Documente Academic
Documente Profesional
Documente Cultură
03 Mar 2016
CLI server:
Fixed bug #71559 (Built-in HTTP server, we can download file in web by bug).
CURL:
Fixed bug #71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes while
curl_multi_exec).
Date:
Fixed bug #68078 (Datetime comparisons ignore microseconds).
Fixed bug #71525 (Calls to date_modify will mutate timelib_rel_time, causing dat
e_date_set issues).
Fileinfo:
Fixed bug #71434
FPM:
Fixed bug #62172
Opcache:
Fixed bug #71584
PDO MySQL:
Fixed bug #71569
Phar:
Fixed bug #71498
Standard:
Fixed bug #70720
WDDX:
Fixed bug #71587
XSL:
Fixed bug #71540
Zip:
Fixed bug #71561
Version 5.5.33
03 Mar 2016
Phar:
Fixed bug #71498 (Out-of-Bound Read in phar_parse_zipfile()).
WDDX:
Fixed bug #71587 (Use-After-Free / Double-Free in WDDX Deserialize).
Version 5.6.18
04 Feb 2016
Core:
Added support for new HTTP 451 code.
Fixed bug #71039 (exec functions ignore length but look for NULL termination).
Fixed bug #71089 (No check to duplicate zend_extension).
Fixed bug #71201 (round() segfault on 64-bit builds).
Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash).
Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its input).
Fixed bug #71459 (Integer overflow in iptcembed()).
Apache2handler:
Fix >2G Content-Length headers in apache2handler.
FTP:
Implemented FR #55651 (Option to ignore the returned FTP PASV address).
GD:
Improved fix for bug #70976.
Opcache:
Fixed bug #71127 (Define in auto_prepend_file is overwrite).
Fixed bug #71024 (Unable to use PHP 7.0 x64 side-by-side with PHP 5.6 x32 on the
same server).
PCRE:
Upgraded bundled PCRE library to 8.38. (CVE-2015-8383, CVE-2015-8386, CVE-2015-8
387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394)
Phar:
Fixed bug #71354 (Heap corruption in tar/zip/phar parser).
Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
Fixed bug #71488 (Stack overflow when decompressing tar archives). (CVE-2016-255
4)
Session:
Fixed bug #69111 (Crash in SessionHandler::read()).
SOAP:
Fixed bug #70979 (crash with bad soap request).
SPL:
Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading).
WDDX:
Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization).
Version 5.5.32
04 Feb 2016
Core:
Fixed bug #71039 (exec functions ignore length but look for NULL termination).
Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its input).
Fixed bug #71459 (Integer overflow in iptcembed()).
GD:
Improved fix for bug #70976.
PCRE:
Upgraded bundled PCRE library to 8.38. (CVE-2015-8383, CVE-2015-8386, CVE-2015-8
387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394)
Phar:
Fixed bug #71354 (Heap corruption in tar/zip/phar parser).
Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
Fixed bug #71488 (Stack overflow when decompressing tar archives). (CVE-2016-255
4)
WDDX:
Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization).
Version 5.6.17
07 Jan 2016
Core:
Fixed bug #66909 (configure fails utf8_to_mutf7 test).
Fixed bug #70958 (Invalid opcode while using ::class as trait method paramater d
efault value).
Fixed bug #70957 (self::class can not be resolved with reflection for abstract c
lass).
Fixed bug #70944 (try{ } finally{} can create infinite chains of exceptions).
Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol: php_register_inte
rnal_extensions).
FPM:
Fixed bug #70755 (fpm_log.c memory leak and buffer overflow).
GD:
Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of B
ounds). (CVE-2016-1903)
Mysqlnd:
Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction).
SOAP:
Fixed bug #70900 (SoapClient systematic out of memory error).
Standard:
Fixed bug #70960 (ReflectionFunction for array_unique returns wrong number of pa
rameters).
PDO_Firebird:
Fixed bug #60052 (Integer returned as a 64bit integer on X64_86).
WDDX:
Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerabili
ty).
XMLRPC:
Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).
Version 5.5.31
07 Jan 2016
FPM:
Fixed bug #70755 (fpm_log.c memory leak and buffer overflow).
GD:
Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index Out of B
ounds). (CVE-2016-1903)
WDDX:
Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion Vulnerabili
ty).
XMLRPC:
Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()).
Version 5.6.16
26 Nov 2015
Core:
Fixed bug #70828 (php-fpm 5.6 with opcache crashes when referencing a non-existe
nt constant).
Fixed bug #70748 (Segfault in ini_lex () at Zend/zend_ini_scanner.l).
