Anzeigen der neuesten Beiträge
0 Mitglieder und 1 Gast betrachten dieses Thema.
Security Enhancements and Fixes in PHP 5.3.2: * Improved LCG entropy. (Rasmus, Samy Kamkar) * Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen) * Fixed a possible open_basedir/safe_mode bypass in the session extension identified by Grzegorz Stachowiak. (Ilia)Key Bug Fixes in PHP 5.3.2 include: * Added support for SHA-256 and SHA-512 to php's crypt. * Added protection for $_SESSION from interrupt corruption and improved "session.save_path" check. * Fixed bug #51059 (crypt crashes when invalid salt are given). * Fixed bug #50940 Custom content-length set incorrectly in Apache sapis. * Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes long). * Fixed bug #50723 (Bug in garbage collector causes crash). * Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). * Fixed bug #50632 (filter_input() does not return default value if the variable does not exist). * Fixed bug #50540 (Crash while running ldap_next_reference test cases). * Fixed bug #49851 (http wrapper breaks on 1024 char long headers). * Over 60 other bug fixes.
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||22 Jul 2010, PHP 5.3.3- Upgraded bundled sqlite to version 3.6.23.1. (Ilia)- Upgraded bundled PCRE to version 8.02. (Ilia)- Added support for JSON_NUMERIC_CHECK option in json_encode() that converts numeric strings to integers. (Ilia)- Added stream_set_read_buffer, allows to set the buffer for read operation. (Pierre)- Added stream filter support to mcrypt extension (ported from mcrypt_filter). (Stas)- Added full_special_chars filter to ext/filter. (Rasmus)- Added backlog socket context option for stream_socket_server(). (Mike)- Added fifth parameter to openssl_encrypt()/openssl_decrypt() (string $iv) to use non-NULL IV. Made implicit use of NULL IV a warning. (Sara)- Added openssl_cipher_iv_length(). (Sara)- Added FastCGI Process Manager (FPM) SAPI. (Tony)- Added recent Windows versions to php_uname and fix undefined windows version support. (Pierre)- Added Berkeley DB 5 support to the DBA extension. (Johannes, Chris Jones)- Added support for copy to/from array/file for pdo_pgsql extension. (Denis Gasparin, Ilia)- Added inTransaction() method to PDO, with specialized support for Postgres. (Ilia, Denis Gasparin)- Changed namespaced classes so that the ctor can only be named __construct now. (Stas)- Reset error state in PDO::beginTransaction() reset error state. (Ilia)- Implemented FR#51295 (SQLite3::busyTimeout not existing). (Mark)- Implemented FR#35638 (Adding udate to imap_fetch_overview results). (Charles_Duffy at dell dot com )- Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). (Scott)- Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. (Andrey)- Fixed possible buffer overflows when handling error packets in mysqlnd. Reported by Stefan Esser. (Andrey)- Fixed very rare memory leak in mysqlnd, when binding thousands of columns. (Andrey)- Fixed a crash when calling an inexistent method of a class that inherits PDOStatement if instantiated directly instead of doing by the PDO methods. (Felipe)- Fixed memory leak on error in mcrypt_create_iv on Windows. (Pierre)- Fixed a possible crash because of recursive GC invocation. (Dmitry)- Fixed a possible resource destruction issues in shm_put_var(). Reported by Stefan Esser. (Dmitry)- Fixed a possible information leak because of interruption of XOR operator. Reported by Stefan Esser. (Dmitry)- Fixed a possible memory corruption because of unexpected call-time pass by refernce and following memory clobbering through callbacks. Reported by Stefan Esser. (Dmitry)- Fixed a possible memory corruption in ArrayObject::uasort(). Reported by Stefan Esser. (Dmitry)- Fixed a possible memory corruption in parse_str(). Reported by Stefan Esser. (Dmitry)- Fixed a possible memory corruption in pack(). Reported by Stefan Esser. (Dmitry)- Fixed a possible memory corruption in substr_replace(). Reported by Stefan Esser. (Dmitry)- Fixed a possible memory corruption in addcslashes(). Reported by Stefan Esser. (Dmitry)- Fixed a possible stack exhaustion inside fnmatch(). Reported by Stefan Esser. (Ilia)- Fixed a possible dechunking filter buffer overflow. Reported by Stefan Esser. (Pierre)- Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. (Ilia)- Fixed string format validation inside phar extension. Reported by Stefan Esser. (Ilia)- Fixed handling of session variable serialization on certain prefix characters. Reported by Stefan Esser. (Ilia)- Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert)- Fixed 64-bit integer overflow in mhash_keygen_s2k(). (Clément LECIGNE, Stas)- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas)- Fixed the mail.log ini setting when no filename was given. (Johannes)- Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64 