version 1.1.1.3, 2013/07/22 01:31:37
|
version 1.1.1.4, 2013/10/14 08:02:08
|
Line 1
|
Line 1
|
PHP NEWS |
PHP NEWS |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |
|
19 Sep 2013, PHP 5.4.20 |
|
|
|
- Core: |
|
. Fixed bug #60598 (cli/apache sapi segfault on objects manipulation). |
|
(Laruence) |
|
. Fixed bug #65579 (Using traits with get_class_methods causes segfault). |
|
(Adam) |
|
. Fixed bug #65490 (Duplicate calls to get lineno & filename for |
|
DTRACE_FUNCTION_*). (Chris Jones) |
|
. Fixed bug #65483 (quoted-printable encode stream filter incorrectly encoding |
|
spaces). (Michael M Slusarz) |
|
. Fixed bug #65481 (shutdown segfault due to serialize) (Mike) |
|
. Fixed bug #65470 (Segmentation fault in zend_error() with |
|
--enable-dtrace). (Chris Jones, Kris Van Hees) |
|
. Fixed bug #65372 (Segfault in gc_zval_possible_root when return reference |
|
fails). (Laruence) |
|
. Fixed bug #65304 (Use of max int in array_sum). (Laruence) |
|
. Fixed bug #65291 (get_defined_constants() causes PHP to crash in a very |
|
limited case). (Arpad) |
|
. Fixed bug #65225 (PHP_BINARY incorrectly set). (Patrick Allaert) |
|
. Improved fix for bug #63186 (compile failure on netbsd). (Matteo) |
|
. Fixed bug #62692 (PHP fails to build with DTrace). (Chris Jones, Kris Van Hees) |
|
. Fixed bug #61759 (class_alias() should accept classes with leading |
|
backslashes). (Julien) |
|
. Fixed bug #61345 (CGI mode - make install don't work). (Michael Heimpold) |
|
. Cherry-picked some DTrace build commits (allowing builds on Linux, |
|
bug #62691, and bug #63706) from PHP 5.5 branch |
|
. Fixed bug #61268 (--enable-dtrace leads make to clobber |
|
Zend/zend_dtrace.d) (Chris Jones) |
|
|
|
- cURL: |
|
. Fixed bug #65458 (curl memory leak). (Adam) |
|
|
|
- Datetime: |
|
. Fixed bug #65554 (createFromFormat broken when weekday name is followed |
|
by some delimiters). (Valentin Logvinskiy, Stas). |
|
. Fixed bug #65564 (stack-buffer-overflow in DateTimeZone stuff caught |
|
by AddressSanitizer). (Remi). |
|
|
|
- Openssl: |
|
. Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in |
|
some cases). (Mark Jones) |
|
|
|
- Session: |
|
. Fixed bug #62129 (rfc1867 crashes php even though turned off). (gxd305 at |
|
gmail dot com) |
|
. Fixed bug #50308 (session id not appended properly for empty anchor tags). |
|
(Arpad) |
|
. Fixed possible buffer overflow under Windows. Note: Not a security fix. |
|
(Yasuo) |
|
. Changed session.auto_start to PHP_INI_PERDIR. (Yasuo) |
|
|
|
- SOAP: |
|
. Fixed bug #65018 (SoapHeader problems with SoapServer). (Dmitry) |
|
|
|
- SPL: |
|
. Fixed bug #65328 (Segfault when getting SplStack object Value). (Laruence) |
|
|
|
- PDO: |
|
. Fixed bug #64953 (Postgres prepared statement positional parameter |
|
casting). (Mike) |
|
|
|
- Phar: |
|
. Fixed bug #65028 (Phar::buildFromDirectory creates corrupt archives for |
|
some specific contents). (Stas) |
|
|
|
- Pgsql: |
|
. Fixed bug #65336 (pg_escape_literal/identifier() silently returns false). |
|
(Yasuo) |
|
. Fixed bug #62978 (Disallow possible SQL injections with pg_select()/pg_update() |
|
/pg_delete()/pg_insert()). (Yasuo) |
|
|
|
- Zlib: |
|
. Fixed bug #65391 (Unable to send vary header user-agent when |
|
ob_start('ob_gzhandler') is called) (Mike) |
|
|
|
22 Aug 2013, PHP 5.4.19 |
|
|
|
- Core: |
|
. Fixed bug #64503 (Compilation fails with error: conflicting types for |
|
'zendparse'). (Laruence) |
|
|
|
- Openssl: |
|
. Fixed UMR in fix for CVE-2013-4248. |
|
|
|
15 Aug 2013, PHP 5.4.18 |
|
|
|
- Core: |
|
. Fixed value of FILTER_SANITIZE_FULL_SPECIAL_CHARS constant (previously was |
|
erroneously set to FILTER_SANITIZE_SPECIAL_CHARS value). (Andrey |
|
avp200681 gmail com). |
|