Mysqlnd:
Fixed bug #68344 (MySQLi does not provide way to disable peer certificate valida
tion) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT connection flag.
OCI8:
Fixed bug #68298 (OCI int overflow).
PDO_DBlib:
Fixed bug #69757 (Segmentation fault on nextRowset).
SOAP:
Fixed bug #70875 (Segmentation fault if wsdl has no targetNamespace attribute).
SPL:
Fixed bug #70852 (Segfault getting NULL offset of an ArrayObject).
Version 5.6.15
29 Oct 2015
Core:
Fixed bug #70681 (Segfault when binding $this of internal instance method to nul
l).
Fixed bug #70685 (Segfault for getClosure() internal method rebind with invalid
$this).
Date:
Fixed bug #70619 (DateTimeImmutable segfault).
Mcrypt:
Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV was specified un
der RC4).
Mysqlnd:
Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the server).
Fixed bug #70572 segfault in mysqlnd_connect.
Opcache:
Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer).
Fixed bug #70631 (Another Segfault in gc_remove_from_buffer()).
Fixed bug #70601 (Segfault in gc_remove_from_buffer()).
Fixed compatibility with Windows 10 (see also #70652).
Version 5.6.14
01 Oct 2015
Core:
Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10 when building ext
ensions).
CLI server:
Fixed bug #68291 (404 on urls with '+').
DOM:
Fixed bug #70001 (Assigning to DOMNode::textContent does additional entity encod
ing).
ldap:
Fixed bug #70465 (Bug in ldap_search() modifies LDAP_OPT_TIMELIMIT/DEREF's value
s). (Tyson Andre).
Opcache:
Fixed bug #70237 (Empty while and do-while segmentation fault with opcode on CLI
enabled).
PCRE:
Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string match).
Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
SOAP:
Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). (CVE-201
5-6836)
SPL:
Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via ob_start).
Fixed bug #70303 (Incorrect constructor reflection for ArrayObject).
Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectSt
orage). (CVE-2015-6834)
Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLi
nkedList). (CVE-2015-6834)
Standard:
Fixed bug #70052 (getimagesize() fails for very large and very small WBMP).
Fixed bug #70157 (parse_ini_string() segmentation fault with INI_SCANNER_TYPED).
XSLT:
Fixed bug #69782 (NULL pointer dereference). (CVE-2015-6837, CVE-2015-6838)
ZIP:
Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when crea
ting directories). (CVE-2014-9767)
Version 5.5.29
03 Sep 2015
Core:
Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (CVE-2015-6834
)
Fixed bug #70219 (Use after free vulnerability in session deserializer). (CVE-20
15-6835)
EXIF:
Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte valu
e of 32 bytes).
hash:
Fixed bug #70312 (HAVAL gives wrong hashes in specific cases).
PCRE:
Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
SOAP:
Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). (CVE-201
5-6836)
SPL:
Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectSt
orage). (CVE-2015-6834)
Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLi
nkedList). (CVE-2015-6834)
XSLT:
Fixed bug #69782 (NULL pointer dereference). (CVE-2015-6837, CVE-2015-6838)
ZIP:
Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when crea
ting directories). (CVE-2014-9767)
Version 5.4.45
03 Sep 2015
Core:
Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (CVE-2015-6834
)
Fixed bug #70219 (Use after free vulnerability in session deserializer). (CVE-20
15-6835)
EXIF:
Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte valu
e of 32 bytes).
hash:
Fixed bug #70312 (HAVAL gives wrong hashes in specific cases).
PCRE:
Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
SOAP:
Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). (CVE-201
5-6836)
SPL:
Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectSt
orage). (CVE-2015-6834)
Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLi
nkedList). (CVE-2015-6834)
XSLT:
Fixed bug #69782 (NULL pointer dereference). (CVE-2015-6837, CVE-2015-6838)
ZIP:
Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when crea
ting directories). (CVE-2014-9767)
Version 5.6.12
06 Aug 2015
Core:
Fixed bug #70012 (Exception lost with nested finally block).
Fixed bug #70002 (TS issues with temporary dir handling).
Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method cal
ls).
Fixed bug #69892 (Different arrays compare indentical due to integer key truncat
ion).
Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NUL
L pointer deref).
CLI server:
Fixed bug #69655 (php -S changes MKCALENDAR request method to MKCOL).
Fixed bug #64878 (304 responses return Content-Type header).
GD:
Fixed bug #53156 (imagerectangle problem with point ordering).
Fixed bug #66387 (Stack overflow with imagefilltoborder).
Fixed bug #70102 (imagecreatefromwebm() shifts colors).
Fixed bug #66590 (imagewebp() doesn't pad to even length).