bit)). (Adam)- Fixed bug #52262 (json_decode() shows no errors on invalid UTF-8). (Scott)- Fixed bug #52240 (hash_copy() does not copy the HMAC key, causes wrong results and PHP crashes). (Felipe)- Fixed bug #52238 (Crash when an Exception occured in iterator_to_array). (Johannes)- Fixed bug #52193 (converting closure to array yields empty array). (Felipe)- Fixed bug #52183 (Reflectionfunction reports invalid number of arguments for function aliases). (Felipe)- Fixed bug #52162 (custom request header variables with numbers are removed). (Sriram Natarajan)- Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe)- Fixed bug #52138 (Constants are parsed into the ini file for section names). (Felipe)- Fixed bug #52115 (mysqli_result::fetch_all returns null, not an empty array). (Andrey)- Fixed bug #52101 (dns_get_record() garbage in 'ipv6' field on Windows). (Pierre)- Fixed bug #52082 (character_set_client & character_set_connection reset after mysqli_change_user()). (Andrey)- Fixed bug #52043 (GD doesn't recognize latest libJPEG versions). (php at group dot apple dot com, Pierre) - Fixed bug #52041 (Memory leak when writing on uninitialized variable returned from function). (Dmitry)- Fixed bug #52060 (Memory leak when passing a closure to method_exists()). (Felipe)- Fixed bug #52057 (ReflectionClass fails on Closure class). (Felipe)- Fixed bug #52051 (handling of case sensitivity of old-style constructors changed in 5.3+). (Felipe)- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at debian dot org, Kalle)- Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick)- Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command). (Ilia)- Fixed bug #52001 (Memory allocation problems after using variable variables). (Dmitry)- Fixed bug #51991 (spl_autoload and *nix support with namespace). (Felipe)- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle, coreystup at gmail dot com)- Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with constant array). (Felipe)- Fixed bug #51905 (ReflectionParameter fails if default value is an array with an access to self::). (Felipe)- Fixed bug #51899 (Parse error in parse_ini_file() function when empy value followed by no newline). (Felipe)- Fixed bug #51844 (checkdnsrr does not support types other than MX). (Pierre)- Fixed bug #51827 (Bad warning when register_shutdown_function called with wrong num of parameters). (Felipe)- Fixed bug #51822 (Segfault with strange __destruct() for static class variables). (Dmitry)- Fixed bug #51791 (constant() aborts execution when fail to check undefined constant). (Felipe)- Fixed bug #51732 (Fileinfo __construct or open does not work with NULL). (Pierre)- Fixed bug #51725 (xmlrpc_get_type() returns true on invalid dates). (Mike)- Fixed bug #51723 (Content-length header is limited to 32bit integer with Apache2 on Windows). (Pierre)- Fixed bug #51721 (mark DOMNodeList and DOMNamedNodeMap as Traversable). (David Zuelke)- Fixed bug #51712 (Test mysql_mysqlnd_read_timeout_long must fail on MySQL4). (Andrey)- Fixed bug #51697 (Unsafe operations in free_storage of SPL iterators, causes crash during shutdown). (Etienne)- Fixed bug #51690 (Phar::setStub looks for case-sensitive __HALT_COMPILER()). (Ilia)- Fixed bug #51688 (ini per dir crashes when invalid document root are given). (Pierre)- Fixed bug #51671 (imagefill does not work correctly for small images). (Pierre)- Fixed bug #51670 (getColumnMeta causes segfault when re-executing query after calling nextRowset). (Pierrick)- Fixed bug #51647 Certificate file without private key (pk in another file) doesn't work. (Andrey)- Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading). (Pierre)- Fixed bug #51627 (script path not correctly evaluated). (russell dot tempero at rightnow dot com)- Fixed bug #51624 (Crash when calling mysqli_options()). (Felipe)- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe)- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter). (Felipe)- Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string literal). (cbandy at jbandy dot com)- Fixed bug #51607 (pg_copy_from does not allow schema in the tablename argument). (cbandy at jbandy dot com)- Fixed bug #51605 (Mysqli - zombie links). (Andrey)- Fixed bug #51604 (newline in end of header is shown in start of message). (Daniel Egeberg)- Fixed bug #51590 (JSON_ERROR_UTF8 is undefined). (Felipe)- Fixed bug #51583 (Bus error due to wrong alignment in mysqlnd). (Rainer Jung)- Fixed bug #51582 (Don't assume UINT64_C it's ever available). (reidrac at usebox dot net, Pierre)- Fixed bug #51577 (Uninitialized memory reference with oci_bind_array_by_name) (Oracle Corp.)