From: Côme Chilliet <mcmic@php.net>
Date: Tue, 28 Jul 2020 08:29:14 +0000 (+0200)
Subject: Merge branch 'PHP-7.4'
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=08dcb8e604d357b02ff028ea99cfcf234a60b6ff;p=php

Merge branch 'PHP-7.4'

* PHP-7.4:
  Updated NEWS
  fix memory leaks in ext/ldap/ldap.c
  fix memory leaks in ext/ldap/ldap.c
---

08dcb8e604d357b02ff028ea99cfcf234a60b6ff
diff --cc NEWS
index 591655bd10,b6dff44c60..220f1890ac
--- a/NEWS
+++ b/NEWS
@@@ -1,178 -1,872 +1,181 @@@
  PHP                                                                        NEWS
  |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 -?? ??? 2020, PHP 7.4.10
 +?? ??? ????, PHP 8.0.0beta1
  
  - Core:
 -  . Fixed bug #79884 (PHP_CONFIG_FILE_PATH is meaningless). (cmb)
 -  . Fixed bug #77932 (File extensions are case-sensitive). (cmb)
 +  . Fixed bug #78236 (convert error on receiving variables when duplicate [).
 +    (cmb)
 +  . Fixed bug #79108 (Referencing argument in a function makes it a reference
 +    in the stack trace). (Nikita)
 +
 +- JIT:
 +  . Fixed bug #79864 (JIT segfault in Symfony OptionsResolver). (Dmitry)
  
+ - LDAP:
+   . Fixed memory leaks. (ptomulik)
+ 
 -06 Aug 2020, PHP 7.4.9
 -
 -- Apache:
 -  . Fixed bug #79030 (Upgrade apache2handler's php_apache_sapi_get_request_time
 -    to return usec). (Herbert256)
 +- OCI8:
 +  . Modernized oci_register_taf_callback() callable argument parsing
 +    implementation. (girgias)
  
 -- COM:
 -  . Fixed bug #63208 (BSTR to PHP string conversion not binary safe). (cmb)
 -  . Fixed bug #63527 (DCOM does not work with Username, Password parameter).
 -    (cmb)
 +23 Jul 2020, PHP 8.0.0alpha3
  
  - Core:
 -  . Fixed bug #79740 (serialize() and unserialize() methods can not be called
 -    statically). (Nikita)
 -  . Fixed bug #79783 (Segfault in php_str_replace_common). (Nikita)
 -  . Fixed bug #79778 (Assertion failure if dumping closure with unresolved
 -    static variable). (Nikita)
 -  . Fixed bug #79779 (Assertion failure when assigning property of string
 -    offset by reference). (Nikita)
 -  . Fixed bug #79792 (HT iterators not removed if empty array is destroyed).
 +  . Fixed bug #79790 ("Illegal offset type" exception during AST evaluation
 +    not handled properly). (Nikita)
 +  . Fixed bug #79791 (Assertion failure when unsetting variable during binary
 +    op). (Nikita)
 +  . Fixed bug #79841 (Syntax error in configure / unescaped "[]" in php.m4).
      (Nikita)
 -  . Fixed bug #78598 (Changing array during undef index RW error segfaults).
 +  . Fixed bug #79828 (Segfault when trying to access non-existing variable).
      (Nikita)
 -  . Fixed bug #79784 (Use after free if changing array during undef var during
 -    array write fetch). (Nikita)
 -  . Fixed bug #79793 (Use after free if string used in undefined index warning
 -    is changed). (Nikita)
 -  . Fixed bug #79862 (Public non-static property in child should take priority
 -    over private static). (Nikita)
 -
 -- Fileinfo:
 -  . Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)). (cmb)
 -
 -- FTP:
 -  . Fixed bug #55857 (ftp_size on large files). (cmb)
 -
 -- Mbstring:
 -  . Fixed bug #79787 (mb_strimwidth does not trim string). (XXiang)
 -
 -- OpenSSL:
 -  . Fixed bug #79881 (Memory leak in openssl_pkey_get_public()). (Nikita)
 -
 -- Reflection:
 -  . Fixed bug #79487 (::getStaticProperties() ignores property modifications).
 -    (cmb, Nikita)
 -  . Fixed bug #69804 (::getStaticPropertyValue() throws on protected props).
 -    (cmb, Nikita)
 -  . Fixed bug #79820 (Use after free when type duplicated into
 -    ReflectionProperty gets resolved). (Christopher Broadbent)
 -
 -- Standard:
 -  . Fixed bug #70362 (Can't copy() large 'data://' with open_basedir). (cmb)
 -  . Fixed bug #78008 (dns_check_record() always return true on Alpine).
 -    (Andy Postnikov)
 -  . Fixed bug #79839 (array_walk() does not respect property types). (Nikita)
 -
 -09 Jul 2020, PHP 7.4.8
 -
 -- Core:
 -  . Fixed bug #79595 (zend_init_fpu() alters FPU precision). (cmb, Nikita)
 -  . Fixed bug #79650 (php-win.exe 100% cpu lockup). (cmb)
 -  . Fixed bug #79668 (get_defined_functions(true) may miss functions). (cmb,
 -    Nikita)
 -  . Fixed bug #79683 (Fake reflection scope affects __toString()). (Nikita)
 -  . Fixed possibly unsupported timercmp() usage. (cmb)
 -
 -- Exif:
 -  . Fixed bug #79687 (Sony picture - PHP Warning - Make, Model, MakerNotes). 
 -    (cmb)
 -
 -- Fileinfo:
 -  . Fixed bug #79681 (mime_content_type/finfo returning incorrect mimetype).
 -    (cmb)
 -
 -- Filter:
 -  . Fixed bug #73527 (Invalid memory access in php_filter_strip). (cmb)
 -
 -- GD:
 -  . Fixed bug #79676 (imagescale adds black border with IMG_BICUBIC). (cmb)
 -
 -- OpenSSL:
 -  . Fixed bug #62890 (default_socket_timeout=-1 causes connection to timeout).
 -    (cmb)
 -
 -- PDO SQLite:
 -  . Fixed bug #79664 (PDOStatement::getColumnMeta fails on empty result set).
 -    (cmb)
 -
 -- phpdbg:
 -  . Fixed bug #73926 (phpdbg will not accept input on restart execution). (cmb)
 -  . Fixed bug #73927 (phpdbg fails with windows error prompt at "watch array").
 -    (cmb)
 -  . Fixed several mostly Windows related phpdbg bugs. (cmb)
 -
 -- SPL:
 -  . Fixed bug #79710 (Reproducible segfault in error_handler during GC
 -    involved an SplFileObject). (Nikita)
 +  . Fixed bug #79852 (count(DOMNodeList) doesn't match
 +    count(IteratorIterator(DOMNodeList))). (Nikita)
 +  . Fixed bug #79867 (Promoted untyped properties should get null default
 +    value). (Nikita)
  
