Thema: Neue Versionen der Skriptsprache PHP

[SiLæncer]

Whats new: >>

Code: [Auswählen]

Core:
Improved performance of array_merge() and func_get_args() by eliminating useless copying.
Fixed bug #65947 (basename is no more working after fgetcsv in certain situation).
Fixed bug #65939 (Space before ";" breaks php.ini parsing).
Fixed bug #65911 (scope resolution operator - strange behavior with $this).
Fixed bug #65936 (dangling context pointer causes crash).
FPM:
Changed default listen() backlog to 65535.
MySQLi:
Fixed bug #66043 (Segfault calling bind_param() on mysqli).
OPCache:
Increased limit for opcache.max_accelerated_files to 1,000,000.
Fixed issue #115 (path issue when using phar).
Fixed issue #149 (Phar mount points not working with OPcache enabled).
ODBC:
Fixed bug #65950 (Field name truncation if the field name is bigger than 32 characters).
PDO:
Fixed bug #66033 (Segmentation Fault when constructor of PDO statement throws an exception).
Fixed bug #65946 (sql_parser permanently converts values bound to strings).
Standard:
Fixed bug #64760 (var_export() does not use full precision for floating-point numbers).
http://www.php.net/

[SiLæncer]

Code: [Auswählen]

Version 5.5.8
9-Jan-2014

    Core:
        Disallowed JMP into a finally block.
        Added validation of class names in the autoload process.
        Fixed invalid C code in zend_strtod.c.
        Fixed bug #66041 (list() fails to unpack yielded ArrayAccess object).
        Fixed bug #65764 (generators/throw_rethrow FAIL with ZEND_COMPILE_EXTENDED_INFO).
        Fixed bug #61645 (fopen and O_NONBLOCK).
        Fixed bug #66218 (zend_register_functions breaks reflection).
    Date:
        Fixed bug #66060 (Heap buffer over-read in DateInterval).
        Fixed bug #65768 (DateTimeImmutable::diff does not work).
    DOM:
        Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML() Produces invalid Markup).
    Exif:
        Fixed bug #65873 (Integer overflow in exif_read_data()).
    Filter:
        Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer).
    GD:
        Fixed bug #64405 (Use freetype-config for determining freetype2 dir(s)).
    PDO_odbc:
        Fixed bug #66311 (Stack smashing protection kills PDO/ODBC queries).
    MySQLi:
        Fixed bug #65486 (mysqli_poll() is broken on win x64).
    OPCache:
        Fixed revalidate_path=1 behavior to avoid caching of symlinks values.
        Fixed Issue #140: "opcache.enable_file_override" doesn't respect "opcache.revalidate_freq".
    SNMP:
        Fixed SNMP_ERR_TOOBIG handling for bulk walk operations.
    SOAP:
        Fixed bug #66112 (Use after free condition in SOAP extension).
    Sockets:
        Fixed bug #65923 (ext/socket assumes AI_V4MAPPED is defined).
    XSL:
        Fixed bug #49634 (Segfault throwing an exception in a XSL registered function).
    ZIP:
        Fixed bug #66321 (ZipArchive::open() ze_obj->filename_len not real).
http://www.php.net/

[SiLæncer]

Code: [Auswählen]

Version 5.5.9
6-Feb-2014

    Core:
        Fixed bug #66509 (copy() arginfo has changed starting from 5.4).
    GD:
        Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()).
    OPCache:
        Fixed bug #66474 (Optimizer bug in constant string to boolean conversion).
        Fixed bug #66461 (PHP crashes if opcache.interned_strings_buffer=0).
        Fixed bug #66298 (ext/opcache/Optimizer/zend_optimizer.c has dos-style ^M as lineend).
    PDO_pgsql:
        Fixed bug #62479 (PDO-pgsql cannot connect if password contains spaces).
    Readline:
        Fixed bug #66412 (readline_clear_history() with libedit causes segfault after #65714).
    Session:
        Fixed bug #66469 (Session module is sending multiple set-cookie headers when session.use_strict_mode=1).
        Fixed bug #66481 (Segfaults on session_name()).
    Standard:
        Fixed bug #66395 (basename function doesn't remove drive letter).
    Sockets:
        Fixed bug #66381 (__ss_family was changed on AIX 5.3).
    Zend Engine:
        Fixed bug #66009 (Failed compilation of PHP extension with C++ std library using VS 2012).

http://www.php.net/

[SiLæncer]

Changelog : http://www.php.net/ChangeLog-5.php#5.5.10

http://www.php.net/

[SiLæncer]

Umfangreiches Handbuch, das Sie über alle Fragen zur Opensource-Scriptsprache PHP aufklärt.