- Fixed bug #51562 (query timeout in mssql can not be changed per query). (ejsmont dot artur at gmail dot com)- Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory issues). (Dmitry)- Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe)- Fixed bug #51435 (Missing ifdefs / logic bug in crypt code cause compile errors). (Felipe)- Fixed bug #51424 (crypt() function hangs after 3rd call). (Pierre, Sriram)- Fixed bug #51394 (Error line reported incorrectly if error handler throws an exception). (Stas)- Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains timezone). (Adam)- Fixed bug #51347 (mysqli_close / connection memory leak). (Andrey, Johannes)- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is on). (Ilia, j dot jeising at gmail dot com)- Fixed bug #51291 (oci_error doesn't report last error when called two times) (Oracle Corp.)- Fixed bug #51276 (php_load_extension() is missing when HAVE_LIBDL is undefined). (Tony)- Fixed bug #51273 (Faultstring property does not exist when the faultstring is empty) (Ilia, dennis at transip dot nl)- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)- Fixed bug #51257 (CURL_VERSION_LARGEFILE incorrectly used after libcurl version 7.10.1). (aron dot ujvari at microsec dot hu)- Fixed bug #51242 (Empty mysql.default_port does not default to 3306 anymore, but 0). (Adam)- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia, alexr at oplot dot com)- Fixed bug #51190 (ftp_put() returns false when transfer was successful). (Ilia)- Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio). (Sriram Natarajan)- Fixed bug #51176 (Static calling in non-static method behaves like $this->). (Felipe)- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when an invalid option is provided). (Ilia)- Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)- Fixed bug #51096 ('last day' and 'first day' are handled incorrectly when parsing date strings). (Derick)- Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)- Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris Jones)- Fixed bug #51026 (mysqli_ssl_set not working). (Andrey)- Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4). (Raphael Geissert)- Fixed bug #50999 (unaligned memory access in dba_fetch()). (Felipe)- Fixed bug #50976 (Soap headers Authorization not allowed). (Brain France, Dmitry)- Fixed bug #50828 (DOMNotation is not subclass of DOMNode). (Rob)- Fixed bug #50810 (property_exists does not work for private). (Felipe)- Fixed bug #50762 (in WSDL mode Soap Header handler function only being called if defined in WSDL). (mephius at gmail dot com)- Fixed bug #50731 (Inconsistent namespaces sent to functions registered with spl_autoload_register). (Felipe)- Fixed bug #50563 (removing E_WARNING from parse_url). (ralph at smashlabs dot com, Pierre)- Fixed bug #50578 (incorrect shebang in phar.phar). (Fedora at FamilleCollet dot com)- Fixed bug #50555 (DateTime::sub() allows 'relative' time modifications). (Derick)- Fixed bug #50392 (date_create_from_format enforces 6 digits for 'u' format character). (Derick)- Fixed bug #50383 (Exceptions thrown in __call / __callStatic do not include file and line in trace). (Felipe)- Fixed bug #50358 (Compile failure compiling ext/phar/util.lo). (Felipe)- Fixed bug #50101 (name clash between global and local variable). (patch by yoarvi at gmail dot com)- Fixed bug #51002 (fix possible memory corruption with very long names). (Pierre)- Fixed bug #49893 (Crash while creating an instance of Zend_Mail_Storage_Pop3). (Dmitry)- Fixed bug #49819 (STDOUT losing data with posix_isatty()). (Mike)- Fixed bug #49778 (DateInterval::format("%a") is always zero when an interval is created from an ISO string). (Derick)- Fixed bug #49700 (memory leaks in php_date.c if garbage collector is enabled). (Dmitry)- Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)- Fixed bug #49490 (XPath namespace prefix conflict). (Rob)- Fixed bug #49429 (odbc_autocommit doesn't work). (Felipe)- Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)- Fixed bug #49234 (mysqli_ssl_set not found). (Andrey)- Fixed bug #49216 (Reflection doesn't seem to work properly on MySqli). (Andrey)- Fixed bug #49192 (PHP crashes when GC invoked on COM object). (Stas)- Fixed bug #49081 (DateTime::diff() mistake if start in January and interval > 28 days). (Derick)- Fixed bug #49059 (DateTime::diff() repeats previous sub() operation). (yoarvi@gmail.com, Derick)- Fixed bug #48983 (DomDocument : saveHTMLFile wrong charset). (Rob)- Fixed bug #48930 (__COMPILER_HALT_OFFSET__ incorrect in PHP >= 5.3). (Felipe)- Fixed bug #48902 (Timezone database fallback map is outdated). (Derick)- Fixed bug #48781 (Cyclical garbage collector memory leak). (Dmitry)- Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)- Fixed bug #48361 (SplFileInfo::getPathInfo should return the parent dir). (Etienne)- Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken). (Adam, patch from hiroaki dot kawai at gmail dot com).- Fixed bug #47842 (sscanf() does not support 64-bit values). (Mike)- Fixed bug #46111 (Some timezone identifiers can not be parsed). (Derick)- Fixed bug #45808 (stream_socket_enable_crypto() blocks and eats CPU). (vincent at optilian dot com)- Fixed bug #43233 (sasl support for ldap on Windows). (Pierre)- Fixed bug #35673 (formatOutput does not work with saveHTML). (Rob)- Fixed bug #33210 (getimagesize() fails to detect width/height on certain
