From: Stanislav Malyshev Date: Tue, 10 Dec 2013 19:33:40 +0000 (-0800) Subject: Merge branch 'PHP-5.3' into PHP-5.4 X-Git-Tag: POST_64BIT_BRANCH_MERGE^2~109^2~18^2~335^2~1^2^2^2~1 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=71daf3229b5707a3553dc7d1971e8a0e77cd9dfb;p=php Merge branch 'PHP-5.3' into PHP-5.4 * PHP-5.3: 5.3.29-dev Fix CVE-2013-6420 - memory corruption in openssl_x509_parse Conflicts: configure.in main/php_version.h --- 71daf3229b5707a3553dc7d1971e8a0e77cd9dfb diff --cc NEWS index ebdf31514e,72c0939925..cc85e90e33 --- a/NEWS +++ b/NEWS @@@ -1,319 -1,22 +1,323 @@@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? 201?, PHP 5.3.29 +?? ??? 2013, PHP 5.4.24 -12 Dec 2013, PHP 5.3.28 +- Core: + . Added validation of class names in the autoload process. (Dmitry) + . Fixed invalid C code in zend_strtod.c. (Lior Kaplan) + . Fixed bug #61645 (fopen and O_NONBLOCK). (Mike) + +- Date: + . Fixed bug #66060 (Heap buffer over-read in DateInterval). (Remi) + . Fixed bug #63391 (Incorrect/inconsistent day of week prior to the year + 1600). (Derick, T. Carter) + . Fixed bug #61599 (Wrong Day of Week). (Derick, T. Carter) + +- DOM: + . Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML() + Produces invalid Markup). (Mike) + +- Filter: + . Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer). (Adam) + +- XSL + . Fixed bug #49634 (Segfault throwing an exception in a XSL registered + function). (Mike) + - ?? ??? 2013, PHP 5.4.23 ++12 Dec 2013, PHP 5.4.23 + +- Core: + . Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a + string). (Laruence) + . Fixed bug #65969 (Chain assignment with T_LIST failure). (Dmitry) + . Fixed bug #65947 (basename is no more working after fgetcsv in certain + situation). (Laruence) + +- JSON + . Fixed whitespace part of bug #64874 ("json_decode handles whitespace and + case-sensitivity incorrectly"). (Andrea Faulds) + +- MySQLi: + . Fixed bug #66043 (Segfault calling bind_param() on mysqli). (Laruence) + +- mysqlnd: + . Fixed bug #66124 (mysqli under mysqlnd loses precision when bind_param + with 'i'). (Andrey) + . Fixed bug #66141 (mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES + after failed query). (Andrey) + - Openssl: - . Fixed handling null bytes in subjectAltName (CVE-2013-4073). - (Christian Heimes) + . Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). + (Stefan Esser). + -11 Jul 2013, PHP 5.3.27 +- PDO + . Fixed bug 65946 (sql_parser permanently converts values bound to strings) + +14 Nov 2013, PHP 5.4.22 + +- Core: + . Fixed bug #65911 (scope resolution operator - strange behavior with $this). + (Bob Weinand) + +- CLI server: + . Fixed bug #65818 (Segfault with built-in webserver and chunked transfer + encoding). (Felipe) + +- Exif: + . Fixed crash on unknown encoding. (Draal) + +- FTP: + . Fixed bug #65667 (ftp_nb_continue produces segfault). (Philip Hofstetter) + +- ODBC: + . Fixed bug #65950 (Field name truncation if the field name is bigger than + 32 characters). (patch submitted by: michael dot y at zend dot com, Yasuo) + +- PDO: + . Fixed bug #66033 (Segmentation Fault when constructor of PDO statement + throws an exception). (Laruence) + +- Sockets: + . Fixed bug #65808 (the socket_connect() won't work with IPv6 address). + (Mike) + +- Standard: + . Fixed bug #64760 (var_export() does not use full precision for floating-point + numbers) (Yasuo) + +- XMLReader: + . Fixed bug #51936 (Crash with clone XMLReader). (Mike) + . Fixed bug #64230 (XMLReader does not suppress errors). (Mike) + + +17 Oct 2013, PHP 5.4.21 + +- Core: + . Fixed bug #65322 (compile time errors won't trigger auto loading). (Nikita) + +- CLI server: + . Fixed bug #65633 (built-in server treat some http headers as + case-sensitive). (Adam) + +- Datetime: + . Fixed bug #64157 (DateTime::createFromFormat() reports confusing error + message). (Boro