  - Standard:
 -  . Fixed bug #74267 (segfault with streams and invalid data). (cmb)
 -  . Fixed bug #79579 (ZTS build of PHP 7.3.17 doesn't handle ERANGE for
 -    posix_getgrgid and others). (Böszörményi Zoltán)
 +  . Fixed bug #79868 (Sorting with array_unique gives unwanted result). (Nikita)
  
 -11 Jun 2020, PHP 7.4.7
 -
 -- Core:
 -  . Fixed bug #79599 (coredump in set_error_handler). (Laruence)
 -  . Fixed bug #79566 (Private SHM is not private on Windows). (cmb)
 -  . Fixed bug #79489 (.user.ini does not inherit). (cmb)
 -  . Fixed bug #79600 (Regression in 7.4.6 when yielding an array based
 -    generator). (Nikita)
 -  . Fixed bug #79657 ("yield from" hangs when invalid value encountered).
 -    (Nikita)
 +09 Jul 2020, PHP 8.0.0alpha2
  
  - FFI:
 -  . Fixed bug #79571 (FFI: var_dumping unions may segfault). (cmb)
 -
 -- GD:
 -  . Fixed bug #79615 (Wrong GIF header written in GD GIFEncode). (sageptr, cmb)
 -
 -- MySQLnd:
 -  . Fixed bug #79596 (MySQL FLOAT truncates to int some locales). (cmb)
 -
 -- Opcache:
 -  . Fixed bug #79588 (Boolean opcache settings ignore on/off values). (cmb)
 -  . Fixed bug #79548 (Preloading segfault with inherited method using static
 -    variable). (Nikita)
 -  . Fixed bug #79603 (RTD collision with opcache). (Nikita)
 -
 -- Standard:
 -  . Fixed bug #79561 (dns_get_record() fails with DNS_ALL). (cmb)
 -
 -14 May 2020, PHP 7.4.6
 -
 -- Core:
 -  . Fixed bug #79536 (zend_clear_exception prevent exception's destructor to be
 -    called). (Laruence)
 -  . Fixed bug #78434 (Generator yields no items after valid() call). (Nikita)
 -  . Fixed bug #79477 (casting object into array creates references). (Nikita)
 -  . Fixed bug #79514 (Memory leaks while including unexistent file). (cmb,
 -    Nikita)
 -
 -- DOM:
 -  . Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
 -    (cmb)
 -
 -- EXIF:
 -  . Fixed bug #79336 (ext/exif/tests/bug79046.phpt fails on Big endian arch).
 -    (Nikita)
 -
 -- FCGI:
 -  . Fixed bug #79491 (Search for .user.ini extends up to root dir). (cmb)
 +  . Fixed bug #79749 (Converting FFI instances to bool fails). (cmb)
  
 -- MBString:
 -  . Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported).
 -    (Girgias)
 -
 -- OpenSSL:
 -  . Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes
 -    with <1s timeout). (Joe Cai)
 +- JIT:
 +  . Fixed bug #79743 (Fatal error when assigning to array property
 +    with JIT enabled). (Laruence)
  
  - PCRE:
 -  . Upgraded to PCRE2 10.34. (cmb)
 -
 -- Phar:
 -  . Fixed bug #79503 (Memory leak on duplicate metadata). (cmb)
 -
 -- SimpleXML:
 -  . Fixed bug #79528 (Different object of the same xml between 7.4.5 and
 -    7.4.4). (cmb)
 -
 -- SPL:
 -  . Fixed bug #69264 (__debugInfo() ignored while extending SPL classes). (cmb)
 -  . Fixed bug #67369 (ArrayObject serialization drops the iterator class).
 -    (Alex Dowad)
 -
 -- Standard:
 -  . Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter
 -    appended). (dinosaur)
 -  . Fixed bug #79447 (Serializing uninitialized typed properties with __sleep
 -    should not throw). (nicolas-grekas)
 -
 -16 Apr 2020, PHP 7.4.5
 -
 -- Core:
 -  . Fixed bug #79364 (When copy empty array, next key is unspecified). (cmb)
 -  . Fixed bug #78210 (Invalid pointer address). (cmb, Nikita)
 -
 -- CURL:
 -  . Fixed bug #79199 (curl_copy_handle() memory leak). (cmb)
 -
 -- Date:
 -  . Fixed bug #79396 (DateTime hour incorrect during DST jump forward). (Nate
 -    Brunette)
 -  . Fixed bug #74940 (DateTimeZone loose comparison always true). (cmb)
 -
 -- FPM:
 -  . Implement request #77062 (Allow numeric [UG]ID in FPM listen.{owner,group})
 -    (Andre Nathan)
 -
 -- Iconv:
 -  . Fixed bug #79200 (Some iconv functions cut Windows-1258). (cmb)
 -
 -- OPcache:
 -  . Fixed bug #79412 (Opcache chokes and uses 100% CPU on specific script).
 -    (Dmitry)
 -
 -- Session:
 -  . Fixed bug #79413 (session_create_id() fails for active sessions). (cmb)
 -
 -- Shmop:
 -  . Fixed bug #79427 (Integer Overflow in shmop_open()). (cmb)
 -
 -- SimpleXML:
 -  . Fixed bug #61597 (SXE properties may lack attributes and content). (cmb)
 +  . Updated to PCRE2 10.35. (cmb)
  
 -- SOAP:
 -  . Fixed bug #79357 (SOAP request segfaults when any request parameter is
 -    missing). (Nikita)
 -
 -- Spl:
 -  . Fixed bug #75673 (SplStack::unserialize() behavior). (cmb)
 -  . Fixed bug #79393 (Null coalescing operator failing with SplFixedArray).
 -    (cmb)
 -
 -- Standard:
 -  . Fixed bug #79330 (shell_exec() silently truncates after a null byte). (stas)
 -  . Fixed bug #79465 (OOB Read in urldecode()). (CVE-2020-7067) (stas)
 -  . Fixed bug #79410 (system() swallows last chunk if it is exactly 4095 bytes
 -    without newline). (Christian Schneider)
 -
 -- Zip:
 -  . Fixed Bug #79296 (ZipArchive::open fails on empty file). (Remi)
 -  . Fixed bug #79424 (php_zip_glob uses gl_pathc after call to globfree).
 -    (Max Rees)
 -
 -19 Mar 2020, PHP 7.4.4
 +25 Jun 2020, PHP 8.0.0alpha1
  