Security Enhancements and Fixes in PHP 5.3.6: * Enforce security in the fastcgi protocol parsing with fpm SAPI. * Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153) * Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092) * Fixed bug #54055 (buffer overrun with high values for precision ini setting). * Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708) * Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)Key enhancements in PHP 5.3.6 include: * Upgraded bundled Sqlite3 to version 3.7.4. * Upgraded bundled PCRE to version 8.11. * Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization. * Added options to debug backtrace functions. * Changed default value of ini directive serialize_precision from 100 to 17. * Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error). * Fixed Bug #53958 (Closures can't 'use' shared variables by value and by reference). * Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash). * Over 60 other bug fixes.
Security Enhancements and Fixes in PHP 5.3.7: Updated crypt_blowfish to 1.2. (CVE-2011-2483) Fixed crash in error_log(). Reported by Mateusz Kocielski Fixed buffer overflow on overlog salt in crypt(). Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202) Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)Key enhancements in PHP 5.3.7 include: Upgraded bundled Sqlite3 to version 3.7.7.1 Upgraded bundled PCRE to version 8.12 Fixed bug #54910 (Crash when calling call_user_func with unknown function name) Fixed bug #54585 (track_errors causes segfault) Fixed bug #54262 (Crash when assigning value to a dimension in a non-array) Fixed a crash inside dtor for error handling Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off) Fixed bug #54935 php_win_err can lead to crash Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption) Fixed bug #54305 (Crash in gc_remove_zval_from_buffer) Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value) Fixed bug #54529 (SAPI crashes on apache_config.c:197) Fixed bug #54283 (new DatePeriod(NULL) causes crash). Fixed bug #54269 (Short exception message buffer causes crash) Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries) Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters) Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and SplTempFileObject crash when user-space classes don't call the parent constructor) Fixed bug #54292 (Wrong parameter causes crash in SplFileObject::__construct()) Fixed bug #54291 (Crash iterating DirectoryIterator for dir name starting with \0) Fixed bug #54281 (Crash in non-initialized RecursiveIteratorIterator) Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket) Fixed bug #54681 (addGlob() crashes on invalid flags) Over 80 other bug fixes.Windows users: please mind that we do no longer provide builds created with Visual Studio C++ 6. It is impossible to maintain a high quality and safe build of PHP for Windows using this unmaintained compiler.
Version 5.4.126-Apr-2012 CLI Server Fixed bug #61461 (missing checks around malloc() calls). Implemented #60850 (Built in web server does not set $_SERVER['SCRIPT_FILENAME'] when using router). Core Fixed crash in ZTS using same class in many threads. Fixed bug #61374 (html_entity_decode tries to decode code points that don't exist in ISO-8859-1). Fixed bug #61225 (Incorrect lexing of 0b00*+<NUM>). Fixed bug #61106 (Segfault when using header_register_callback). Fixed bug #61052 (Missing error check in trait 'insteadof' clause). Fixed bug #61011 (Crash when an exception is thrown by __autoload accessing a static property). Fixed bug #60978 (exit code incorrect). Fixed bug #60911 (Confusing error message when extending traits). Fixed bug #60717 (Order of traits in use statement can cause a fatal error). Fixed bug #60573 (type hinting with "self" keyword causes weird errors). Fileinfo Fix fileinfo test problems. Intl Fixed bug #61487 (Incorrent bounds checking in grapheme_strpos). mbstring MFH mb_ereg_replace_callback() for security enhancements. mysqlnd Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled). Standard Fixed memory leak in substr_replace. Make max_file_uploads ini directive settable outside of php. Fixed bug #61409 (Bad formatting on phpinfo()). Fixed bug #60222 (time_nanosleep() does validate input params). Fixed bug #60106 (stream_socket_server silently truncates long unix socket paths).