Sitnikovski) + +- DBA extension: + . Fixed bug #65708 (dba functions cast $key param to string in-place, + bypassing copy on write). (Adam) + +- Filter: + . Add RFC 6598 IPs to reserved addresses. (Sebastian Nohn) + . Fixed bug #64441 (FILTER_VALIDATE_URL rejects fully qualified domain names). + (Syra) + +- IMAP: + . Fixed bug #65721 (configure script broken in 5.5.4 and 5.4.20 when enabling + imap). (ryotakatsuki at gmail dot com) + +- Standard: + . Fixed bug #61548 (content-type must appear at the end of headers for 201 + Location to work in http). (Mike) + +- Build system: + . Fixed bug #62396 ('make test' crashes starting with 5.3.14 (missing + gzencode())). (Mike) + + +19 Sep 2013, PHP 5.4.20 + +- Core: + . Fixed bug #60598 (cli/apache sapi segfault on objects manipulation). + (Laruence) + . Fixed bug #65579 (Using traits with get_class_methods causes segfault). + (Adam) + . Fixed bug #65490 (Duplicate calls to get lineno & filename for + DTRACE_FUNCTION_*). (Chris Jones) + . Fixed bug #65483 (quoted-printable encode stream filter incorrectly encoding + spaces). (Michael M Slusarz) + . Fixed bug #65481 (shutdown segfault due to serialize) (Mike) + . Fixed bug #65470 (Segmentation fault in zend_error() with + --enable-dtrace). (Chris Jones, Kris Van Hees) + . Fixed bug #65372 (Segfault in gc_zval_possible_root when return reference + fails). (Laruence) + . Fixed bug #65304 (Use of max int in array_sum). (Laruence) + . Fixed bug #65291 (get_defined_constants() causes PHP to crash in a very + limited case). (Arpad) + . Fixed bug #65225 (PHP_BINARY incorrectly set). (Patrick Allaert) + . Improved fix for bug #63186 (compile failure on netbsd). (Matteo) + . Fixed bug #62692 (PHP fails to build with DTrace). (Chris Jones, Kris Van Hees) + . Fixed bug #61759 (class_alias() should accept classes with leading + backslashes). (Julien) + . Fixed bug #61345 (CGI mode - make install don't work). (Michael Heimpold) + . Cherry-picked some DTrace build commits (allowing builds on Linux, + bug #62691, and bug #63706) from PHP 5.5 branch + . Fixed bug #61268 (--enable-dtrace leads make to clobber + Zend/zend_dtrace.d) (Chris Jones) + +- cURL: + . Fixed bug #65458 (curl memory leak). (Adam) + +- Datetime: + . Fixed bug #65554 (createFromFormat broken when weekday name is followed + by some delimiters). (Valentin Logvinskiy, Stas). + . Fixed bug #65564 (stack-buffer-overflow in DateTimeZone stuff caught + by AddressSanitizer). (Remi). + +- Openssl: + . Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in + some cases). (Mark Jones) + +- Session: + . Fixed bug #62129 (rfc1867 crashes php even though turned off). (gxd305 at + gmail dot com) + . Fixed bug #50308 (session id not appended properly for empty anchor tags). + (Arpad) + . Fixed possible buffer overflow under Windows. Note: Not a security fix. + (Yasuo) + . Changed session.auto_start to PHP_INI_PERDIR. (Yasuo) + +- SOAP: + . Fixed bug #65018 (SoapHeader problems with SoapServer). (Dmitry) + +- SPL: + . Fixed bug #65328 (Segfault when getting SplStack object Value). (Laruence) + +- PDO: + . Fixed bug #64953 (Postgres prepared statement positional parameter + casting). (Mike) + +- Phar: + . Fixed bug #65028 (Phar::buildFromDirectory creates corrupt archives for + some specific contents). (Stas) + +- Pgsql: + . Fixed bug #65336 (pg_escape_literal/identifier() silently returns false). + (Yasuo) + . Fixed bug #62978 (Disallow possible SQL injections with pg_select()/pg_update() + /pg_delete()/pg_insert()). (Yasuo) + +- Zlib: + . Fixed bug #65391 (Unable to send vary header user-agent when + ob_start('ob_gzhandler') is called) (Mike) + +22 Aug 2013, PHP 5.4.19 - Core: + . Fixed bug #64503 (Compilation fails with error: conflicting types for + 'zendparse'). (Laruence) + +- Openssl: + . Fixed UMR in fix for CVE-2013-4248. + +15 Aug 2013, PHP 5.4.18 + +- Core: + . Fixed value of FILTER_SANITIZE_FULL_SPECIAL_CHARS constant (previously was + erroneously set to FILTER_SANITIZE_SPECIAL_CHARS value). (Andrey + avp200681 gmail com). + . Fixed bug #65254 (Exception not catchable when exception thrown in autoload + with a namespace). (Laruence) + . Fixed bug #65108 (is_callable() triggers Fatal Error). + (David Soria Parra, Laruence) + . Fixed bug #65088 (Generated configure script is malformed on OpenBSD). + (Adam) + . Fixed bug #62964 (Possible XSS on "Registered stream filters" info). + (david at nnucomputerwhiz dot com) + . Fixed bug #62672 (Error on serialize of ArrayObject). (Lior Kaplan) + . Fixed bug #62475 (variant_* functions causes crash when null given as an + argument). (Felipe) + . Fixed bug #60732 (php_error_docref links to invalid pages). (Jakub Vrana) + . Fixed bug #65226 (chroot() does not get enabled). (Anatol) + +- CGI: + . Fixed Bug #65143 (Missing php-cgi man page). (Remi) + +- CLI server: + . Fixed bug #65066 (Cli server not responsive when responding with 422 http + status code). (Adam) + +- CURL: + . Fixed bug #62665 (curl.cainfo doesn't appear in php.ini). (Lior Kaplan) + +- FPM: + . Fixed bug #63983 (enabling FPM borks compile on FreeBSD). + (chibisuke at web dot de, Felipe) + +- FTP: + . Fixed bug #65228 (FTPs memory leak with SSL). + (marco dot beierer at mbsecurity dot ch) + +- GMP: + . Fixed bug #65227 (Memory leak in gmp_cmp second parameter). (Felipe) + +- Imap: + . Fixed bug #64467 (Segmentation fault after imap_reopen failure). + (askalski at gmail dot com) + +- Intl: + . Fixed bug #62759 (Buggy grapheme_substr() on edge case). (Stas) + . Fixed bug #61860 (Offsets may be wrong for grapheme_stri* functions). + (Stas) + +- mysqlnd: + . Fixed segfault in mysqlnd when doing long prepare. (Andrey) + +- ODBC: + . Fixed bug #61387 (NULL valued anonymous column causes segfault in + odbc_fetch_array). (Brandon Kirsch) + +- Openssl: + . Fixed handling null bytes in subjectAltName (CVE-2013-4248). + (Christian Heimes) + +- PDO: + . Allowed PDO_OCI to compile with Oracle Database 12c client libraries. + (Chris Jones) + +- PDO_dblib: + . Fixed bug #65219 (PDO/dblib not working anymore ("use dbName" not sent)). + (Stanley Sufficool) + +- PDO_pgsql: + . Fixed meta data retrieve when OID is larger than 2^31. (Yasuo) + +- Phar: + . Fixed Bug #65142 (Missing phar man page). (Remi) + +- Session + . Fixed bug #62535 ($_SESSION[$key]["cancel_upload"] doesn't work as + documented). (Arpad) + . Fixed bug #35703 (when session_name("123") consist only digits, + should warning). (Yasuo) + . Fixed bug #49175 (mod_files.sh does not support hash bits). Patch by + oorza2k5 at gmail dot com (Yasuo) + +- Sockets: + . Implemented FR #63472 (Setting SO_BINDTODEVICE with socket_set_option). + (Damjan Cvetko) + +- SPL: + . Fixed bug #65136 (RecursiveDirectoryIterator segfault). (Laruence) + . Fixed bug #61828 (Memleak when calling Directory(Recursive)Iterator + /Spl(Temp)FileObject ctor twice). (Laruence) + . Fixed bug #60560 (SplFixedArray un-/serialize, getSize(), count() return 0, + keys are strings). (Adam) + +- XML: + . Fixed bug #65236 (heap corruption in xml parser, CVE-2013-4113). (Rob) + +04 Jul 2013, PHP 5.4.17 + +- Core: + . Fixed bug #64988 (Class loading order affects E_STRICT warning). (Laruence) . Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). (Laruence) . Fixed bug #64960 (Segfault in gc_zval_possible_root). (Laruence) + . Fixed bug #64936 (doc comments picked up from previous scanner run). (Stas, + Jonathan Oddy) . Fixed bug #64934 (Apache2 TS crash with get_browser()). (Anatol) - . Fixed bug #63186 (compile failure on netbsd). (Matteo) + . Fixed bug #64166 (quoted-printable-encode stream filter incorrectly + discarding whitespace). (Michael M Slusarz) - DateTime: . Fixed bug #53437 (Crash when using unserialized DatePeriod instance).