  - Core:
 -  . Fixed bug #79244 (php crashes during parsing INI file). (Laruence)
 -  . Fixed bug #63206 (restore_error_handler does not restore previous errors
 -    mask). (Mark Plomer)
 -
 -- COM:
 -  . Fixed bug #66322 (COMPersistHelper::SaveToFile can save to wrong location).
 -    (cmb)
 -  . Fixed bug #79242 (COM error constants don't match com_exception codes on
 -    x86). (cmb)
 -  . Fixed bug #79247 (Garbage collecting variant objects segfaults). (cmb)
 -  . Fixed bug #79248 (Traversing empty VT_ARRAY throws com_exception). (cmb)
 -  . Fixed bug #79299 (com_print_typeinfo prints duplicate variables). (Litiano
 -    Moura)
 -  . Fixed bug #79332 (php_istreams are never freed). (cmb)
 -  . Fixed bug #79333 (com_print_typeinfo() leaks memory). (cmb)
 -
 -- CURL:
 -  . Fixed bug #79019 (Copied cURL handles upload empty file). (cmb)
 -  . Fixed bug #79013 (Content-Length missing when posting a curlFile with
 -    curl). (cmb)
 -
 -- DOM:
 -  . Fixed bug #77569: (Write Access Violation in DomImplementation). (Nikita,
 -    cmb)
 -  . Fixed bug #79271 (DOMDocumentType::$childNodes is NULL). (cmb)
 -
 -- Enchant:
 -  . Fixed bug #79311 (enchant_dict_suggest() fails on big endian architecture).
 -    (cmb)
 -
 -- EXIF:
 -  . Fixed bug #79282 (Use-of-uninitialized-value in exif). (CVE-2020-7064)
 -    (Nikita)
 -
 -- Fileinfo:
 -  . Fixed bug #79283 (Segfault in libmagic patch contains a buffer
 -    overflow). (cmb)
 -
 -- FPM:
 -  . Fixed bug #77653 (operator displayed instead of the real error message).
 -    (Jakub Zelenka)
 -  . Fixed bug #79014 (PHP-FPM & Primary script unknown). (Jakub Zelenka)
 -
 -- MBstring:
 -  . Fixed bug #79371 (mb_strtolower (UTF-32LE): stack-buffer-overflow at 
 -    php_unicode_tolower_full). (CVE-2020-7065) (cmb)
 -
 -- MySQLi:
 -  . Fixed bug #64032 (mysqli reports different client_version). (cmb)
 -
 -- MySQLnd:
 -  . Implemented FR #79275 (Support auth_plugin_caching_sha2_password on
 -    Windows). (cmb)
 -
 -- Opcache:
 -  . Fixed bug #79252 (preloading causes php-fpm to segfault during exit).
 +  . Removed the pdo_odbc.db2_instance_name php.ini directive. (Kalle)
 +  . Fixed bug #77619 (Wrong reflection on MultipleIterator::__construct).
 +    (Fabien Villepinte)
 +  . Fixed bug #65274 (Enhance undefined class constant error with class name).
      (Nikita)
 -
 -- PCRE:
 -  . Fixed bug #79188 (Memory corruption in preg_replace/preg_replace_callback
 -    and unicode). (Nikita)
 -  . Fixed bug #79241 (Segmentation fault on preg_match()). (Nikita)
 -  . Fixed bug #79257 (Duplicate named groups (?J) prefer last alternative even
 -    if not matched). (Nikita)
 -
 -- PDO_ODBC:
 -  . Fixed bug #79038 (PDOStatement::nextRowset() leaks column values). (cmb)
 -
 -- Reflection:
 -  . Fixed bug #79062 (Property with heredoc default value returns false for
 -    getDocComment). (Nikita)
 -
 -- SQLite3:
 -  . Fixed bug #79294 (::columnType() may fail after SQLite3Stmt::reset()). (cmb)
 -
 -- Standard:
 -  . Fixed bug #79329 (get_headers() silently truncates after a null byte).
 -    (CVE-2020-7066) (cmb)
 -  . Fixed bug #79254 (getenv() w/o arguments not showing changes). (cmb)
 -  . Fixed bug #79265 (Improper injection of Host header when using fopen for
 -    http requests). (Miguel Xavier Penha Neto)
 -
 -- Zip:
 -  . Fixed bug #79315 (ZipArchive::addFile doesn't honor start/length
 -    parameters). (Remi)
 -
 -20 Feb 2020, PHP 7.4.3
 -
 -- Core:
 -  . Fixed bug #79146 (cscript can fail to run on some systems). (clarodeus)
 -  . Fixed bug #79155 (Property nullability lost when using multiple property
 -    definition). (Nikita)
 -  . Fixed bug #78323 (Code 0 is returned on invalid options). (Ivan Mikheykin)
 -  . Fixed bug #78989 (Delayed variance check involving trait segfaults).
 +  . Fixed bug #49555 (Fatal error "Function must be a string" message should be
 +    renamed). (Nikita)
 +  . Fixed bug #70839 (Converting optional argument to variadic forbidden by LSP
 +    checks). (Nikita)
 +  . Fixed bug #69084 (Unclear error message when not implementing a renamed
 +    abstract trait function). (Nikita)
 +  . Fixed bug #62609 (Allow implementing Traversable on abstract classes).
      (Nikita)
 -  . Fixed bug #79174 (cookie values with spaces fail to round-trip). (cmb)
 -  . Fixed bug #76047 (Use-after-free when accessing already destructed
 -    backtrace arguments). (Nikita)
 -
 -- CURL:
 -  . Fixed bug #79078 (Hypothetical use-after-free in curl_multi_add_handle()).
 -    (cmb)
 -
 -- FFI:
 -  . Fixed bug #79096 (FFI Struct Segfault). (cmb)
 -
 -- IMAP:
 -  . Fixed bug #79112 (IMAP extension can't find OpenSSL libraries at configure
 -    time). (Nikita)
 -
 -- Intl:
 -  . Fixed bug #79212 (NumberFormatter::format() may detect wrong type). (cmb)
 -
 -- Libxml:
 -  . Fixed bug #79191 (Error in SoapClient ctor disables DOMDocument::save()).
 -    (Nikita, cmb)
 -
 -- MBString:
 -  . Fixed bug #79149 (SEGV in mb_convert_encoding with non-string encodings).
 +  . Fixed bug #79462 (method_exists and property_exists incoherent behavior).
      (cmb)
 -
 -- MySQLi:
 -  . Fixed bug #78666 (Properties may emit a warning on var_dump()). (kocsismate)
 -
 -- MySQLnd:
 -  . Fixed bug #79084 (mysqlnd may fetch wrong column indexes with MYSQLI_BOTH).
 +  . Fixed bug #79368 ("Unexpected end of file" is not an acceptable error
 +    message). (Alex Dowad)
 +  . Fixed bug #36365 (scandir duplicates file name at every 65535th file).
      (cmb)
 -  . Fixed bug #79011 (MySQL caching_sha2_password Access denied for password
 -    with more than 20 chars). (Nikita)
 -
 -- Opcache:
 -  . Fixed bug #79114 (Eval class during preload causes class to be only half
 -    available). (Laruence)
 -  . Fixed bug #79128 (Preloading segfaults if preload_user is used). (Nikita)
 -  . Fixed bug #79193 (Incorrect type inference for self::$field =& $field).
 +  . Use SSE2 instructions do locale independent strtolower. (Laruence)
 +  . Fixed bug #79521 (Check __set_state structure). (carusogabriel)
 +  . Fixed bug #79467 (data:// wrappers are writable). (cmb)
 +  . Implemented FR #47074 (phpinfo() reports "On" as 1 for the some
 +    extensions). (cmb)
 +  . Implemented FR #72089 (require() throws fatal error instead of exception).
      (Nikita)
 +  . Fixed bug #77966 (Cannot alias a method named "namespace"). (Nikita)
  
