PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? 2014, PHP 5.6.0 Beta 1
+?? ??? 2014, PHP 5.6.0 Beta 3
+
+- Core:
+ . Fixed bug #67169 (array_splice all elements, then []= gives wrong index).
+ (Nikita)
+ . Fixed bug #67198 (php://input regression). (Mike)
+
++- OpenSSL:
++ . Fixed bug #67224 (Fall back to crypto_type from context if not specified
++ explicitly in stream_socket_enable_crypto). (Chris Wright)
++
+01 May 2014, PHP 5.6.0 Beta 2
+
+- CLI server:
+ . Fixed bug #67079 (Missing MIME types for XML/XSL files). (Anatol)
+
+- COM:
+ . Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)). (Anatol)
+
+- Core:
+ . Fixed bug #65701 (copy() doesn't work when destination filename is created
+ by tempnam()). (Boro Sitnikovski)
+ . Fixed bug #66015 (Unexpected array indexing in class's static property). (Bob)
+ . Added (constant) string/array dereferencing to static scalar expressions
+ to complete the set; now possible thanks to bug #66015 being fixed. (Bob)
+ . Fixed bug #66568 (Update reflection information for unserialize() function).
+ (Ferenc)
+ . Fixed bug #66660 (Composer.phar install/update fails). (Ferenc)
+ . Fixed bug #67024 (getimagesize should recognize BMP files with negative
+ height). (Gabor Buella)
+ . Fixed bug #67064 (Countable interface prevents using 2nd parameter
+ ($mode) of count() function). (Bob)
+ . Fixed bug #67072 (Echoing unserialized "SplFileObject" crash). (Anatol)
+ . Fixed bug #67033 (Remove reference to Windows 95). (Anatol)
+
+- cURL:
+ . Fixed bug #64247 (CURLOPT_INFILE doesn't allow reset). (Mike)
+ . Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent).
+ (Freek Lijten)
+
+- Date:
+ . Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is
+ supplied). (Boro Sitnikovski)
+ . Fixed bug #67118 (DateTime constructor crash with invalid data). (Anatol)
+
+- DOM:
+ . Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag,
+ not only the subset). (Anatol)
+
+- Fileinfo:
+ . Fixed bug #66907 (Solaris 10 is missing strcasestr and needs substitute).
+ (Anatol)
+ . Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol)
+
+- FPM:
+ . Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf).
+ . Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
+ (Julio Pintos)
+ . Fixed bug #67060 (sapi/fpm: possible privilege escalation due to insecure
+ default configuration) (CVE-2014-0185). (Stas)
+
+- GMP:
+ . Fixed crashes in serialize/unserialize. (Stas)
+
+- JSON:
+ . Fixed bug #66021 (Blank line inside empty array/object when
+ JSON_PRETTY_PRINT is set). (Kevin Israel)
+
+- LDAP:
+ . Fixed issue with null bytes in LDAP bindings. (Matthew Daley)
+
+- litespeed
+ . Fixed bug #63228 (-Werror=format-security error in lsapi code).
+ (Elan Ruusamäe, George)
+
+- mysqli:
+ . Fixed building against an external libmysqlclient. (Adam)
+
+- mysqlnd:
+ . Added a new fetching mode to mysqlnd. (Andrey)
+
+- OpenSSL:
+ . Fix bug #66942 (memory leak in openssl_seal()). (Chuan Ma)
+ . Fix bug #66952 (memory leak in openssl_open()). (Chuan Ma)
+ . Fix bug #66840 (Fix broken build when extension built separately).
+ (Daniel Lowrey)
+
+- phpdbg:
+ . Added watchpoints (watch command). (Bob)
+ . Renamed some commands (next => continue and how to step). (Joe)
+ . Fixed issue #85 (https://github.com/krakjoe/phpdbg/issues/85)
+ (Added stdin/stdout/stderr constants and their php:// wrappers). (Bob)
+
+- PDO:
+ . Fixed bug #66604 ('pdo/php_pdo_error.h' not copied to the include dir).
+ (Matteo)
+
+- PDO-ODBC:
+ . Fixed bug #50444 (PDO-ODBC changes for 64-bit).
+
+- Phar:
+ . Fix bug #64498 ($phar->buildFromDirectory can't compress file with an accent
+ in its name). (PR #588)
+
+- SQLite:
+ . Fixed bug #66967 (Updated bundled libsqlite to 3.8.4.3). (Anatol)
+
+- Apache2 Handler SAPI:
+ . Fixed Apache log issue caused by APR's lack of support for %zu
+ (APR issue https://issues.apache.org/bugzilla/show_bug.cgi?id=56120).
+ (Jeff Trawick)
+
+10 Apr 2014, PHP 5.6.0 Beta 1
+
+- Core:
+ . Allow zero length comparison in substr_compare() (Tjerk)
+ . Fixed bug #60602 (proc_open() changes environment array) (Tjerk)
+ . Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike)
+ . Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace
+ UNIX sockets). (Mike)
+ . Fixed bug #66182 (exit in stream filter produces segfault). (Mike)
+ . Fixed bug #66736 (fpassthru broken). (Mike)
+ . Fixed bug #66822 (Cannot use T_POW in const expression) (Tjerk)
+ . Fixed bug #67043 (substr_compare broke by previous change) (Tjerk)
+
+- SPL:
+ . Added feature #65545 (SplFileObject::fread()) (Tjerk)
+ . Fixed bug #66834 (empty() does not work on classes that extend ArrayObject) (Tjerk)
+ . Fixed bug #66702 (RegexIterator::INVERT_MATCH does not invert). (Joshua
+ Thijssen)
+
+- cURL:
+ . Fixed bug #66109 (Can't reset CURLOPT_CUSTOMREQUEST to default behaviour)
+ (Tjerk)
+ . Fix compilation on libcurl versions between 7.10.5 and 7.12.2, inclusive.
