Contains fixes for:
* CVE-2021-41771: ImportedSymbols in debug/macho (for Open or OpenFat)
accesses a memory location after the end of a buffer
* CVE-2021-41772: archive/zip Reader.Open panic via a crafted ZIP
archive containing an invalid name or an empty filename field
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Details:
- Cleaned up whitespace and removed comments (refer to official PHP documentation for that)
- Removed directives that no longer exist as of PHP 8.0.12
- Added newly existing directives commented out
- Added '~E_DEPRECATED' to 'error_reporting'
Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
Details:
- Cleaned up whitespace and removed comments (refer to official PHP documentation for that)
- Removed directives that no longer exist as of PHP 7.4.25
- Added '~E_DEPRECATED' to 'error_reporting'
Directives removed that no longer exist as of PHP 7.4.25:
- zend.ze1_compatibility_mode
- y2k_compliance
- register_globals
- register_long_arrays
- magic_quotes_gpc
- magic_quotes_runtime
- magic_quotes_sybase
- always_populate_raw_post_data
Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
(cherry picked from commit 7e45ad87f3)
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This is the latest version, which still has support for PHP 7.x.
It's an intermediate step in the transition to PHP 8.x.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This PR prepares PHP for a few minor changes that cause PHP builds to fail when using --enable-intl with ICU 70.1.
Change UBool to bool for equality operators in ICU >= 70.1
https://github.com/php/php-src/pull/7596
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This PR prepares PHP for a few minor changes that cause PHP builds to fail when using --enable-intl with ICU 70.1.
Change UBool to bool for equality operators in ICU >= 70.1
https://github.com/php/php-src/pull/7596
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
The module will be available, once php8 is selected, at the same place
as the other apache modules.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
Update to the newest versions and switch to $(AUTORELEASE) for the python3 packages (where I am the maintainer).
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
October 12th 2021 Security Releases:
HTTP Request Smuggling due to spaced in headers (Medium)(CVE-2021-22959)
HTTP Request Smuggling when parsing the body (Medium)(CVE-2021-22960)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This is a minor update, which officially supports Python 3.8, and
removes Python 2 code, among several bugfixes.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Features:
- Add cap_add and cap_drop parameters to service create and
ContainerSpec
- Add templating parameter to config create
Bugfixes:
- Fix getting a read timeout for logs/attach with a tty and slow
output
Miscellaneous:
- Fix documentation examples
Signed-off-by: Javier Marcet <javier@marcet.info>
What's Changed
- CHANGELOG.md: Fix typos discovered by codespell by @cclauss in #350
- Add Python 3.10 support by @theskumar in #359
Signed-off-by: Javier Marcet <javier@marcet.info>