Fixed bug #66882 (imagerotate by -90 degrees truncates image by 1px).
Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory).
Fixed bug #69024 (imagescale segfault with palette based image).
Fixed bug #53154 (Zero-height rectangle has whiskers).
Fixed bug #67447 (imagecrop() add a black line when cropping).
Fixed bug #68714 (copy 'n paste error).
Fixed bug #66339 (PHP segfaults in imagexbm).
Fixed bug #70047 (gd_info() doesn't report WebP support).
ODBC:
Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns).
OpenSSL:
Fixed bug #69882 (OpenSSL error "key values mismatch" after openssl_pkcs12_read
with extra cert).
Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure)
.
Phar:
Improved fix for bug #69441.
Fixed bug #70019 (Files extracted from archive may be placed outside of destinat
ion directory). (CVE-2015-6833)
SOAP:
Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple t
ype confusions).
SPL:
Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
(CVE-2015-6832)
Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObj
ect). (CVE-2015-6831)
Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectSt
orage). (CVE-2015-6831)
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLi
nkedList). (CVE-2015-6831)
Standard:
Fixed bug #70096 (Repeated iptcembed() adds superfluous FF bytes).
Version 5.5.28
06-Aug-2015
Core:
Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method cal
ls).
Fixed bug #69892 (Different arrays compare indentical due to integer key truncat
ion).
Fixed bug #70002 (TS issues with temporary dir handling).
Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NUL
L pointer deref).
OpenSSL:
Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure)
.
Phar:
Improved fix for bug #69441.
Fixed bug #70019 (Files extracted from archive may be placed outside of destinat
ion directory). (CVE-2015-6833)
SOAP:
Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple t
ype confusions).
SPL:
Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
(CVE-2015-6832)
Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObj
ect). (CVE-2015-6831)
Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectSt
orage). (CVE-2015-6831)
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLi
nkedList). (CVE-2015-6831)
Version 5.4.44
06-Aug-2015
Core:
Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method cal
ls).
Fixed bug #69892 (Different arrays compare indentical due to integer key truncat
ion).
Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NUL
L pointer deref).
OpenSSL:
Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure)
.
Phar:
Improved fix for bug #69441.
Fixed bug #70019 (Files extracted from archive may be placed outside of destinat
ion directory). (CVE-2015-6833)
SOAP:
Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple t
ype confusions).
SPL:
Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
(CVE-2015-6832)
Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObj
ect). (CVE-2015-6831)
Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectSt
orage). (CVE-2015-6831)
Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLi
nkedList). (CVE-2015-6831)
Version 5.6.11
10 Jul 2015
Core:
Fixed bug #69768 (escapeshell*() doesn't cater to !).
Fixed bug #69703 (Use __builtin_clzl on PowerPC).
Fixed bug #69732 (can induce segmentation fault with basic php code).
Fixed bug #69642 (Windows 10 reported as Windows 8).
Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation fault).
Fixed bug #69781 (phpinfo() reports Professional Editions of Windows 7/8/8.1/10
as "Business").
Fixed bug #69740 (finally in generator (yield) swallows exception in iteration).
Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
Fixed bug #69892 (Different arrays compare indentical due to integer key truncat
ion).
Fixed bug #69874 (Can't set empty additional_headers for mail()), regression fro
m fix to bug #68776.
GD:
Fixed bug #61221 (imagegammacorrect function loses alpha channel).
GMP:
Fixed bug #69803 (gmp_random_range() modifies second parameter if GMP number).
Mysqlnd:
Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM). (CVE-2015-3152)
PCRE:
Fixed bug #53823 (preg_replace: * qualifier on unicode replace garbles the strin
g).
Fixed bug #69864 (Segfault in preg_replace_callback).
PDO_pgsql:
Fixed bug #69752 (PDOStatement::execute() leaks memory with DML Statements when
closeCuror() is u).
Fixed bug #69362 (PDO-pgsql fails to connect if password contains a leading sing
le quote).
Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
Phar:
Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (CVE-2015-55
89)
Fixed bug #69923 (Buffer overflow and stack smashing error in phar_fix_filepath)
. (CVE-2015-5590)
SimpleXML:
Refactored the fix for bug #66084 (simplexml_load_string() mangles empty node na
me).
SPL:
Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
Fixed bug #67805 (SplFileObject setMaxLineLength).
Fixed bug #69970 (Use-after-free vulnerability in spl_recursive_it_move_forward_
ex()).
Sqlite3:
Fixed bug #69972 (Use-after-free vulnerability in sqlite3SafetyCheckSickOrOk()).