 -- OpenSSL:
 -  . Fixed bug #79145 (openssl memory leak). (cmb, Nikita)
 -
 -- Phar:
 -  . Fixed bug #79082 (Files added to tar with Phar::buildFromIterator have
 -    all-access permissions). (CVE-2020-7063) (stas)
 -  . Fixed bug #79171 (heap-buffer-overflow in phar_extract_file).
 -    (CVE-2020-7061) (cmb)
 -  . Fixed bug #76584 (PharFileInfo::decompress not working). (cmb)
 -
 -- Reflection:
 -  . Fixed bug #79115 (ReflectionClass::isCloneable call reflected class
 -    __destruct). (Nikita)
 -
 -- Session:
 -  . Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload Progress).
 -    (CVE-2020-7062) (stas)
 -
 -- Standard:
 -  . Fixed bug #78902 (Memory leak when using stream_filter_append). (liudaixiao)
 -  . Fixed bug #78969 (PASSWORD_DEFAULT should match PASSWORD_BCRYPT instead of being null). (kocsismate)
 -
 -- Testing:
 -  . Fixed bug #78090 (bug45161.phpt takes forever to finish). (cmb)
 -
 -- XSL:
 -  . Fixed bug #70078 (XSL callbacks with nodes as parameter leak memory). (cmb)
 -
 -- Zip:
 -  . Add ZipArchive::CM_LZMA2 and ZipArchive::CM_XZ constants (since libzip 1.6.0). (Remi)
 -  . Add ZipArchive::RDONLY (since libzip 1.0.0). (Remi)
 -  . Add ZipArchive::ER_* missing constants. (Remi)
 -  . Add ZipArchive::LIBZIP_VERSION constant. (Remi)
 -  . Fixed bug #73119 (Wrong return for ZipArchive::addEmptyDir Method). (Remi)
 -
 -23 Jan 2020, PHP 7.4.2
 -
 -- Core:
 -  . Preloading support on Windows has been disabled. (Nikita)
 -  . Fixed bug #79022 (class_exists returns True for classes that are not ready
 -    to be used). (Laruence)
 -  . Fixed bug #78929 (plus signs in cookie values are converted to spaces).
 -    (Alexey Kachalin)
 -  . Fixed bug #78973 (Destructor during CV freeing causes segfault if opline
 -    never saved). (Nikita)
 -  . Fixed bug #78776 (Abstract method implementation from trait does not check
 -    "static"). (Nikita)
 -  . Fixed bug #78999 (Cycle leak when using function result as temporary).
 -    (Dmitry)
 -  . Fixed bug #79008 (General performance regression with PHP 7.4 on Windows).
 -    (cmb)
 -  . Fixed bug #79002 (Serializing uninitialized typed properties with __sleep
 -    makes unserialize throw). (Nikita)
 +- BZ2:
 +  . Fixed bug #71263 (fread() does not report bzip2.decompress errors). (cmb)
  
  - CURL:
 -  . Fixed bug #79033 (Curl timeout error with specific url and post). (cmb)
 -  . Fixed bug #79063 (curl openssl does not respect PKG_CONFIG_PATH). (Nikita)
 +  . Bumped required libcurl version to 7.29.0. (cmb)
  
