Commit: 2b9f5ac2525118bab372d5fc66eb19cabc46f483 Author: Stanislav Malyshev <s...@php.net> Tue, 13 Aug 2013 22:24:57 -0700 Parents: f3d18add089113a032d785169a6859c8719db307 7f69f07fc18f750843e756668a1a8a9178cdef97 Branches: PHP-5.5 master
Link: http://git.php.net/?p=php-src.git;a=commitdiff;h=2b9f5ac2525118bab372d5fc66eb19cabc46f483 Log: Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: Fix CVE-2013-4073 - handling of certs with null bytes Fix CVE-2013-4073 - handling of certs with null bytes Changed paths: MM NEWS MM ext/openssl/openssl.c Diff: diff --cc NEWS index c64908d,4b75071..bc79c14 --- a/NEWS +++ b/NEWS @@@ -21,37 -24,6 +21,41 @@@ PH (Yasuo) . Changed session.auto_start to PHP_INI_PERDIR. (Yasuo) +- Pgsql: + . Fixed bug #62978 (Disallow possible SQL injections with pg_select()/pg_update() + /pg_delete()/pg_insert()). (Yasuo) + +?? ??? 2013, PHP 5.5.2 + +- Core: + . Fixed bug #65372 (Segfault in gc_zval_possible_root when return reference + fails). (Laruence) + . Fixed value of FILTER_SANITIZE_FULL_SPECIAL_CHARS constant (previously was + erroneously set to FILTER_SANITIZE_SPECIAL_CHARS value). (Andrey + avp200681 gmail com). + . Fixed bug #65304 (Use of max int in array_sum). (Laruence) + . Fixed bug #65291 (get_defined_constants() causes PHP to crash in a very + limited case). (Arpad) + +- OPcache: + . Added opcache.restrict_api configuration directive that may limit + usage of OPcahce API functions only to patricular script(s). (Dmitry) + . Added support for glob symbols in blacklist entries (?, *, **). + (Terry Elison, Dmitry) + . Fixed bug #65338 (Enabling both php_opcache and php_wincache AVs on + shutdown). (Dmitry) + ++- Openssl: ++ . Fixed handling null bytes in subjectAltName (CVE-2013-4073). ++ (Christian Heimes) ++ +- PDO_mysql: + . Fixed bug #65299 (pdo mysql parsing errors). (Johannes) + +- Phar: + . Fixed bug #65028 (Phar::buildFromDirectory creates corrupt archives for + some specific contents). (Stas) + - SOAP: . Fixed bug #65018 (SoapHeader problems with SoapServer). (Dmitry) -- PHP CVS Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php