+ (Adam)
+
+- Date:
+ . Added DateTimeImmutable::createFromMutable to create a DateTimeImmutable
+ object from an existing DateTime (mutable) object (Derick)
+
+- Embed:
+ . Fixed bug #65715 (php5embed.lib isn't provided anymore). (Anatol).
+
+- Fileinfo:
+ . Fixed bug #66820 (out-of-bounds memory access in fileinfo)
+ (CVE-2014-2270). (Remi)
+ . Fixed bug #66946i (fileinfo: extensive backtracking in awk rule regular
+ expression). (CVE-2013-7345) (Remi)
+ . Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian).
+ (Remi)
+
+
+- GD:
+ . Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer
+ CVE-2013-7327). (Tomas Hoger, Remi).
+ . Fixed #66869 (Invalid 2nd argument crashes imageaffinematrixget) (Pierre)
+ . Fixed bug #66887 (imagescale - poor quality of scaled image). (Remi)
+ . Fixed bug #66890 (imagescale segfault). (Remi)
+ . Fixed bug #66893 (imagescale ignore method argument). (Remi)
+
+- GMP:
+ . Fixed bug #66872 (invalid argument crashes gmp_testbit) (Pierre)
+
+- Hash:
+ . Fixed bug #66698 (Missing FNV1a32 and FNV1a64 hash functions).
+ (Michael M Slusarz).
+ . Implemented timing attack safe string comparison function
+ (RFC: https://wiki.php.net/rfc/timing_attack). (Rouven Weßling)
+ . hash_pbkdf2() now works correctly if the $length argument is not specified.
+ (Nikita)
+
+- Intl:
+ . Fixed bug #66873 (A reproductible crash in UConverter when given invalid
+ encoding) (Stas)
+
+- Mail:
+ . Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk)
+
+- Mbstring:
+ . Upgraded to oniguruma 5.9.5 (Anatol)
+
+- Mcrypt:
+ . No longer allow invalid key sizes, invalid IV sizes or missing required IV
+ in mcrypt_encrypt, mcrypt_decrypt and the deprecated mode functions.
+ (Nikita)
+ . Use /dev/urandom as the default source for mcrypt_create_iv(). (Nikita)
- MySQLi:
- . Fixed bug #66762i (Segfault in mysqli_stmt::bind_result() when link closed)
- (Remi)
+ . Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed)
+ (Remi)
+
+- OCI8
+ . Fixed Bug #66875 (Improve performance of multi-row OCI_RETURN_LOB queries)
+ (Perrier, Chris Jones)
+
+- OpenSSL:
+ . Fixed memory leak in windows cert verification on verify failure.
+ (Chris Wright)
+ . Peer certificate capturing via SSL context options now functions even if
+ peer verification fails. (Daniel Lowrey)
+ . Encrypted TLS servers now support the server name indication TLS extension
+ via the new "SNI_server_certs" SSL context option. (Daniel Lowrey)
+ . Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1). (Remi)
+
+- PCRE:
+ . Added support for (*MARK) backtracking verbs. (Nikita)
+
+- PDO_firebird:
+ . Fixed Bug #66071 (memory corruption in error handling) (Popa)
+
+- PDO_pgsql:
+ . Cleaned up code by increasing the requirements to libpq versions providing
+ PQexecParams, PQprepare, PQescapeStringConn, PQescapeByteaConn. According
+ to the release notes that means 8.0.8+ or 8.1.4+. (Matteo)
+ . Deprecated PDO::PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT, an
+ undocument constant effectively equivalent to PDO::ATTR_EMULATE_PREPARES.
+ (Matteo)
+ . Added PDO::PGSQL_ATTR_DISABLE_PREPARES constant to execute the queries
+ without preparing them, while still passing parameters separately from
+ the command text using PQexecParams. (Matteo)
+
+- Pgsql:
+ . Read-only access to the socket stream underlying database connections is
+ exposed via a new pg_socket() function to allow read/write polling when
+ establishing asynchronous connections and executing queries in non-blocking
+ applications. (Daniel Lowrey)
+ . Asynchronous connections are now possible using the PGSQL_CONNECT_ASYNC
+ flag in conjunction with a new pg_connect_poll() function and connection
+ polling status constants. (Daniel Lowrey)
+ . New pg_flush() and pg_consume_input() functions added to manually complete
+ non-blocking reads/writes to underlying connection sockets. (Daniel Lowrey)
+
+- Session
+ . Remove session_gc() and session_serializer_name() wich were introduced in the first 5.6.0 alpha.
+
+- SimpleXML:
+ . Fixed bug #66084 (simplexml_load_string() mangles empty node name)
+ (Anatol)
+
+- SQLite:
+ . Updated the bundled libsqlite to the version 3.8.3.1 (Anatol)
+
+- XSL:
+ . Fixed bug #53965 (<xsl:include> cannot find files with relative paths
+ when loaded with "file://"). (Anatol)
-|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
27 Feb 2014, PHP 5.6.0 Alpha 3
- Core
projects / php / commitdiff