  - Date:
 -  . Fixed bug #79015 (undefined-behavior in php_date.c). (cmb)
 -
 -- DBA:
 -  . Fixed bug #78808 ([LMDB] MDB_MAP_FULL: Environment mapsize limit reached).
 -    (cmb)
 -
 -- Exif:
 -  . Fixed bug #79046 (NaN to int cast undefined behavior in exif). (Nikita)
 -
 -- Fileinfo:
 -  . Fixed bug #74170 (locale information change after mime_content_type).
 -    (Sergei Turchanov)
 -
 -- GD:
 -  . Fixed bug #79067 (gdTransformAffineCopy() may use unitialized values). (cmb)
 -  . Fixed bug #79068 (gdTransformAffineCopy() changes interpolation method).
 -    (cmb)
 -
 -- Libxml:
 -  . Fixed bug #79029 (Use After Free's in XMLReader / XMLWriter). (Laruence)
 -
 -- OPcache:
 -  . Fixed bug #78961 (erroneous optimization of re-assigned $GLOBALS). (Dmitry)
 -  . Fixed bug #78950 (Preloading trait method with static variables). (Nikita)
 -  . Fixed bug #78903 (Conflict in RTD key for closures results in crash).
 -    (Nikita)
 -  . Fixed bug #78986 (Opcache segfaults when inheriting ctor from immutable
 -    into mutable class). (Nikita)
 -  . Fixed bug #79040 (Warning Opcode handlers are unusable due to ASLR). (cmb)
 -  . Fixed bug #79055 (Typed property become unknown with OPcache file cache).
 -    (Nikita)
 -
 -- Pcntl:
 -  . Fixed bug #78402 (Converting null to string in error message is bad DX).
 -    (SATŌ Kentarō)
 -
 -- PDO_PgSQL:
 -  . Fixed bug #78983 (pdo_pgsql config.w32 cannot find libpq-fe.h). (SATŌ
 -    Kentarō)
 -  . Fixed bug #78980 (pgsqlGetNotify() overlooks dead connection). (SATŌ
 -    Kentarō)
 -  . Fixed bug #78982 (pdo_pgsql returns dead persistent connection). (SATŌ
 -    Kentarō)
 -
 -- Session:
 -  . Fixed bug #79031 (Session unserialization problem). (Nikita)
 -
 -- Shmop:
 -  . Fixed bug #78538 (shmop memory leak). (cmb)
 -
 -- Sqlite3:
 -  . Fixed bug #79056 (sqlite does not respect PKG_CONFIG_PATH during
 -    compilation). (Nikita)
 -
 -- Spl:
 -  . Fixed bug #78976 (SplFileObject::fputcsv returns -1 on failure). (cmb)
 -
 -- Standard:
 -  . Fixed bug #79000 (Non-blocking socket stream reports EAGAIN as error).
 -    (Nikita)
 -  . Fixed bug #54298 (Using empty additional_headers adding extraneous CRLF).
 -    (cmb)
 -
 -18 Dec 2019, PHP 7.4.1
 -
 -- Core:
 -  . Fixed bug #78810 (RW fetches do not throw "uninitialized property"
 -    exception). (Nikita)
 -  . Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value).
 -    (Antony Dovgal, Dmitry)
 -  . Fixed bug #78296 (is_file fails to detect file). (cmb)
 -  . Fixed bug #78883 (fgets(STDIN) fails on Windows). (cmb)
 -  . Fixed bug #78898 (call_user_func(['parent', ...]) fails while other
 -    succeed). (Nikita)
 -  . Fixed bug #78904 (Uninitialized property triggers __get()). (Nikita)
 -  . Fixed bug #78926 (Segmentation fault on Symfony cache:clear). (Nikita)
 -
 -- GD:
 -  . Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW). (cmb)
 -  . Fixed bug #78923 (Artifacts when convoluting image with transparency).
 -    (wilson chen)
 -
 -- FPM:
 -  . Fixed bug #76601 (Partially working php-fpm ater incomplete reload).
 -    (Maksim Nikulin)
 -  . Fixed bug #78889 (php-fpm service fails to start). (Jakub Zelenka)
 -  . Fixed bug #78916 (php-fpm 7.4.0 don't send mail via mail()).
 -    (Jakub Zelenka)
 -
 -- Intl:
 -  . Implemented FR #78912 (INTL Support for accounting format). (cmb)
 -
 -- Mysqlnd:
 -  . Fixed bug #78823 (ZLIB_LIBS not added to EXTRA_LIBS). (Arjen de Korte)
 -
 -- OPcache:
 -  . Fixed $x = (bool)$x; with opcache (should emit undeclared variable notice).
 -    (Tyson Andre)
 -  . Fixed bug #78935 (Preloading removes classes that have dependencies).
 -    (Nikita, Dmitry)
 -
 -- PCRE:
 -  . Fixed bug #78853 (preg_match() may return integer > 1). (cmb)
 -
 -- Reflection:
 -  . Fixed bug #78895 (Reflection detects abstract non-static class as abstract
 -    static. IS_IMPLICIT_ABSTRACT is not longer used). (Dmitry)
 -
 -- Standard:
 -  . Fixed bug #77638 (var_export'ing certain class instances segfaults). (cmb)
 -  . Fixed bug #78840 (imploding $GLOBALS crashes). (cmb)
 -  . Fixed bug #78833 (Integer overflow in pack causes out-of-bound access).
 -    (cmb)
 -  . Fixed bug #78814 (strip_tags allows / in tag name => whitelist bypass).
 +  . Fixed bug #65547 (Default value for sunrise/sunset zenith still wrong).
      (cmb)
 +  . Fixed bug #69044 (discrepancy between time and microtime). (krakjoe)
  
