From: Stanislav Malyshev Date: Fri, 16 Aug 2013 17:21:21 +0000 (-0700) Subject: Merge branch 'PHP-5.4' into PHP-5.5 X-Git-Tag: php-5.5.6RC1~26^2 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=57887979644f4c9a9de21063f30691404216f372;p=php Merge branch 'PHP-5.4' into PHP-5.5 * PHP-5.4: fix cve number --- 57887979644f4c9a9de21063f30691404216f372 diff --cc NEWS index 10d97c5f45,a63bfe6877..bc71cc645b --- a/NEWS +++ b/NEWS @@@ -23,41 -24,6 +23,41 @@@ PH (Yasuo) . Changed session.auto_start to PHP_INI_PERDIR. (Yasuo) +- Pgsql: + . Fixed bug #62978 (Disallow possible SQL injections with pg_select()/pg_update() + /pg_delete()/pg_insert()). (Yasuo) + - ?? ??? 2013, PHP 5.5.2 ++15 Aug 2013, PHP 5.5.2 + +- Core: + . Fixed bug #65372 (Segfault in gc_zval_possible_root when return reference + fails). (Laruence) + . Fixed value of FILTER_SANITIZE_FULL_SPECIAL_CHARS constant (previously was + erroneously set to FILTER_SANITIZE_SPECIAL_CHARS value). (Andrey + avp200681 gmail com). + . Fixed bug #65304 (Use of max int in array_sum). (Laruence) + . Fixed bug #65291 (get_defined_constants() causes PHP to crash in a very + limited case). (Arpad) + +- OPcache: + . Added opcache.restrict_api configuration directive that may limit + usage of OPcahce API functions only to patricular script(s). (Dmitry) + . Added support for glob symbols in blacklist entries (?, *, **). + (Terry Elison, Dmitry) + . Fixed bug #65338 (Enabling both php_opcache and php_wincache AVs on + shutdown). (Dmitry) + +- Openssl: - . Fixed handling null bytes in subjectAltName (CVE-2013-4073). ++ . Fixed handling null bytes in subjectAltName (CVE-2013-4248). + (Christian Heimes) + +- PDO_mysql: + . Fixed bug #65299 (pdo mysql parsing errors). (Johannes) + +- Phar: + . Fixed bug #65028 (Phar::buildFromDirectory creates corrupt archives for + some specific contents). (Stas) + - SOAP: . Fixed bug #65018 (SoapHeader problems with SoapServer). (Dmitry)