# By Pierre Joye
# Via Pierre Joye
* 'PHP-5.4' of https://git.php.net/repository/php-src:
fix#66872, invalid argument crashes gmp_testbit
fix#66872, invalid argument crashes gmp_testbit
add vc12 (2013)
# By Anatol Belski (1) and others
# Via Anatol Belski
* 'PHP-5.5' of git.php.net:php-src:
updated libmagic.patch
Fix indentation
Do not remove *.1, it's not generated by make but configure
# By Dmitry Panin (1) and Remi Collet (1)
# Via Nikita Popov
* 'PHP-5.4' of git.php.net:php-src:
Fix HTML entity table generation
Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
# By Remi Collet (6) and others
# Via Nikita Popov (1) and others
* 'PHP-5.5' of git.php.net:php-src:
Fixed null termination
Updated NEWS for #65545
Add fread(length) method
Fix HTML entity table generation
Fix order in NEWS
Add CVE ref (not known at release time)
Fix NEWS for 5.5.11 fix (really not in 5.5.10)
5.5.10 release date for NEWS
Set default Digest Message to use SHA1 instead of MD5 in openssl tests as MD5 signature are now rejected by newer openssl Version.
NEWS
Fixed Bug #66815 imagecrop(): insufficient fix for NULL defer CVE-2013-7327
This amends commit 8f4a537, which aimed to correct NULL dereference because of
missing check of gdImageCreateTrueColor() / gdImageCreate() return value. That
commit checks for negative crop rectangle width and height, but
gdImageCreate*() can also return NULL when width * height overflows. Hence
NULL deref is still possible, as gdImageSaveAlpha() and gdImagePaletteCopy()
is called before dst == NULL check.
This moves NULL check to happen right after gdImageCreate*(). It also removes
width and height check before gdImageCreate*(), as the same check is done by
image create functions (with an extra warning).
From thoger redhat com
# By Anatol Belski (38) and others
# Via Anatol Belski (23) and others
* 'PHP-5.5' of git.php.net:php-src: (325 commits)
NEWS
NEWS
Fixed Bug #66820 out-of-bounds memory access in fileinfo
Improves fix for memory leak, keep in sync with upstream.
Fixed news for #60602
Updated news for #60602
proc_open(): separate environment values that aren't strings
Fixed NEWS.
Updated news for #66535 and #66109
Updated NEWS for #66535
don't compare constants on run time
substr_compare(): Allow zero length comparison
Fixed test case title
[bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given
Fixed expected output of a few cURL test cases
Allow NULL as value for CURLOPT_CUSTOMREQUEST option.
man page: long option name is --strip, not --stripped
--global have be removed in 5.2
typo spotted by Lajos Veres
update libs_version.txt
...
# By Anatol Belski (22) and others
# Via Derick Rethans (5) and others
* 'PHP-5.4' of git.php.net:php-src: (176 commits)
NEWS
Fixed Bug #66820 out-of-bounds memory access in fileinfo
Improves fix for memory leak, keep in sync with upstream.
Updated news for #60602
proc_open(): separate environment values that aren't strings
Updated NEWS for #66535
Fixed test case title
[bug 66535] X-PHP-Originating-Script adds newline if no custom headers are given
man page: long option name is --strip, not --stripped
--global have be removed in 5.2
NEWS
test for bug #66762
Fixed Bug #66762 Segfault in mysqli_stmt::bind_result() when link closed
fix tests broken by 633f898f15
add news entry
add clear_env option to FPM config
Reduce test noise on cross Oracle client <-> server version tests. This fix is already in PHP 5.6+
Reduce test noise in cross Oracle client <-> server version testing. This change is already in PHP 5.6+
fixed macro
Make sure value is initialized
...
