-
-
* PHP-5.6.19: update NEWS Fix bug #71498: Out-of-Bound Read in phar_parse_zipfile() fix ts buld prep for 5.6.19RC1 Fixed bug #71587 - Use-After-Free / Double-Free in WDDX Deserialize
-
-
* PHP-5.5: Upgrade bundled PCRE to 8.38 Fixed NEWS file entry fix the fix for bug #70976 (imagerotate)
-
-
Fixes bug #71449, bug #71450
-
* PHP-5.5: Update NEWS Improve fix for bug #70976 Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization) Fixed bug #70741: Session WDDX Packet Deserialization Type Confusion Vulnerability Fixed #70728 Fixed bug #70755: fpm_log.c memory leak and buffer overflow Fix bug #70976: fix boundary check on gdImageRotateInterpolated typofix
-
-
โฆlization)
-
โฆVulnerability
-
* PHP-5.5: Fix bug #69737 - Segfault when SplMinHeap::compare produces fatal error
-
-
* PHP-5.5: Fix #48147 - implement manual handling of //IGNORE for broken libc
-
Conflicts: ext/iconv/iconv.c
-
* PHP-5.5: (27 commits) fix non-standard C update NEWS 5.4.41 next fix CVE num update NEWS Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode) fix test fix type in fix for #69085 fix memory leak & add test Fix tests fix CVE num Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability) Fix test Additional fix for bug #69324 More fixes for bug #69152 Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions) Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar) Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER) Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4) Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault) ... Conflicts: ext/standard/http_fopen_wrapper.c
-
-
* PHP-5.5: Fix bug #66550 (SQLite prepared statement use-after-free)
-
* PHP-5.4: Fix bug #66550 (SQLite prepared statement use-after-free)