Version 5.4.4 CLI SAPI Implemented FR #61977 (Need CLI web-server support for files with .htm & svg extensions) Improved performance while sending error page, this also fixed bug Fixed bug #61785 (Memory leak when access a non-exists file without router) Fixed bug #61546 (functions related to current script failed when chdir() in cli sapi) Core Fixed missing bound check in iptcparse() Fixed CVE-2012-2143 Fixed bug #62097 (fix for for bug #54547) Fixed bug #62005 (unexpected behavior when incrementally assigning to a member of a null object) Fixed bug #61978 (Object recursion not detected for classes that implement JsonSerializable) Fixed bug #61991 (long overflow in realpath_cache_get()) Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config) Fixed bug #61827 (incorrect \e processing on Windows) Fixed bug #61782 (__clone/__destruct do not match other methods when checking access controls) Fixed bug #61761 ('Overriding' a private static method with a different signature causes crash) Fixed bug #61730 (Segfault from array_walk modifying an array passed by reference) Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown phase) Fixed bug #61660 (bin2hex(hex2bin($data)) != $data) Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables (without apache2)) Fixed bug #61605 (header_remove() does not remove all headers) Fixed bug #54547 (wrong equality of string numbers) Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename set to null) Changed php://fd to be available only for CLI CURL Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction) COM Fixed bug #62146 com_dotnet cannot be built shared Fileinfo Fixed bug #61812 (Uninitialised value used in libmagic) FPM Fixed bug #61812 (Uninitialised value used in libmagic) Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a directory descriptor under windows Fixed bug #61566 failure caused by the posix lseek and read versions under windows in cdf_read() Iconv Fixed a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv library. See https://bugs.gentoo.org/show_bug.cgi?id=364139 for detail Intl Fixed bug #62082 (Memory corruption in internal function get_icu_disp_value_src_php() JSON Fixed bug #61537 (json_encode() incorrectly truncates/discards information) LibXML Fixed bug #61617 (Libxml tests failed(ht is already destroyed)) PDO Fixed bug #61755 (A parsing bug in the prepared statements can lead to access violations) Phar Fixed bug #61065 (Secunia SA44335) Streams Fixed bug #61961 (file_get_contents leaks when access empty file with maxlen set) zlib Fixed bug #61820 (using ob_gzhandler will complain about headers already sent when no compression) Fixed bug #61443 (can't change zlib.output_compression on the fly) Fixed bug #60761 (zlib.output_compression fails on refresh)
Version 5.4.519-July-2012 Core Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent) Fixed bug #62373 (serialize() generates wrong reference to the object). Fixed bug #62357 (compile failure: (S) Arguments missing for built-in function __memcmp) Fixed bug #61998 (Using traits with method aliases appears to result in crash during execution) Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon) Fixed potential overflow in _php_stream_scandir (CVE-2012-2688) EXIF Fixed information leak in ext exi FPM Fixed bug #62205 (php-fpm segfaults (null passed to strstr) Fixed bug #62160 (Add process.priority to set nice(2) priorities) Fixed bug #62153 (when using unix sockets, multiples FPM instances) Fixed bug #62033 (php-fpm exits with status 0 on some failures to start) Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm) Fixed bug #61835 (php-fpm is not allowed to run as root) Fixed bug #61295 (php-fpm should not fail with commented 'user' Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests) Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat) for non-root start) Fixed bug #61026 (FPM pools can listen on the same address). (fat) can be launched without errors) Iconv Fixed bug #55042 (Erealloc in iconv.c unsafe) Intl Fixed bug #62083 (grapheme_extract() memory leaks) Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice) Fixed bug #62070 (Collator::getSortKey() returns garbage) Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern) Fixed bug #60785 (memory leak in IntlDateFormatter constructor) ResourceBundle constructor now accepts NULL for the first two arguments JSON Fixed bug #61359 (json_encode() calls too many reallocs) libxml Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM SAPI) Phar Fixed bug #62227 (Invalid phar stream path causes crash) Readline Fixed bug #62186 (readline fails to compile - void function should not return a value) Reflection Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault) Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant) Sockets Fixed bug #62025 (__ss_family was changed on AIX 5.3) SPL Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to dot files) Fixed bug #62262 (RecursiveArrayIterator does not implement Countable) XML Writer Fixed bug #62064 (memory leak in the XML Writer module) Zip Upgraded libzip to 0.10.
Autor
Thema: Neue Versionen der Skriptsprache PHP (Gelesen 14887 mal)