Das Handbuch erläutert Ihnen alles was Sie zu "Hypertext Preprocessor" (PHP) wissen müssen. Nach der allgemeinen Einführung erhalten Sie jede Menge Informationen zu Sprachreferenzen, Sicherheit und zusätzlichen Features von PHP. Hintergrund: Die Programmiersprache PHP wird gewöhnlich dazu verwendet,dynamisch generierte Webseiten in kurzer Zeit zu erzeugen.

Freeware

http://www.php.net/

[SiLæncer]

Changelog : http://www.php.net/ChangeLog-5.php#5.5.11

http://www.php.net/

[SiLæncer]

Changelog : http://www.php.net/ChangeLog-5.php#5.5.12

http://www.php.net/

[SiLæncer]

Umfangreiches Handbuch, das Sie über alle Fragen zur Opensource-Scriptsprache PHP aufklärt.

Das Handbuch erläutert Ihnen alles was Sie zu "Hypertext Preprocessor" (PHP) wissen müssen. Nach der allgemeinen Einführung erhalten Sie jede Menge Informationen zu Sprachreferenzen, Sicherheit und zusätzlichen Features von PHP. Hintergrund: Die Programmiersprache PHP wird gewöhnlich dazu verwendet,dynamisch generierte Webseiten in kurzer Zeit zu erzeugen.

Freeware

http://www.php.net/

[SiLæncer]

Release Notes

Core:
Fixed bug #67169 (array_splice all elements, then []= gives wrong index).
Fixed bug #67198 (php://input regression).
Fixed bug #67247 (spl_fixedarray_resize integer overflow).
Fixed bug #67250 (iptcparse out-of-bounds read).
Fixed bug #67252 (convert_uudecode out-of-bounds read).
Date:
Fixed bug #67251 (date_parse_from_format out-of-bounds read).
Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read).
GD:
Fixed bug #67248 (imageaffinematrixget missing check of parameters).
OpenSSL:
Fixed bug #67224 (Fall back to crypto_type from context if not specified explicitly in stream_socket_enable_crypto).
PCRE:
Fixed bug #67238 (Ungreedy and min/max quantifier bug, applied patch from the upstream).
-bstring:
Fixed bug #67199 (mb_regex_encoding mismatch).

[close]

http://www.php.net/

[SiLæncer]

Changelog : http://www.php.net/ChangeLog-5.php#5.5.13

http://www.php.net/

[SiLæncer]

Release Notes

Core:
Fixed bug #67249 (printf out-of-bounds read). (Stas)
Date:
Fixed bug #67308 (Serialize of DateTime truncates fractions of second). (Adam)
Fileinfo:
Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS).
Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in performance degradation).
Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check).
Fixed bug #67329 (fileinfo: NULL pointer deference flaw by processing certain CDF files).
SPL:
Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence)
phpdbg:
Fixed bug which caused phpdbg to fail immediately on startup in non-debug builds. (Bob)

[close]

http://www.php.net/

[SiLæncer]

Release Notes

Core:
Fixed BC break introduced by patch for bug #67072.
Fixed bug #66622 (Closures do not correctly capture the late bound class
static::) in some cases).
Fixed bug #67390 (insecure temporary file use in the configure script).
CVE-2014-3981)
Fixed bug #67399 (putenv with empty variable may lead to crash).
Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).
CLI server:
Fixed Bug #67406 (built-in web-server segfaults on startup).
Date:
Fixed bug #67308 (Serialize of DateTime truncates fractions of second).
Fixed regression in fix for bug #67118 (constructor can't be called twice).
Fileinfo:
Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check).
(CVE-2014-0207)
Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal
string size). (CVE-2014-3478)
Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary
check). (CVE-2014-3479)
Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check).
CVE-2014-3480)
Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary
check). (CVE-2014-3487)
Intl:
Fixed bug #67349 (Locale::parseLocale Double Free).
Fixed bug #67397 (Buffer overflow in locale_get_display_name and
uloc_getDisplayName (libicu 4.8.1)).
Network:
Fixed bug #67432 (Fix potential segfault in dns_get_record()).
CVE-2014-4049).
OPCache:
Fixed issue #183 (TMP_VAR is not only used once).
OpenSSL:
Fixed bug #65698 (certificates validity parsing does not work past 2050).
Fixed bug #66636 (openssl_x509_parse warning with (V_ASN1_GENERALIZEDTIME).
PDO-ODBC:
Fixed bug #50444 (PDO-ODBC changes for 64-bit).
SOAP:
Implemented FR #49898 (Add SoapClient::__getCookies()).
SPL:
Fixed bug #66127 (Segmentation fault with ArrayObject unset).
Fixed bug #67359 (Segfault in recursiveDirectoryIterator).
Fixed bug #67360 (Missing element after ArrayObject::getIterator).
Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type
Confusion). (CVE-2014-3515)

[close]

http://www.php.net/

[SiLæncer]

Release Notes

Core:

Fixed bug #67368 (Memory leak with immediately dereferenced array in class constant).
Fixed bug #67468 (Segfault in highlight_file()/highlight_string()).
Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0).
Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).