. Fixed bug #65254 (Exception not catchable when exception thrown in autoload |
|
with a namespace). (Laruence) |
|
. Fixed bug #65108 (is_callable() triggers Fatal Error). |
|
(David Soria Parra, Laruence) |
|
. Fixed bug #65088 (Generated configure script is malformed on OpenBSD). |
|
(Adam) |
|
. Fixed bug #62964 (Possible XSS on "Registered stream filters" info). |
|
(david at nnucomputerwhiz dot com) |
|
. Fixed bug #62672 (Error on serialize of ArrayObject). (Lior Kaplan) |
|
. Fixed bug #62475 (variant_* functions causes crash when null given as an |
|
argument). (Felipe) |
|
. Fixed bug #60732 (php_error_docref links to invalid pages). (Jakub Vrana) |
|
. Fixed bug #65226 (chroot() does not get enabled). (Anatol) |
|
|
|
- CGI: |
|
. Fixed Bug #65143 (Missing php-cgi man page). (Remi) |
|
|
|
- CLI server: |
|
. Fixed bug #65066 (Cli server not responsive when responding with 422 http |
|
status code). (Adam) |
|
|
|
- CURL: |
|
. Fixed bug #62665 (curl.cainfo doesn't appear in php.ini). (Lior Kaplan) |
|
|
|
- FPM: |
|
. Fixed bug #63983 (enabling FPM borks compile on FreeBSD). |
|
(chibisuke at web dot de, Felipe) |
|
|
|
- FTP: |
|
. Fixed bug #65228 (FTPs memory leak with SSL). |
|
(marco dot beierer at mbsecurity dot ch) |
|
|
|
- GMP: |
|
. Fixed bug #65227 (Memory leak in gmp_cmp second parameter). (Felipe) |
|
|
|
- Imap: |
|
. Fixed bug #64467 (Segmentation fault after imap_reopen failure). |
|
(askalski at gmail dot com) |
|
|
|
- Intl: |
|
. Fixed bug #62759 (Buggy grapheme_substr() on edge case). (Stas) |
|
. Fixed bug #61860 (Offsets may be wrong for grapheme_stri* functions). |
|
(Stas) |
|
|
|
- mysqlnd: |
|
. Fixed segfault in mysqlnd when doing long prepare. (Andrey) |
|
|
|
- ODBC: |
|
. Fixed bug #61387 (NULL valued anonymous column causes segfault in |
|
odbc_fetch_array). (Brandon Kirsch) |
|
|
|
- Openssl: |
|
. Fixed handling null bytes in subjectAltName (CVE-2013-4248). |
|
(Christian Heimes) |
|
|
|
- PDO: |
|
. Allowed PDO_OCI to compile with Oracle Database 12c client libraries. |
|
(Chris Jones) |
|
|
|
- PDO_dblib: |
|
. Fixed bug #65219 (PDO/dblib not working anymore ("use dbName" not sent)). |
|
(Stanley Sufficool) |
|
|
|
- PDO_pgsql: |
|
. Fixed meta data retrieve when OID is larger than 2^31. (Yasuo) |
|
|
|
- Phar: |
|
. Fixed Bug #65142 (Missing phar man page). (Remi) |
|
|
|
- Session |
|
. Fixed bug #62535 ($_SESSION[$key]["cancel_upload"] doesn't work as |
|
documented). (Arpad) |
|
. Fixed bug #35703 (when session_name("123") consist only digits, |
|
should warning). (Yasuo) |
|
. Fixed bug #49175 (mod_files.sh does not support hash bits). Patch by |
|
oorza2k5 at gmail dot com (Yasuo) |
|
|
|
- Sockets: |
|
. Implemented FR #63472 (Setting SO_BINDTODEVICE with socket_set_option). |
|
(Damjan Cvetko) |
|
|
|
- SPL: |
|
. Fixed bug #65136 (RecursiveDirectoryIterator segfault). (Laruence) |
|
. Fixed bug #61828 (Memleak when calling Directory(Recursive)Iterator |
|
/Spl(Temp)FileObject ctor twice). (Laruence) |
|
. Fixed bug #60560 (SplFixedArray un-/serialize, getSize(), count() return 0, |
|
keys are strings). (Adam) |
|
|
|
- XML: |
|
. Fixed bug #65236 (heap corruption in xml parser, CVE-2013-4113). (Rob) |
|
|
04 Jul 2013, PHP 5.4.17 |
04 Jul 2013, PHP 5.4.17 |
|
|
- Core: |
- Core: |
Line 47 PHP
|
Line 229 PHP
|
|
|
- pgsql: |
- pgsql: |
. Fixed bug #64609 (pg_convert enum type support). (Matteo) |
. Fixed bug #64609 (pg_convert enum type support). (Matteo) |
|
. Fixed bug #65015 (pg_send_query does not flush send buffer) |
|
patch submitted by: adam at vektah dot net (Yasuo) |
|
|
- Readline: |
- Readline: |
. Implement FR #55694 (Expose additional readline variable to prevent |
. Implement FR #55694 (Expose additional readline variable to prevent |