PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-** PHP 5.5 is in security-only mode , please do not commit to this branch **
+?? ??? 2016, PHP 5.6.18
-07 Jan 2015, PHP 5.5.31
+- Core:
+ . Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
+ . Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
+ . Added support for new HTTP 451 code. (Julien)
+ - FPM:
+ . Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas)
+
+- FTP:
+ . Implemented FR #55651 (Option to ignore the returned FTP PASV address).
+ (abrender at elitehosts dot com)
+
+ - GD:
+ . Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index
+ Out of Bounds). (emmanuel dot law at gmail dot com).
+
+- Opcache:
+ . Fixed bug #71127 (Define in auto_prepend_file is overwrite). (Laruence)
+ . Fixed bug #71024 (Unable to use PHP 7.0 x64 side-by-side with PHP 5.6 x32
+ on the same server). (Anatol)
+
+- Session:
+ . Fixed bug #71122 (Session GC may not remove obsolete session data). (Yasuo)
+
+- SPL:
+ . Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading).
+ (Laruence)
+
+- Standard:
+ . Fixed bug #70720 (strip_tags improper php code parsing). (Julien)
++
+ - WDDX:
+ . Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
+ (taoguangchen at icloud dot com)
+ . Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion
+ Vulnerability). (taoguangchen at icloud dot com)
+
+ - XMLRPC:
+ . Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).
+ (Julien)
+
+17 Dec 2015, PHP 5.6.17
-01 Oct 2015, PHP 5.5.30
+- Core:
+ . Fixed bug #66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky)
+ . Fixed bug #70958 (Invalid opcode while using ::class as trait method
+ paramater default value). (Laruence)
+ . Fixed bug #70957 (self::class can not be resolved with reflection for
+ abstract class). (Laruence)
+ . Fixed bug #70944 (try{ } finally{} can create infinite chains of
+ exceptions). (Laruence)
+ . Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol:
+ php_register_internal_extensions). (Lior Kaplan)
+
+- Mysqlnd:
+ . Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction).
+ (Laruence)
+
+- SOAP:
+ . Fixed bug #70900 (SoapClient systematic out of memory error). (Dmitry)
+
+- Standard:
+ . Fixed bug #70960 (ReflectionFunction for array_unique returns wrong number
+ of parameters). (Laruence)
+
+- PDO_Firebird:
+ . Fixed bug #60052 (Integer returned as a 64bit integer on X64_86). (Mariuz)
+
+26 Nov 2015, PHP 5.6.16
+
+- Core:
+ . Fixed bug #70828 (php-fpm 5.6 with opcache crashes when referencing a
+ non-existent constant). (Laruence)
+ . Fixed bug #70748 (Segfault in ini_lex () at Zend/zend_ini_scanner.l).
+ (Laruence)
+
+- Mysqlnd:
+ . Fixed bug #68344 (MySQLi does not provide way to disable peer certificate
+ validation) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT
+ connection flag. (Andrey)
+
+- OCI8:
+ . Fixed bug #68298 (OCI int overflow). (Senthil)
+
+- PDO_DBlib:
+ . Fixed bug #69757 (Segmentation fault on nextRowset).
+ (miracle at rpz dot name)
+
+- SOAP:
+ . Fixed bug #70875 (Segmentation fault if wsdl has no targetNamespace
+ attribute). (Matteo)
+
+- SPL:
+ . Fixed bug #70852 (Segfault getting NULL offset of an ArrayObject).
+ (Reeze Xia)
+
+29 Oct 2015, PHP 5.6.15
+
+- Core:
+ . Fixed bug #70681 (Segfault when binding $this of internal instance method
+ to null). (Nikita)
+ . Fixed bug #70685 (Segfault for getClosure() internal method rebind with
+ invalid $this). (Nikita)
+
+- Date:
+ . Fixed bug #70619 (DateTimeImmutable segfault). (Laruence)
+
+- Mcrypt:
+ . Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV was
+ specified under RC4). (Nikita)
+
+- Mysqlnd:
+ . Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the server).
+ (Andrey)
+ . Fixed bug #70572 segfault in mysqlnd_connect. (Andrey, Remi)
+
+- Opcache:
+ . Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer).
+ (Laruence)
+ . Fixed bug #70631 (Another Segfault in gc_remove_from_buffer()). (Laruence)
+ . Fixed bug #70601 (Segfault in gc_remove_from_buffer()). (Laruence)
+ . Fixed compatibility with Windows 10 (see also bug #70652). (Anatol)
+
+01 Oct 2015, PHP 5.6.14
+
+- Core:
+ . Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10 when
+ building extensions). (Adam)
+
+- CLI server:
+ . Fixed bug #68291 (404 on urls with '+'). (cmb)
+
+- DOM:
+ . Fixed bug #70001 (Assigning to DOMNode::textContent does additional entity
+ encoding). (cmb)
+
+- ldap:
+ . Fixed bug #70465 (Bug in ldap_search() modifies LDAP_OPT_TIMELIMIT/DEREF's values). (Tyson Andre)
+ . Fixed bug #69574 (ldap timeouts not enforced). (Côme Bernigaud)
+
+- Mysqlnd:
+ . Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when connecting to
+ a server). (Sergei Turchanov)
+
+- OpenSSL:
+ . Fixed bug #55259 (openssl extension does not get the DH parameters from
+ DH key resource). (Jakub Zelenka)
+ . Fixed bug #70395 (Missing ARG_INFO for openssl_seal()). (cmb)
+ . Fixed bug #60632 (openssl_seal fails with AES). (Jakub Zelenka)
+ . Fixed bug #68312 (Lookup for openssl.cnf causes a message box). (Anatol)
+
+- PDO:
+ . Fixed bug #70389 (PDO constructor changes unrelated variables). (Laruence)
- Phar:
. Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). (Stas)
projects / php / commitdiff