 -28 Nov 2019, PHP 7.4.0
 -
 -- Core:
 -  . Implemented RFC: Deprecate curly brace syntax for accessing array elements
 -    and string offsets.
 -    https://wiki.php.net/rfc/deprecate_curly_braces_array_access (Andrey Gromov)
 -  . Implemented RFC: Deprecations for PHP 7.4.
 -    https://wiki.php.net/rfc/deprecations_php_7_4 (Kalle, Nikita)
 -  . Fixed bug #52752 (Crash when lexing). (Nikita)
 -  . Fixed bug #60677 (CGI doesn't properly validate shebang line contains #!).
 -    (Nikita)
 -  . Fixed bug #71030 (Self-assignment in list() may have inconsistent behavior).
 -    (Nikita)
 -  . Fixed bug #72530 (Use After Free in GC with Certain Destructors). (Nikita)
 -  . Fixed bug #75921 (Inconsistent: No warning in some cases when stdObj is
 -    created on the fly). (David Walker)
 -  . Implemented FR #76148 (Add array_key_exists() to the list of specially
 -    compiled functions). (Majkl578)
 -  . Fixed bug #76430 (__METHOD__ inconsistent outside of method).
 -    (Ryan McCullagh, Nikita)
 -  . Fixed bug #76451 (Aliases during inheritance type checks affected by
 -    opcache). (Nikita)
 -  . Implemented FR #77230 (Support custom CFLAGS and LDFLAGS from environment).
 -    (cmb)
 -  . Fixed bug #77345 (Stack Overflow caused by circular reference in garbage
 -    collection). (Alexandru Patranescu, Nikita, Dmitry)
 -  . Fixed bug #77812 (Interactive mode does not support PHP 7.3-style heredoc).
 -    (cmb, Nikita)
 -  . Fixed bug #77877 (call_user_func() passes $this to static methods).
 -    (Dmitry)
 -  . Fixed bug #78066 (PHP eats the first byte of a program that comes from
 -    process substitution). (Nikita)
 -  . Fixed bug #78151 (Segfault caused by indirect expressions in PHP 7.4a1).
 -    (Nikita)
 -  . Fixed bug #78154 (SEND_VAR_NO_REF does not always send reference). (Nikita)
 -  . Fixed bug #78182 (Segmentation fault during by-reference property
 -    assignment). (Nikita)
 -  . Fixed bug #78212 (Segfault in built-in webserver). (cmb)
 -  . Fixed bug #78220 (Can't access OneDrive folder). (cmb, ab)
 -  . Fixed bug #78226 (Unexpected __set behavior with typed properties). (Nikita)
 -  . Fixed bug #78239 (Deprecation notice during string conversion converted to
 -    exception hangs). (Nikita)
 -  . Fixed bug #78335 (Static properties/variables containing cycles report as
 -    leak). (Nikita)
 -  . Fixed bug #78340 (Include of stream wrapper not reading whole file).
 -    (Nikita)
 -  . Fixed bug #78344 (Segmentation fault on zend_check_protected). (Nikita)
 -  . Fixed bug #78356 (Array returned from ArrayAccess is incorrectly unpacked
 -    as argument). (Nikita)
 -  . Fixed bug #78379 (Cast to object confuses GC, causes crash). (Dmitry)
 -  . Fixed bug #78386 (fstat mode has unexpected value on PHP 7.4). (cmb)
 -  . Fixed bug #78396 (Second file_put_contents in Shutdown hangs script).
 -    (Nikita)
 -  . Fixed bug #78406 (Broken file includes with user-defined stream filters).
 -    (Nikita)
 -  . Fixed bug #78438 (Corruption when __unserializing deeply nested structures).
 -    (cmb, Nikita)
 -  . Fixed bug #78441 (Parse error due to heredoc identifier followed by digit).
 -    (cmb)
 -  . Fixed bug #78454 (Consecutive numeric separators cause OOM error).
 -    (Theodore Brown)
 -  . Fixed bug #78460 (PEAR installation failure). (Peter Kokot, L. Declercq)
 -  . Fixed bug #78531 (Crash when using undefined variable as object). (Dmitry)
 -  . Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
 -    (bugreportuser)
 -  . Fixed bug #78604 (token_get_all() does not properly tokenize FOO<?php with
 -    short_open_tag=0). (Nikita)
 -  . Fixed bug #78614 (Does not compile with DTRACE anymore).
 -    (tz at FreeBSD dot org)
 -  . Fixed bug #78620 (Out of memory error). (cmb, Nikita)
 -  . Fixed bug #78632 (method_exists() in php74 works differently from php73 in
 -    checking priv. methods). (Nikita)
 -  . Fixed bug #78644 (SEGFAULT in ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER).
 -    (Nikita)
 -  . Fixed bug #78658 (Memory corruption using Closure::bindTo). (Nikita)
 -  . Fixed bug #78656 (Parse errors classified as highest log-level). (Erik
 -    Lundin)
 -  . Fixed bug #78662 (stream_write bad error detection). (Remi)
 -  . Fixed bug #78768 (redefinition of typedef zend_property_info). (Nikita)
 -  . Fixed bug #78788 (./configure generates invalid php_version.h). (max)
 -  . Fixed incorrect usage of QM_ASSIGN instruction. It must not return IS_VAR.
 -    As a side effect, this allowed passing left hand list() "by reference",
 -    instead of compile-time error. (Dmitry)
 -
 -- CLI:
 -  . The built-in CLI server now reports the request method in log files.
 -    (Simon Welsh)
 -
 -- COM:
 -  . Deprecated registering of case-insensitive constants from typelibs. (cmb)
 -  . Fixed bug #78650 (new COM Crash). (cmb)
 -  . Fixed bug #78694 (Appending to a variant array causes segfault). (cmb)
 -
 -- CURL:
 -  . Fixed bug #76480 (Use curl_multi_wait() so that timeouts are respected).
 -    (Pierrick)
 -  . Implemented FR #77711 (CURLFile should support UNICODE filenames). (cmb)
 -  . Deprecated CURLPIPE_HTTP1. (cmb)
 -  . Deprecated $version parameter of curl_version(). (cmb)
 -
 -- Date:
 -  . Updated timelib to 2018.02. (Derick)
 -  . Fixed bug #69044 (discrepency between time and microtime). (krakjoe)
 -  . Fixed bug #70153 (\DateInterval incorrectly unserialized). (Maksim Iakunin)
 -  . Fixed bug #75232 (print_r of DateTime creating side-effect). (Nikita)
 -  . Fixed bug #78383 (Casting a DateTime to array no longer returns its
 -    properties). (Nikita)
 -  . Fixed bug #78751 (Serialising DatePeriod converts DateTimeImmutable). (cmb)
 -
 -- Exif:
 -  . Fixed bug #78333 (Exif crash (bus error) due to wrong alignment and
 -    invalid cast). (Nikita)
 -  . Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment).
 -    (CVE-2019-11042) (Stas)
 -  . Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail).
 -    (CVE-2019-11041) (Stas)
 -
 -- Fileinfo:
 -  . Fixed bug #78075 (finfo_file treats JSON file as text/plain). (Anatol)
 -  . Fixed bug #78183 (finfo_file shows wrong mime-type for .tga file).
 -   (Anatol)
 -
 -- Filter:
 -  . The filter extension no longer has the --with-pcre-dir on Unix builds,
 -    allowing the extension to be once more compiled as shared using
 -    ./configure. (Kalle)
 +- DOM:
 +  . Add property DOMXPath::$registerNodeNamespaces and constructor argument
 +    that allow global flag to configure query() or evaluate() calls.
  
 -- FFI:
 -  . Added FFI extension. (Dmitry)
 -  . Fixed bug #78488 (OOB in ZEND_FUNCTION(ffi_trampoline)). (Dmitry)
 -  . Fixed bug #78543 (is_callable() on FFI\CData throws Exception). (cmb)
 -  . Fixed bug #78716 (Function name mangling is wrong for some parameter
 -    types). (cmb)
 -  . Fixed bug #78762 (Failing FFI::cast() may leak memory). (cmb)
 -  . Fixed bug #78761 (Zend memory heap corruption with preload and casting).
 -    (cmb)
 -  . Implement FR #78270 (Support __vectorcall convention with FFI). (cmb)
 -  . Added missing FFI::isNull(). (Philip Hofstetter)
 +- Enchant:
 +  . Add LIBENCHANT_VERSION macro
 +  . Deprecate enchant_broker_set_dict_path, enchant_broker_get_dict_path
 +    enchant_dict_add_to_personal and enchant_dict_is_in_session
 +  . Add enchant_dict_add and enchant_dict_is_added functions
 +  . Use libenchant-2 when available
  
