From 6e284c6ce7ae813b84fccd8ccca7cec1db202e64 Mon Sep 17 00:00:00 2001 From: Ilia Alshanetsky Date: Wed, 17 Aug 2011 13:30:04 +0000 Subject: [PATCH] 5.3.7 --- NEWS | 204 +++++++++++++++++++-------------------------- configure.in | 2 +- main/php_version.h | 4 +- 3 files changed, 87 insertions(+), 123 deletions(-) diff --git a/NEWS b/NEWS index 322b1cc347..c7da0dc5e4 100644 --- a/NEWS +++ b/NEWS @@ -1,113 +1,12 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? Aug 2011, PHP 5.3.7 - -11 Aug 2011, PHP 5.3.7 RC5 +18 Aug 2011, PHP 5.3.7 - Upgraded bundled SQLite to version 3.7.7.1. (Scott) +- Upgraded bundled PCRE to version 8.12. (Scott) -- Core - . Fixed bug #55399 (parse_url() incorrectly treats ':' as a valid path). - (Ilia) - -- Imap extension: - . Fixed bug #55313 (Number of retries not set when params specified). - (kevin at kevinlocke dot name) - -- MySQLi extension: - . Fixed bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi - persistent connections). (Andrey) - -- SOAP - . Fixed bug #55323 (SoapClient segmentation fault when XSD_TYPEKIND_EXTENSION - contains itself). (Dmitry) - - -28 Jul 2011, PHP 5.3.7 RC4 -- Improved core functions: - . Updated crypt_blowfish to 1.2. ((CVE-2011-2483) (Solar Designer) - -- OpenSSL - . openssl_encrypt()/openssl_decrypt() truncated keys of variable length - ciphers to the OpenSSL default for the algorithm. (Scott) - . On blocking SSL sockets respect the timeout option where possible. - (Scott) - -- Core - . Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off). - (Dmitry) - . Fix bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow - (Pierre) - . Fixed bug #50816 (Using class constants in array definition fails). - (Pierrick, Dmitry) - -14 Jul 2011, PHP 5.3.7 RC3 - Zend Engine: . Fixed bug #55156 (ReflectionClass::getDocComment() returns comment even though the class has none). (Felipe) - -- Core - . Removed warning when argument of is_a() or is_subclass_of() is not - a known class. (Stas) - . Fixed bug #55258 (Windows Version Detecting Error). - ( xiaomao5 at live dot com, Pierre) - . Fixed bug #55187 (readlink returns weird characters when false result). - (Pierre) - . Fixed bug #55014 (Compile failure due to improper use of ctime_r()). (Ilia) - . Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption). (Dmitry) - . Fixed bug #54204 (Can't set a value with a PATH section in php.ini). - (Pierre) - . Fixed bug #54305 (Crash in gc_remove_zval_from_buffer). (Dmitry) - . Fixed bug #53727 (Inconsistent behavior of is_subclass_of with interfaces) - (Ralph Schindler, Dmitry) - . Fixed buffer overflow on overlog salt in crypt(). (Clément LECIGNE, Stas) - . Fixed bug #52935 (call exit in user_error_handler cause stream relate - core). (Gustavo) - - -- MCrypt - . Change E_ERROR to E_WARNING in mcrypt_create_iv when not enough data - has been fetched (Windows). (Pierre) - . Fixed bug #55169 (mcrypt_create_iv always fails to gather sufficient random - data on Windows). (Pierre) - -- PDO DBlib: - . Fixed bug #54329 (MSSql extension memory leak). - (dotslashpok at gmail dot com) - -30 Jun 2011, PHP 5.3.7 RC2 -- Core: - . Fixed crash in error_log(). (Felipe) Reported by Mateusz Kocielski. - . Fixed bug #55082 (var_export() doesn't escape properties properly). - (Gustavo) - -- DateTime extension: - . Fixed bug where the DateTime object got changed while using date_diff(). - (Derick) - -- DBA extension: - . Supress warning on non-existent file open with Berkeley DB 5.2 (Chris Jones) - -- PDO ODBC driver: - . Fixed data type usage in 64bit. (leocsilva at gmail dot com) - -- PHP-FPM SAPI: - . Implemented FR #54499 (FPM ping and