FPM:

Fix bug #67531 (syslog cannot be set in pool configuration).
Fix bug #67541 (Fix Apache 2.4.10+ SetHandler proxy:fcgi://
incompatibilities).

Intl:

Fixed bug #67349 (Locale::parseLocale Double Free).
Fixed bug #67397 (Buffer overflow in locale_get_display_name and uloc_getDisplayName (libicu 4.8.1)).
pgsql:
Fix bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756), which affected builds against libpq < 7.3.

phpdbg:

Fix Bug #67499 (readline feature not enabled when build with libedit).
Fix issue krakjoe/phpdbg#94 (List behavior is inconsistent).
Fix issue krakjoe/phpdbg#97 (The prompt should always ensure it is on a newline).
Fix issue krakjoe/phpdbg#98 (break if does not seem to work).
Fix issue krakjoe/phpdbg#99 (register function has the same behavior as run).
Fix issue krakjoe/phpdbg#100 (No way to list the current stack/frames) (Help entry was missing).

SPL:

Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion) (CVE-2014-3515).

[close]

http://www.php.net/

[SiLæncer]

Release Notes

CLI server:
Fixed bug #67429 (CLI server is missing some new HTTP response codes).
Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
Core:
Fixed bug #67428 (header('Location: foo') will override a 308-399 response code).
Fixed bug #67436 (Autoloader isn't called if two method definitions don't match).
Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0).
Fixed bug #67497 eval with parse error causes segmentation fault in generator).
Fixed bug #67151 (strtr with empty array crashes).
Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server 2012).
FPM:
Fixed bug #67530 (error_log=syslog ignored).
Fixed bug #67531 (syslog cannot be set in pool configuratio).
Intl:
Fixed bug #66921 (Wrong argument type hint for function intltz_from_date_time_zone).
Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
OPCache:
Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault happen).
pgsql:
Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756), which affected builds against libpq < 7.3).
Phar:
Fixed bug #67587 (Redirection loop on nginx with FPM).
SPL:
Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting).
Fixed bug #67538 (SPL Iterators use-after-free) (CVE-2014-4670).
Streams:
Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects).

[close]

http://www.php.net/

[SiLæncer]

Release Notes

Core:

Fixed bug #67497 (eval with parse error causes segmentation fault in generator).
Fixed bug #67151 (strtr with empty array crashes).
Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server 2012).
Fixed bug #66608 (Incorrect behavior with nested "finally" blocks).
Implemented FR #34407 (ucwords and Title Case).

COM:

Fixed missing type checks in com_event_sink.

CLI server:

Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
Fixed bug #67594 (Unable to access to apache_request_headers() elements).

FPM:

Fixed bug #67530 (error_log=syslog ignored).
Fixed bug #67635 (php links to systemd libraries without using pkg-config).

Intl:

Fixed bug #66921 (Wrong argument type hint for function intltz_from_date_time_zone). (Stas)
Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).

pgsql:

Fixed bug #67555 (Cannot build against libpq 7.3).

ODBC:

Fixed bug #60616 (odbc_fetch_into returns junk at end of multi-byte char fields).

OpenSSL:

Fixed missing type checks in OpenSSL options .
Fixed bug #67609 (TLS connections fail behind HTTP proxy).
Fixed broken build against OpenSSL older than 0.9.8 where ECDH unavailable.
Fixed bug #67666 (Subject altNames doesn't support wildcard matching).

Phar:

Fixed bug #67587 (Redirection loop on nginx with FPM).

readline:

Fixed bug #55496 (Interactive mode doesn't force a newline before the prompt).
Fixed bug #67496 (Save command history when exiting interactive shell with control-c).

Reflection:

Implemented FR #67713 (loosen the restrictions on ReflectionClass::newInstanceWithoutConstructor()).

SPL:

Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting).
Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670).

Session:

Fixed missing type checks in php_session_create_id.
Fixed bug #66827 (Session raises E_NOTICE when session name variable is array).

OPCache:

Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault happen).
phpdbg
Fixed bug #67575 (Compilation fails for phpdbg when the build directory != src directory).

[close]

http://www.php.net/