From: Stanislav Malyshev <stas@php.net>
Date: Wed, 30 May 2012 06:07:27 +0000 (-0700)
Subject: Merge branch 'PHP-5.3' into PHP-5.4
X-Git-Tag: php-5.4.4RC2~3
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=692b3bcd88ece3eefbc5131ecdf971ff18f191cf;p=php

Merge branch 'PHP-5.3' into PHP-5.4

* PHP-5.3:
  fix CVE-2012-2143
---

692b3bcd88ece3eefbc5131ecdf971ff18f191cf
diff --cc NEWS
index 4a7cbd4366,0297393363..898325afd1
--- a/NEWS
+++ b/NEWS
@@@ -5,59 -4,13 +5,60 @@@ PH
  - COM:
    . Fixed bug #62146 com_dotnet cannot be built shared. (Johannes)
  
 +- CLI Server:
 +  . Implemented FR #61977 (Need CLI web-server support for files with .htm & 
 +    svg extensions). (Sixd, Laruence)
 +  . Improved performance while sending error page, this also fixed
 +    bug #61785 (Memory leak when access a non-exists file without router).
 +    (Laruence)
 +  . Fixed bug #61546 (functions related to current script failed when chdir() 
 +    in cli sapi). (Laruence, reeze.xia@gmail.com)
 +
 +- CURL:
 +  . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
 +    (Laruence)
 +
  - Core:
 +  . Fixed missing bound check in iptcparse(). (chris at chiappa.net)
+   . Fixed CVE-2012-2143. (Solar Designer)
 +  . Fixed bug #62005 (unexpected behavior when incrementally assigning to a 
 +    member of a null object). (Laruence)
 +  . Fixed bug #61998 (Using traits with method aliases appears to result in
 +    crash during execution). (Dmitry)
 +  . Fixed bug #61978 (Object recursion not detected for classes that implement
 +    JsonSerializable). (Felipe)
 +  . Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy)
 +  . Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config).
 +    (Laruence)
 +  . Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy)
 +  . Fixed bug #61782 (__clone/__destruct do not match other methods when checking
 +    access controls). (Stas)
 +  . Fixed bug #61761 ('Overriding' a private static method with a different 
 +    signature causes crash). (Laruence)
 +  . Fixed bug #61730 (Segfault from array_walk modifying an array passed by
 +    reference). (Laruence)
 +  . Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown 
 +    phase). (Laruence)
 +  . Fixed bug #61660 (bin2hex(hex2bin($data)) != $data). (Nikita Popov)
 +  . Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables
 +    (without apache2)). (Laruence)
 +  . Fixed bug #61605 (header_remove() does not remove all headers). (Laruence)
 +  . Fixed bug #54547 (wrong equality of string numbers). (Gustavo)
 +  . Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename
 +    set to null). (Anatoliy)
 +  . Changed php://fd to be available only for CLI.
  
 -- Fileinfo:
 -  . Fixed magic file regex support. (Felipe)
 +- Phar:
 +  . Fix bug #61065 (Secunia SA44335, CVE-2012-2386). (Rasmus)
 +
 +- Pgsql:
 +  . Added pg_escape_identifier/pg_escape_literal. (Yasuo Ohgaki)
  
 -- FPM:
 +- Fileinfo
 +  . Fixed bug #61812 (Uninitialised value used in libmagic). 
 +    (Laruence, Gustavo)
 +
 +- FPM
    . Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat)
    . Fixed bug #61835 (php-fpm is not allowed to run as root). (fat)
    . Fixed bug #61295 (php-fpm should not fail with commented 'user'