status_path should handle HEAD request). (fat) - . Implemented FR #54172 (Overriding the pid file location of php-fpm). (fat) - . Fixed missing Expires and Cache-Control headers for ping and status pages. - (fat) - . Fixed memory leak. (fat) Reported and fixed by Giovanni Giacobbi. - . Fixed wrong value of log_level when invoking fpm with -tt. (fat) - -- SPL extension: - . Fixed bug #54971 (Wrong result when using iterator_to_array with use_keys - on true). (Pierrick) - -16 Jun 2011, PHP 5.3.7 RC1 -- Upgraded bundled SQLite to version 3.7.6.3. (Scott) -- Upgraded bundled PCRE to version 8.12. (Scott) -- Increased the backtrack limit from 100000 to 1000000 (Rasmus) - -- Zend Engine: . Fixed bug #55007 (compiler fail after previous fail). (Felipe) . Fixed bug #54910 (Crash when calling call_user_func with unknown function name). (Dmitry) @@ -119,45 +18,72 @@ PHP NEWS (Tony, Dmitry) . Fixed bug #54372 (Crash accessing global object itself returned from its __get() handle). (Dmitry) - . Fixed bug #54358 (Closure, use and reference). (Dmitry) . Fixed bug #54367 (Use of closure causes problem in ArrayAccess). (Dmitry) - . Fixed bug #54039 (use() of static variables in lambda functions can break - staticness). (Dmitry) + . Fixed bug #54358 (Closure, use and reference). (Dmitry) . Fixed bug #54262 (Crash when assigning value to a dimension in a non-array). (Dmitry) + . Fixed bug #54039 (use() of static variables in lambda functions can break + staticness). (Dmitry) -- Core: - . Implemented FR #54459 (Range function accuracy). (Adam) +- Core + . Updated crypt_blowfish to 1.2. ((CVE-2011-2483) (Solar Designer) + . Removed warning when argument of is_a() or is_subclass_of() is not + a known class. (Stas) + . Fixed crash in error_log(). (Felipe) Reported by Mateusz Kocielski. . Added PHP_MANDIR constant telling where the manpages were installed into, and an --man-dir argument to php-config. (Hannes) - . Fixed a crash inside dtor for error handling. (Ilia) + . Fixed buffer overflow on overlog salt in crypt(). (Clément LECIGNE, Stas) + . Implemented FR #54459 (Range function accuracy). (Adam) + + . Fixed bug #55399 (parse_url() incorrectly treats ':' as a valid path). + (Ilia) + . Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off). + (Dmitry) + . Fixed bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow + (Pierre) + . Fixed bug #55258 (Windows Version Detecting Error). + ( xiaomao5 at live dot com, Pierre) + . Fixed bug #55187 (readlink returns weird characters when false result). + (Pierre) + . Fixed bug #55082 (var_export() doesn't escape properties properly). + (Gustavo) + . Fixed bug #55014 (Compile failure due to improper use of ctime_r()). (Ilia) . Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). (Felipe) Reported by Krzysztof Kotowicz. (CVE-2011-2202) - . Fixed bug #54935 php_win_err can lead to crash. (Pierre) . Fixed bug #54924 (assert.* is not being reset upon request shutdown). (Ilia) . Fixed bug #54895 (Fix compiling with older gcc version without need for membar_producer macro). (mhei at heimpold dot de) + . Fixed bug #54866 (incorrect accounting for realpath_cache_size). + (Dustin Ward) . Fixed bug #54723 (getimagesize() doesn't check the full ico signature). (Scott) + . Fixed bug #54721 (Different Hashes on Windows, BSD and Linux on wrong Salt + size). (Pierre, os at irj dot ru) . Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value). (Gustavo) + . Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption). (Dmitry) + . Fixed bug #54305 (Crash in gc_remove_zval_from_buffer). (Dmitry) . Fixed bug #54238 (use-after-free in substr_replace()). (Stas) (CVE-2011-1148) + . Fixed bug #54204 (Can't set a value with a PATH section in php.ini). + (Pierre) . Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment). (tomas dot brastavicius at quantum dot lt, Pierrick) . Fixed bug #54137 (file_get_contents POST request sends additional line break). (maurice-php at mertinkat dot net, Ilia) - . Fixed bug #54866 (incorrect accounting for realpath_cache_size). - (Dustin Ward) - . Fixed bug #54721 (Different Hashes on Windows, BSD and Linux on wrong Salt - size). (Pierre, os at irj dot ru) . Fixed bug #53848 (fgetcsv() ignores spaces at beginnings of fields). (Ilia) . Alternative fix for bug #52550, as applied to the round() function (signed overflow), as the old fix impacted the algorithm for numbers with magnitude smaller than 0. (Gustavo) + . Fixed bug #53727 (Inconsistent behavior of is_subclass_of with interfaces) + (Ralph Schindler, Dmitry) + . Fixed bug #52935 (call exit in user_error_handler cause stream relate + core). (Gustavo) . Fixed bug #51997 (SEEK_CUR with 0 value, returns a warning). (Ilia) + . Fixed bug #50816 (Using class constants in array definition fails). + (Pierrick, Dmitry) . Fixed bug #50363 (Invalid parsing in convert.quoted-printable-decode filter). (slusarz at curecanti dot org) . Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using @@ -170,13 +96,15 @@ PHP NEWS - CLI SAPI: . Fixed bug #52496 (Zero exit code on option parsing failure). (Ilia) -- cURL: +- cURL extension: . Added ini option curl.cainfo (support for custom cert db). (Pierre) . Added CURLINFO_REDIRECT_URL support. (Daniel Stenberg, Pierre) . Added support for CURLOPT_MAX_RECV_SPEED_LARGE and CURLOPT_MAX_SEND_SPEED_LARGE. FR #51815. (Pierrick) - DateTime extension: + . Fixed bug where the DateTime object got changed while using date_diff(). + (Derick) . Fixed bug #54340 (DateTime::add() method bug). (Adam) . Fixed bug #54316 (DateTime::createFromFormat does not handle trailing '|' correctly). (Adam) @@ -185,6 +113,7 @@ PHP NEWS exception and fatal error). (Hannes) - DBA extension: + . Supress warning on non-existent file open with Berkeley DB 5.2 (Chris Jones) . Fixed bug #54242 (dba_insert returns true if key already exists). (Felipe) - Exif extesion: @@ -202,9 +131,13 @@ PHP NEWS . Fixed bug #54269 (Short exception message buffer causes crash). (Felipe) - intl extension: + . Implemented FR #54561 (Expose ICU version info). (David Zuelke, Ilia) . Implemented FR #54540 (Allow loading of arbitrary resource bundles when fallback is disabled). (David Zuelke, Stas) - . Implemented FR #54561 (Expose ICU version info). (David Zuelke, Ilia) + +- Imap extension: + . Fixed bug #55313 (Number of retries not set when params specified). + (kevin at kevinlocke dot name) - json extension: . Fixed bug #54484 (Empty string in json_decode doesn't reset @@ -221,6 +154,12 @@ PHP NEWS - mbstring extension: . Fixed bug #54494 (mb_substr() mishandles UTF-32LE and UCS-2LE). (Gustavo) +- MCrypt extension: + . Change E_ERROR to E_WARNING in mcrypt_create_iv when not enough data + has been fetched (Windows). (Pierre) + . Fixed bug #55169 (mcrypt_create_iv always fails to gather sufficient random + data on Windows). (Pierre) + - MySQL Improved extension: . Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries). (Andrey) @@ -231,7 +170,15 @@ PHP NEWS . Fixed bug #54674 mysqlnd valid_sjis_(head|tail) is using invalid operator and range). (nihen at megabbs dot com, Andrey) -- OpenSSL extension +- MySQLi extension: + . Fixed bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi + persistent connections). (Andrey) + +- OpenSSL extension: + . openssl_encrypt()/openssl_decrypt() truncated keys of variable length + ciphers to the OpenSSL default for the algorithm. (Scott) + . On blocking SSL sockets respect the timeout option where possible. + (Scott) . Fixed bug #54992 (Stream not closed and error not returned when SSL CN_match fails). (Gustavo, laird_ngrps at dodo dot com dot au) @@ -239,15 +186,23 @@ PHP NEWS . Added oci_client_version() returning the runtime Oracle client library version (Chris Jones) +. PCRE extension: + . Increased the backtrack limit from 100000 to 1000000 (Rasmus) + - PDO extension: . Fixed bug #54929 (Parse error with single quote in sql comment). (Felipe) . Fixed bug #52104 (bindColumn creates Warning regardless of ATTR_ERRMODE settings). (Ilia) - + - PDO DBlib driver: + . Fixed bug #54329 (MSSql extension memory leak). + (dotslashpok at gmail dot com) . Fixed bug #54167 (PDO_DBLIB returns null on SQLUNIQUE field). (mjh at hodginsmedia dot com, Felipe) +- PDO ODBC driver: + . Fixed data type usage in 64bit. (leocsilva at gmail dot com) + - PDO MySQL driver: . Fixed bug #54644 (wrong pathes in php_pdo_mysql_int.h). (Tony, Johannes) . Fixed bug #53782 (foreach throws irrelevant exception). (Johannes, Andrey) @@ -267,6 +222,12 @@ PHP NEWS (Felipe) - PHP-FPM SAPI: + . Implemented FR #54499 (FPM ping and status_path should handle HEAD request). (fat) + . Implemented FR #54172 (Overriding the pid file location of php-fpm). (fat) + . Fixed missing Expires and Cache-Control headers for ping and status pages. + (fat) + . Fixed memory leak. (fat) Reported and fixed by Giovanni Giacobbi. + . Fixed wrong value of log_level when invoking fpm with -tt. (fat) . Added xml format to the status page. (fat) . Removed timestamp in logs written by children processes. (fat) . Fixed exit at FPM startup on fpm_resources_prepare() errors. (fat) @@ -282,6 +243,8 @@ PHP NEWS name). (Felipe, laruence at yahoo dot com dot cn) - SOAP extension: + . Fixed bug #55323 (SoapClient segmentation fault when XSD_TYPEKIND_EXTENSION + contains itself). (Dmitry) . Fixed bug #54312 (soap_version logic bug). (tom at samplonius dot org) - Sockets extension: @@ -292,6 +255,8 @@ PHP NEWS . Fixed bug #51958 (socket_accept() fails on IPv6 server sockets). (Gustavo) - SPL extension: + . Fixed bug #54971 (Wrong result when using iterator_to_array with use_keys + on true). (Pierrick) . Fixed bug #54970 (SplFixedArray::setSize() isn't resizing). (Felipe) . Fixed bug #54609 (Certain implementation(s) of SplFixedArray cause hard crash). (Felipe) @@ -309,10 +274,9 @@ PHP NEWS . Fixed bug #54946 (stream_get_contents infinite loop). (Hannes) . Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket). (Gustavo) - -. Zip extension: . Fixed bug #54681 (addGlob() crashes on invalid flags). (Felipe) + 17 Mar 2011, PHP 5.3.6 - Upgraded bundled Sqlite3 to version 3.7.4. (Ilia) - Upgraded bundled PCRE to version 8.11. (Ilia) diff --git a/configure.in b/configure.in index 23dc651cfc..1259bbca9e 100644 --- a/configure.in +++ b/configure.in @@ -42,7 +42,7 @@ AC_CONFIG_HEADER(main/php_config.h) PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=3 PHP_RELEASE_VERSION=7 -PHP_EXTRA_VERSION="RC6-dev" +PHP_EXTRA_VERSION="" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 10000 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` diff --git a/main/php_version.h b/main/php_version.h index c935a76400..65ae37fdee 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 3 #define PHP_RELEASE_VERSION 7 -#define PHP_EXTRA_VERSION "RC6-dev" -#define PHP_VERSION "5.3.7RC6-dev" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "5.3.7" #define PHP_VERSION_ID 50307 -- 2.40.0