  - FPM:
 -  . Implemented FR #72510 (systemd service should be hardened). (Craig Andrews)
 -  . Fixed bug #74083 (master PHP-fpm is stopped on multiple reloads).
 -    (Maksim Nikulin)
 -  . Fixed bug #78334 (fpm log prefix message includes wrong stdout/stderr
 -    notation). (Tsuyoshi Sadakata)
 -  . Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to RCE).
 -    (CVE-2019-11043) (Jakub Zelenka)
 +  . Fixed bug #64865 (Search for .user.ini files from script dir up to
 +    CONTEXT_DOCUMENT_ROOT). (Will Bender)
  
  - GD:
 -  . Implemented the scatter filter (IMG_FILTER_SCATTER). (Kalle)
 -  . The bundled libgd behaves now like system libgd wrt. IMG_CROP_DEFAULT never
 -    falling back to IMG_CROP_SIDES.
 -  . The default $mode parameter of imagecropauto() has been changed to
 -    IMG_CROP_DEFAULT; passing -1 is now deprecated.
 -  . Added support for aspect ratio preserving scaling to a fixed height for
 -    imagescale(). (Andreas Treichel)
 -  . Added TGA read support. (cmb)
 -  . Fixed bug #73291 (imagecropauto() $threshold differs from external libgd).
 -    (cmb)
 -  . Fixed bug #76324 (cannot detect recent versions of freetype with
 -    pkg-config). (Eli Schwartz)
 -  . Fixed bug #78314 (missing freetype support/functions with external gd).
 -    (Remi)
 -
 -- GMP:
 -  . Fixed bug #78574 (broken shared build). (Remi)
 -
 -- Hash:
 -  . The hash extension is now an integral part of PHP and cannot be disabled
 -    as per RFC: https://wiki.php.net/rfc/permanent_hash_ext. (Kalle)
 -  . Implemented FR #71890 (crc32c checksum algorithm). (Andrew Brampton)
 +  . Fixed bug #55005 (imagepolygon num_points requirement). (cmb)
 +  . Replaced gd resources with objects. (Mark Randall)
 +  . Made the $num_points parameter of php_imagepolygon optional. (cmb)
 +  . Removed deprecated image2wbmp(). (cmb)
 +  . Removed deprecated png2wbmp() and jpeg2wbmp(). (cmb)
 +  . Added imagegetinterpolation(). (cmb)
  
  - Iconv:
 -  . Fixed bug #78342 (Bus error in configure test for iconv //IGNORE). (Rainer
 -    Jung)
 -  . Fixed bug #78642 (Wrong libiconv version displayed). (gedas at martynas,
 -    cmb).
 +  . Dropped support for iconv without proper errno setting. (cmb)
  
 -- Libxml:
 -  . Fixed bug #78279 (libxml_disable_entity_loader settings is shared between
 -    requests (cgi-fcgi)). (Nikita)
 +- Intl:
 +  . Removed deprecated INTL_IDNA_VARIANT_2003. (cmb)
  
 -- InterBase:
 -  . Unbundled the InterBase extension and moved it to PECL. (Kalle)
 +- JIT:
 +  . Fixed bug #79582 (Crash seen when opcache.jit=1235 and
 +    opcache.jit_debug=2). (Laruence)
 +  . Fixed bug #77857 (Wrong result if executed with JIT). (Laruence)
 +  . Fixed bug #79255 (PHP cannot be compiled with enable JIT).
 +    (Laruence, Dmitry)
  
 -- Intl:
 -  . Raised requirements to ICU ≥ 50.1. (cmb)
 -  . Changed ResourceBundle to implement Countable. (LeSuisse)
 -  . Changed default of $variant parameter of idn_to_ascii() and idn_to_utf8().
 -    (cmb)
 +- JSON:
 +  . The JSON extension is now an integral part of PHP and cannot be disabled
 +    as per RFC: https://wiki.php.net/rfc/always_enable_json (tandre)
  
  - LDAP:
 -  . Deprecated ldap_control_paged_result_response and ldap_control_paged_result
 -
 -- LiteSpeed:
 -  . Updated to LiteSpeed SAPI V7.5 (Fixed clean shutdown). (George Wang)
 -  . Updated to LiteSpeed SAPI V7.4.3 (increased response header count limit from
 -    100 to 1000, added crash handler to cleanly shutdown PHP request, added
 -    CloudLinux mod_lsapi mode). (George Wang)
 -  . Fixed bug #76058 (After "POST data can't be buffered", using php://input
 -    makes huge tmp files). (George Wang)
 +  . Removed deprecated ldap_sort. (mcmic)
  
  - MBString:
 -  . Fixed bug #77907 (mb-functions do not respect default_encoding). (Nikita)
 -  . Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
 -    (cmb)
 -  . Fixed bug #78609 (mb_check_encoding() no longer supports stringable
 -    objects). (cmb)
 +  . Fixed bug #76999 (mb_regex_set_options() return current options). (cmb)
 +  . Removed the unused $is_hex parameter from mb_decode_numericentity(). (cmb)
  
  - MySQLi:
 -  . Fixed bug #67348 (Reading $dbc->stat modifies $dbc->affected_rows).
 -    (Derick)
    . Fixed bug #76809 (SSL settings aren't respected when persistent connections
      are used). (fabiomsouto)
 -  . Fixed bug #78179 (MariaDB server version incorrectly detected). (cmb)
 -  . Fixed bug #78213 (Empty row pocket). (cmb)
  
 -- MySQLnd:
 -  . Fixed connect_attr issues and added the _server_host connection attribute.
 -    (Qianqian Bu)
 -  . Fixed bug #60594 (mysqlnd exposes 160 lines of stats in phpinfo). (PeeHaa)
 +- mysqlnd:
 +  . Fixed #60594 (mysqlnd exposes 160 lines of stats in phpinfo). (PeeHaa)
  
 -- ODBC:
 -  . Fixed bug #78473 (odbc_close() closes arbitrary resources). (cmb)
 +- OCI8:
 +  . Deprecated old OCI8 function aliases. (Jens de Nies)
 +  . Removed obsolete no-op function oci_internal_debug(). (Jens de Nies)
  
