (Update copyright to 2016) Jan 1, 2016
ltmain.sh - Upgraded bundled libtool to 1.5.26 Nov 23, 2009
makedist
makerpm - Change from PHP5 -> PHP 5 Feb 8, 2004
php.gif change these in HEAD too Mar 7, 2006
php.ini-development SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation st… Apr 2, 2019
php.ini-production SQLite3: add DEFENSIVE config for SQLite >= 3.26.0 as a mitigation st… Apr 2, 2019
php5.spec.in - Renamed all *php4* files to *php5*, changed all php4/PHP4 to php5/PHP5 Jan 17, 2004
run-tests.php Add support for "xfail" to phpt SKIPIF sections Jul 11, 2019
server-tests-config.php typofixes Aug 17, 2014
server-tests.php
snapshot Integration of -ng changes. Changes: Dec 30, 1999
stamp-h.in # Fix ColorResolve bogosity Nov 21, 1999
stub.c Add newline. Recent GCC snapshots segfault, if the input file is comp… Dec 1, 2000
vcsclean Support "git worktree" Aug 10, 2016

README.md

This is a fork of the official PHP repository which receives backport of security fixes from maintained branches.

This branch is PHP version 5.6.40 with security fix.

You can’t perform that action at this time.