diff options
| author | Stanislav Malyshev <stas@php.net> | 2015-08-04 16:14:24 -0700 |
|---|---|---|
| committer | Stanislav Malyshev <stas@php.net> | 2015-08-04 16:14:24 -0700 |
| commit | 97047e7665368d0cf30501f7a4b6a124de25957b (patch) | |
| tree | c3ed6c3e67c935d6cd0e782695437c9ab9ded5d4 /.gitignore | |
| parent | 668ecaa606b3203311b3329fcbd49b59f715e1e4 (diff) | |
| parent | ed709d5aa01375beb7e0b408c4027bbb9cfb52b6 (diff) | |
| download | php-git-97047e7665368d0cf30501f7a4b6a124de25957b.tar.gz | |
Merge branch 'PHP-5.6'
* PHP-5.6:
update NEWS
fix test
update NEWS
Fix bug #70019 - limit extracted files to given directory
Do not do convert_to_* on unserialize, it messes up references
Fix #69793 - limit what we accept when unserializing exception
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList)
Fixed bug #70166 - Use After Free Vulnerability in unserialize() with SPLArrayObject
ignore signatures for packages too
Fix bug #70168 - Use After Free Vulnerability in unserialize() with SplObjectStorage
Fixed bug #69892
Fix bug #70014 - use RAND_bytes instead of deprecated RAND_pseudo_bytes
Improved fix for Bug #69441
Fix bug #70068 (Dangling pointer in the unserialization of ArrayObject items)
Fix bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref)
Fix bug #70081: check types for SOAP variables
Conflicts:
Zend/zend_exceptions.c
ext/date/php_date.c
ext/openssl/openssl.c
ext/phar/phar_internal.h
ext/soap/php_http.c
ext/spl/spl_array.c
ext/spl/spl_dllist.c
ext/spl/spl_observer.c
ext/standard/tests/serialize/bug69152.phpt
sapi/cli/tests/005.phpt
Diffstat (limited to '.gitignore')
| -rw-r--r-- | .gitignore | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore index 5f267911a0..4e5cfa7c60 100644 --- a/.gitignore +++ b/.gitignore @@ -21,6 +21,9 @@ *.tar.gz *.tar.bz2 *.tar.xz +*.tar.gz.asc +*.tar.bz2.asc +*.tar.xz.asc .FBCIndex .FBCLockFolder .deps |