summaryrefslogtreecommitdiff
AgeCommit message (Expand)AuthorFilesLines
2012-02-10Fix regression in CVE-2012-0831 (LP#930115)debian/5.3.3-7+squeeze8Ondřej Surý1-5/+50
2012-02-10prepare 5.3.3-7+squeeze8 releaseOndřej Surý1-2/+25
2012-02-10CVE-2011-1072,CVE-2011-1144: symlink tmp races in pear installOndřej Surý4-0/+892
2012-02-10CVE-2012-0831: magic_quotes_gpc remote disable vulnerability (NOTE: magic_quo...Ondřej Surý2-0/+63
2012-02-10CVE-2012-0788: PDORow session denial of serviceOndřej Surý2-0/+42
2012-02-10CVE-2011-3267: DoS in errorlog() when passed NULLOndřej Surý1-0/+23
2012-02-10CVE-2011-3182: DoS due to failure to check for memory allocation errorsOndřej Surý2-0/+197
2012-02-10CVE-2011-1657: DoS in zip handling due to addGlob() crashing on invalid flagsOndřej Surý2-0/+63
2012-02-10CVE-2011-1470: denial of service through application crash when handling zipa...Ondřej Surý2-0/+67
2012-02-10CVE-2011-1469: improve pointer handling to fix denial of service through appl...Ondřej Surý2-0/+122
2012-02-10CVE-2011-1468: fix memory leak of openssl contextsOndřej Surý2-0/+94
2012-02-10CVE-2011-1467: check for invalid attribute symbols in NumberFormatter::setSym...Ondřej Surý2-0/+55
2012-02-10CVE-2011-1464: limit amount of precision to ensure fitting within MAX_BUF_SIZEOndřej Surý2-0/+674
2012-02-10CVE-2011-1148: improve reference countingOndřej Surý2-0/+196
2012-02-10CVE-2011-1092: denial of service and possible data disclosure through integer...Ondřej Surý2-0/+20
2012-02-10CVE-2010-4697: use-after-free vulnerabilityOndřej Surý2-0/+91
2012-02-09prepare 5.3.3-7+squeeze8 releaseOndřej Surý1-0/+10
2012-02-09CVE-2011-4153: Fix PHP 5 does not always check the return value of the zend_s...Ondřej Surý2-0/+50
2012-02-09CVE-2012-0781: Fix for Tidy::diagnose() NULL pointer dereferenceOndřej Surý2-0/+28
2012-02-03Deprecated error should use E_DEPRECATED and not E_WARNING (Closes: #632838)Ondřej Surý2-0/+12
2012-02-03prepare 5.3.3-7+squeeze7 releaseOndřej Surý1-1/+2
2012-02-02prepare 5.3.3-7+squeeze7 releasedebian/5.3.3-7+squeeze7Ondřej Surý1-0/+6
2012-02-02Fix UMR in php_register_variable_ex (remote exploit)Ondřej Surý2-0/+42
2012-01-31prepare 5.3.3-7+squeeze6 releasedebian/5.3.3-7+squeeze6Ondřej Surý1-0/+6
2012-01-31Pull complete fix for CVE-2012-0057Ondřej Surý1-14/+213
2012-01-23prepare 5.3.3-7+squeeze5 releasedebian/5.3.3-7+squeeze5Ondřej Surý1-0/+11
2012-01-23Sync NEWS headers with changelog headersOndřej Surý1-2/+2
2012-01-23CVE-2012-0057: XSLT file writing vulnerability (Closes: #656308)Ondřej Surý3-2/+145
2012-01-23Fix CVE-2011-4885: hash table collisions CPU usage DoS (oCERT-2011-003)Ondřej Surý3-0/+90
2012-01-23Fix CVE-2011-4566: integer overflow in exif_process_IFD_TAG() may lead to DoS...Ondřej Surý2-0/+42
2012-01-23Refresh patches to apply cleanlyOndřej Surý43-297/+190
2011-08-08Add Conflicts/Provides: php5-idn to php5-intl (Closes: #637057)Ondřej Surý1-0/+2
2011-07-04prepare 5.3.3-7+squeeze4 releasedebian/5.3.3-7+squeeze4Ondřej Surý1-0/+17
2011-07-04Fix CVE-2011-1938: Stack-based buffer overflow in the socket_connect function...Ondřej Surý2-0/+15
2011-07-04Add NEWS item about incompatible blowfish hashesOndřej Surý1-0/+12
2011-07-04Return fail string on invalid Blowfish salt roundsOndřej Surý2-36/+2
2011-07-04Add support for x$ identifier to php crypt.cOndřej Surý1-0/+11
2011-07-04Fix CVE-2011-2483: 8-bit character mishandling in crypt_blowfish.c allows dif...Ondřej Surý2-0/+154
2011-07-04Fix regression when the salt is empty (Closes: #623220)Ondřej Surý1-30/+35
2011-06-28prepare 5.3.3-7+squeeze3 releasedebian/5.3.3-7+squeeze3Ondřej Surý1-4/+9
2011-06-15Refresh CVE-2011-2202 patchOndřej Surý1-2/+2
2011-06-15prepare 5.3.3-7+squeeze2 releasedebian/5.3.6-12Ondřej Surý1-1/+4
2011-06-15File path injection vulnerability in RFC1867 File upload filename [CVE-2011-2...Ondřej Surý2-0/+21
2011-06-14Update gbp.conf for debian-squeeze branchOndřej Surý1-2/+2
2011-05-14prepare 5.3.3-7+squeeze2 releasedebian/5.3.3-7+squeeze2Ondřej Surý1-1/+1
2011-05-14Add back CVE-2011-1467.patchOndřej Surý1-0/+1
2011-05-14prepare 5.3.3-7+squeeze2 releaseOndřej Surý1-0/+15
2011-05-14Fix a NULL pointer dereference in grapheme_extract function (CVE-2011-0420)Ondřej Surý2-0/+32
2011-05-14Fix for integer signedness error in zip_stream.c (CVE-2011-1471)Ondřej Surý2-0/+35
2011-05-14Fix incorrect cast on 64-bit platforms in exif.c (CVE-2011-0708)Ondřej Surý2-0/+78
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-28 17:12:45 +0000