kpriv/pkgsrc
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity
pkgsrc/www/php4/patches
History
adrianp 0163cb059f Update to 4.4.7 
* Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric)
* Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser)
* Fixed a bug in mb_parse_str() that can be used to activate register_globals
  (MOPB-26 by Stefan Esser)
* Fixed unallocated memory access/double free in in array_user_key_compare()
  (MOPB-24 by Stefan Esser)
* Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser)
* Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers.
  (MOPB-21 by Stefan Esser).
* Limit nesting level of input variables with max_input_nesting_level as fix for
  (MOPB-03 by Stefan Esser)
* Fixed CRLF injection inside ftp_putcmd(). (by loveshell[at]Bug.Center.Team)
* Fixed a possible super-global overwrite inside import_request_variables().
  (by Stefano Di Paola, Stefan Esser)
* Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc
  library. (by Stanislav Malyshev)
* XSS in phpinfo() (MOPB-8 by Stefan Esser)
2007-05-06 19:50:18 +00:00
..
patch-aa
patch-ab Libtoolize link commands on Darwin. Previously, pakcages providing 2006-05-11 06:50:39 +00:00
patch-ac Fix build for php4-curl with curl-7.16.0, using same patch as for php5. 2006-11-03 07:00:39 +00:00
patch-ad
patch-ag
patch-ah
patch-ai
patch-aj
patch-ak
patch-ap Update to version 4.4.2. Ok'd by jdolecek@. 2006-03-03 07:11:34 +00:00
patch-at add patch to actually compile the contents of PHP WDDX module; before 2006-04-22 10:27:05 +00:00
patch-au patch to allow the Oracle extension to be built against Oracle 10.1 2007-03-11 16:43:49 +00:00