-
Wed Jul 10 2019 Remi Collet <rcollet@redhat.com> - 7.1.30-1
- rebase to 7.1.30 #1631672
-
Tue Aug 08 2017 Remi Collet <rcollet@redhat.com> - 7.1.8-1
- rebase to 7.1.8 #1465319
- drop upstream oniguruma patch
-
Thu Jun 08 2017 Remi Collet <rcollet@redhat.com> - 7.1.6-1
- rebase to 7.1.6
-
Fri Jun 02 2017 Remi Collet <rcollet@redhat.com> - 7.1.5-2
- fix License, timelib is MIT
- add upstream security patches for oniguruma CVE-2017-9224,
CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229
-
Thu Jun 01 2017 Remi Collet <rcollet@redhat.com> - 7.1.5-1
- update to 7.1.5 for rh-php71 in rhscl 3.0
-
Wed Nov 02 2016 Remi Collet <rcollet@redhat.com> - 7.0.10-2
- fix definition of php_* macros #1390885
-
Tue Sep 06 2016 Remi Collet <rcollet@redhat.com> - 7.0.10-1
- rebase to 7.0.10 #1365397
- fix default include_path
-
Thu Jul 21 2016 Remi Collet <rcollet@redhat.com> - 7.0.9-1
- update to 7.0.9 for RHSCL 2.3
-
Mon Feb 15 2016 Remi Collet <rcollet@redhat.com> - 5.6.5-8
- Phar: fix segmentation fault in Phar::convertToData on
invalid file CVE-2015-5589
- Phar: fix buffer overflow and stack smashing error in
phar_fix_filepath CVE-2015-5590
- Phar: fix files from archive can be extracted outside of
destination directory using phar CVE-2015-6833
- Phar: NULL pointer dereference in phar_get_fp_offset()
CVE-2015-7803
- Phar: uninitialized pointer in phar_make_dirstream()
CVE-2015-7804
- Xslt: fix NULL pointer dereference in XSLTProcessor class
CVE-2015-6837 CVE-2015-6838
- Core: fix use-after-free vulnerability in session
deserializer CVE-2015-6835
- Core: fix multiple unserialization use-after-free issues
CVE-2015-6834
- Spl: fix dangling pointer in the unserialization of
ArrayObject items CVE-2015-6832
- Spl: fix Use After Free Vulnerability in unserialize()
CVE-2015-6831
- Soap: fix type confusion in SOAP serialize_function_call()
CVE-2015-6836
-
Wed Jun 10 2015 Remi Collet <rcollet@redhat.com> - 5.6.5-7
- fix more functions accept paths with NUL character #1213407