 -- Opcache:
 -  . Implemented preloading RFC: https://wiki.php.net/rfc/preload. (Dmitry)
 -  . Add opcache.preload_user INI directive. (Dmitry)
 -  . Added new INI directive opcache.cache_id (Windows only). (cmb)
 -  . Fixed bug #78106 (Path resolution fails if opcache disabled during request).
 -    (Nikita)
 -  . Fixed bug #78175 (Preloading segfaults at preload time and at runtime).
 -    (Dmitry)
 -  . Fixed bug #78202 (Opcache stats for cache hits are capped at 32bit NUM).
 -    (cmb)
 -  . Fixed bug #78271 (Invalid result of if-else). (Nikita)
 -  . Fixed bug #78341 (Failure to detect smart branch in DFA pass). (Nikita)
 -  . Fixed bug #78376 (Incorrect preloading of constant static properties).
 -    (Dmitry)
 -  . Fixed bug #78429 (opcache_compile_file(__FILE__); segfaults). (cmb)
 -  . Fixed bug #78512 (Cannot make preload work). (Dmitry)
 -  . Fixed bug #78514 (Preloading segfaults with inherited typed property).
 -    (Nikita)
 +- OpCache:
    . Fixed bug #78654 (Incorrectly computed opcache checksum on files with
      non-ascii characters). (mhagstrand)
 +  . Fixed bug #76535 (Opcache does not replay compile-time warnings). (Nikita)
 +  . Fixed bug #79665 (ini_get() and opcache_get_configuration() inconsistency).
 +    (cmb)
  
  - OpenSSL:
 -  . Added TLS 1.3 support to streams including new tlsv1.3 stream.
 -    (Codarren Velvindron, Jakub Zelenka)
 -  . Added openssl_x509_verify function. (Ben Scholzen)
 -  . openssl_random_pseudo_bytes() now throws in error conditions.
 -    (Sammy Kaye Powers)
 -  . Changed the default config path (Windows only). (cmb)
 -  . Fixed bug #78231 (Segmentation fault upon stream_socket_accept of exported
 -    socket-to-stream). (Nikita)
 -  . Fixed bug #78391 (Assertion failure in openssl_random_pseudo_bytes).
 -    (Nikita)
 -  . Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted
 -    connections). (Nikita)
 -
 -- Pcntl:
 -  . Fixed bug #77335 (PHP is preventing SIGALRM from specifying SA_RESTART).
 -    (Nikita)
 +  . Added Cryptographic Message Syntax (CMS) support. (Eliot Lear)
  
  - PCRE:
 -  . Implemented FR #77094 (Support flags in preg_replace_callback). (Nikita)
 -  . Fixed bug #72685 (Repeated UTF-8 validation of same string in UTF-8 mode).
 -    (Nikita)
 -  . Fixed bug #73948 (Preg_match_all should return NULLs on trailing optional
 -    capture groups).
 -  . Fixed bug #78338 (Array cross-border reading in PCRE). (cmb)
 -  . Fixed bug #78349 (Bundled pcre2 library missing LICENCE file). (Peter Kokot)
 +  . Don't ignore invalid escape sequences. (sjon)
 +
 +- PGSQL:
 +  . Bumped required libpq version to 9.1. (cmb)
  
  - PDO:
 -  . Implemented FR #71885 (Allow escaping question mark placeholders).
 -    https://wiki.php.net/rfc/pdo_escape_placeholders (Matteo)
 +  . Changed default PDO error mode to exceptions. (AllenJB)
    . Fixed bug #77849 (Disable cloning of PDO handle/connection objects).
      (camporter)
 -  . Implemented FR #78033 (PDO - support username & password specified in
 -    DSN). (sjon)
 -
 -- PDO_Firebird:
 -  . Implemented FR #65690 (PDO_Firebird should also support dialect 1).
 -    (Simonov Denis)
 -  . Implemented FR #77863 (PDO firebird support type Boolean in input
 -    parameters). (Simonov Denis)
 -
 -- PDO_MySQL:
 -  . Fixed bug #41997 (SP call yields additional empty result set). (cmb)
 -  . Fixed bug #78623 (Regression caused by "SP call yields additional empty
 -    result set"). (cmb)
  
  - PDO_OCI:
 -  . Support Oracle Database tracing attributes ACTION, MODULE,
 -    CLIENT_INFO, and CLIENT_IDENTIFIER. (Cameron Porter)
 -  . Implemented FR #76908 (PDO_OCI getColumnMeta() not implemented).
 -    (Valentin Collet, Chris Jones, Remi)
 -
 -- PDO_SQLite:
 -  . Implemented sqlite_stmt_readonly in PDO_SQLite. (BohwaZ)
 -  . Raised requirements to SQLite 3.5.0. (cmb)
 -  . Fixed bug #78192 (SegFault when reuse statement after schema has changed).
 -    (Vincent Quatrevieux)
 -  . Fixed bug #78348 (Remove -lrt from pdo_sqlite.so). (Peter Kokot)
 +  . Added support for setting and getting the oracle OCI 18c call timeout.
 +    (camporter)
  
 -- Phar:
 -  . Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN). (cmb)
 +- PDO_PGSQL:
 +  . Bumped required libpq version to 9.1. (cmb)
  
  - phpdbg:
    . Fixed bug #76596 (phpdbg support for display_errors=stderr). (kabel)
diff --cc ext/ldap/ldap.c
index a7e6abacfb,72a39bd93d..2983b857b6
--- a/ext/ldap/ldap.c
+++ b/ext/ldap/ldap.c
@@@ -4190,20 -4263,18 +4178,18 @@@ PHP_FUNCTION(ldap_exop
  PHP_FUNCTION(ldap_exop_passwd)
  {
  	zval *link, *serverctrls;
- 	struct berval luser, loldpw, lnewpw, lgenpasswd;
- 	LDAPControl **lserverctrls = NULL, **requestctrls = NULL;
- 	LDAPControl *ctrl, **ctrlp;
- 	LDAPMessage* ldap_res;
+ 	struct berval luser = { 0L, NULL };
+ 	struct berval loldpw = { 0L, NULL };
+ 	struct berval lnewpw = { 0L, NULL };
+ 	struct berval lgenpasswd = { 0L, NULL };
+ 	LDAPControl *ctrl, **lserverctrls = NULL, *requestctrls[2] = { NULL, NULL };
+ 	LDAPMessage* ldap_res = NULL;
  	ldap_linkdata *ld;
  	int rc, myargcount = ZEND_NUM_ARGS(), msgid, err;
- 	char* errmsg;
- 
- 	luser.bv_len = 0;
- 	loldpw.bv_len = 0;
- 	lnewpw.bv_len = 0;
+ 	char* errmsg = NULL;
  
  	if (zend_parse_parameters(myargcount, "r|sssz/", &link, &luser.bv_val, &luser.bv_len, &loldpw.bv_val, &loldpw.bv_len, &lnewpw.bv_val, &lnewpw.bv_len, &serverctrls) == FAILURE) {
 -		return;
 +		RETURN_THROWS();
  	}
  
  	if ((ld = (ldap_linkdata *)zend_fetch_resource(Z_RES_P(link), "ldap link", le_link)) == NULL) {