* PHP-5.6.18:
fix tests
fix NEWS
Update NEWS
update NEWS
Fixed bug #71488: Stack overflow when decompressing tar archives
update NEWS
add missing headers for SIZE_MAX
backport the escapeshell* functions hardening branch
add tests
Fix bug #71459 - Integer overflow in iptcembed()
prepare 5.6.18RC1
Fix test when run with openssl < 1.0.2 (reorder so no more SSLv2 message) Fix skip message to work
improve fix for bug #71201
Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
Fixed bug #71331 - Uninitialized pointer in phar_make_dirstream()
Fix bug #71335: Type Confusion in WDDX Packet Deserialization
Fix bug #71354 - remove UMR when size is 0
Conflicts:
configure.in
ext/phar/dirstream.c
ext/phar/phar_object.c
ext/phar/tar.c
ext/standard/exec.c
ext/standard/iptc.c
ext/standard/math.c
ext/standard/streamsfuncs.c
ext/wddx/wddx.c
main/php_version.h
main/streams/memory.c
* PHP-5.5.32:
Fixed bug #71488: Stack overflow when decompressing tar archives
update NEWS
add missing headers for SIZE_MAX
backport the escapeshell* functions hardening branch
add tests
Fix bug #71459 - Integer overflow in iptcembed()
Fixed bug #71323 - Output of stream_get_meta_data can be falsified by its input
Fix bug #71391: NULL Pointer Dereference in phar_tar_setupmetadata()
Fix bug #71335: Type Confusion in WDDX Packet Deserialization
Fix bug #71354 - remove UMR when size is 0
I'm assuming that we want to have 64bit zend_longs on x32 here.
This fixes two typos in __x86_64__ macros and adds sign-extension
when assigning STREAM_COPY_ALL to zend_long.
* PHP-5.6: (27 commits)
fix non-standard C
update NEWS
5.4.41 next
fix CVE num
update NEWS
Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
fix test
fix type in fix for #69085
fix memory leak & add test
Fix tests
fix CVE num
Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
Fix test
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
...
Conflicts:
Zend/zend_exceptions.c
ext/curl/interface.c
ext/dom/document.c
ext/fileinfo/libmagic/softmagic.c
ext/gd/gd.c
ext/hash/hash.c
ext/pgsql/pgsql.c
ext/phar/phar.c
ext/phar/phar_internal.h
ext/standard/http_fopen_wrapper.c
ext/standard/link.c
ext/standard/streamsfuncs.c
ext/xmlwriter/php_xmlwriter.c
ext/zlib/zlib.c
* PHP-5.5: (27 commits)
fix non-standard C
update NEWS
5.4.41 next
fix CVE num
update NEWS
Fix bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode)
fix test
fix type in fix for #69085
fix memory leak & add test
Fix tests
fix CVE num
Fix bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability)
Fix test
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
...
Conflicts:
ext/standard/http_fopen_wrapper.c
* PHP-5.4.40:
Additional fix for bug #69324
More fixes for bug #69152
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar)
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER)
Fix bug #68486 and bug #69218 (segfault in apache2handler with apache 2.4)
Fix bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
Fixed bug #68901 (use after free)
Fixed bug #68740 (NULL Pointer Dereference)
Fix bug #66550 (SQLite prepared statement use-after-free)
Better fix for #68601 for perf 81e9a993f2
Fix bug #68601 buffer read overflow in gd_gif_in.c
Revert "Merge branch 'PHP-5.4' of https://git.php.net/repository/php-src into PHP-5.4"
Fixed bug #69293
Add ZEND_ARG_CALLABLE_INFO to allow internal function to type hint against callable.
This reverts commit 13acb7ec65.
With the added capability to negotiate application layer protocols
via the TLS ALPN extension userland needs a method to access the
negotiated protocol on a given stream. The reverted commit added
a new stream_socket_crypto_info() function for this purpose.
This original approach was discarded in favor of using the
already-existing stream_get_meta_data() API which specifically
exists for just such purposes and requires the addition of no new
functions.
* tls-alpn:
Improve test to target specific issue
Misc updates/cleanup
Add TLS ALPN extension support in crypto client/server streams
Add stream_socket_crypto_info() function
Update for compatibility with newer openssl libs
* master: (48 commits)
change locale - looks like not everybody has sl_SI
Fix bug #66921 - Wrong argument type hint for function intltz_from_date_time_zone
fix format
Fix bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting)
Make sure the generator script also creates a newline at the end of file
Add newline at end of file to prevent compilation warning
Fix handling of session user module custom handlers.
Reference bug report instead of github issue in NEWS file
add more exts for Travis
Update NEWS
Fix phpdbg.1 man page installation when build != src directory
BFN for bug #67551 (php://input temp file will be located in sys_temp_dir instead of upload_tmp_dir)
reorder
restore API compatibility
finish
refactor php_stream_temp_create{,_ex} and use it for the php://input stream
refactor _php_stream_fopen_{temporary_,tmp}file()
fix length overflow of HTTP_RAW_POST_DATA
Update NEWS
Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault happen)
...
Conflicts:
ext/opcache/zend_accelerator_util_funcs.c
ext/session/mod_user.c
ext/spl/spl_array.c
ext/spl/spl_dllist.c
ext/standard/file.c
ext/standard/streamsfuncs.c
ext/standard/string.c
main/streams/memory.c