Version 5.5.27
09-Jul-2015
Core:
Fixed bug #69768 (escapeshell*() doesn't cater to !).
Fixed bug #69703 (Use __builtin_clzl on PowerPC).
Fixed bug #69732 (can induce segmentation fault with basic php code).
Fixed bug #69642 (Windows 10 reported as Windows 8).
Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation fault).
Fixed bug #69781 (phpinfo() reports Professional Editions of Windows 7/8/8.1/10
as "Business").
Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
Fixed bug #69892 (Different arrays compare indentical due to integer key truncat
ion).
Fixed bug #69874 (Can't set empty additional_headers for mail()), regression fro
m fix to bug #68776.
GD:
Fixed bug #61221 (imagegammacorrect function loses alpha channel).
Mysqlnd:
Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM). (CVE-2015-3152)
PCRE:
Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the strin
g).
Fixed bug #69864 (Segfault in preg_replace_callback).
PDO_pgsql:
Fixed bug #69752 (PDOStatement::execute() leaks memory with DML Statements when
closeCuror() is u).
Fixed bug #69362 (PDO-pgsql fails to connect if password contains a leading sing
le quote).
Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps).
Phar:
Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (CVE-2015-55
89)
Fixed bug #69923 (Buffer overflow and stack smashing error in phar_fix_filepath)
. (CVE-2015-5590)
SimpleXML:
Refactored the fix for bug #66084 (simplexml_load_string() mangles empty node na
me).
SPL:
Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error).
Fixed bug #67805 (SplFileObject setMaxLineLength).
Version 5.4.43
09-Jul-2015
Core:
Fixed bug #69768 (escapeshell*() doesn't cater to !).
Fixed bug #69874 (Can't set empty additional_headers for mail()), regression fro
m fix to bug #68776.
Mysqlnd:
Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM). (CVE-2015-3152)
Phar:
Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (CVE-2015-55
89)
Fixed bug #69923 (Buffer overflow and stack smashing error in phar_fix_filepath)
. (CVE-2015-5590)
Version 5.6.10
11 Jun 2015
Core:
Fixed bug #66048 (temp. directory is cached during multiple requests).
Fixed bug #69566 (Conditional jump or move depends on uninitialised value in ext
ension trait).
Fixed bug #69599 (Strange generator+exception+variadic crash).
Fixed bug #69628 (complex GLOB_BRACE fails on Windows).
Fixed POST data processing slowdown due to small input buffer size on Windows.
Fixed bug #69646 (OS command injection vulnerability in escapeshellarg). (CVE-20
15-4642)
Fixed bug #69719 (Incorrect handling of paths with NULs). (CVE-2015-4598)
FTP:
Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in heap
overflow). (CVE-2015-4643)
GD:
Fixed bug #69479 (GD fails to build with newer libvpx).
Iconv:
Fixed bug #48147 (iconv with //IGNORE cuts the string).
Litespeed SAPI:
Fixed bug #68812 (Unchecked return value).
Mail:
Fixed bug #68776 (mail() does not have mail header injection prevention for addi
tional headers).
MCrypt:
Added file descriptor caching to mcrypt_create_iv().
Opcache:
Fixed bug #69549 (Memory leak with opcache.optimization_level=0xFFFFFFFF).
PCRE:
Upgraded pcrelib to 8.37. (CVE-2015-2325, CVE-2015-2326)
Phar:
Fixed bug #69680 (phar symlink in binary directory broken).
Postgres:
Fixed bug #69667 (segfault in php_pgsql_meta_data). (CVE-2015-4644)
Sqlite3:
Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416
)
Version 5.5.26
11-Jun-2015
Core:
Fixed bug #69566 (Conditional jump or move depends on uninitialised value in ext
ension trait).
Fixed bug #66048 (temp. directory is cached during multiple requests).
Fixed bug #69628 (complex GLOB_BRACE fails on Windows).
Fixed bug #69646 (OS command injection vulnerability in escapeshellarg). (CVE-20
15-4642)
Fixed bug #69719 (Incorrect handling of paths with NULs). (CVE-2015-4598)
FTP:
Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in heap
overflow). (CVE-2015-4643)
GD:
Fixed bug #69479 (GD fails to build with newer libvpx).
Iconv:
Fixed bug #48147 (iconv with //IGNORE cuts the string).
Litespeed SAPI:
Fixed bug #68812 (Unchecked return value).
Mail:
Fixed bug #68776 (mail() does not have mail header injection prevention for addi
tional headers).
MCrypt:
Added file descriptor caching to mcrypt_create_iv().
Opcache:
Fixed bug #69549 (Memory leak with opcache.optimization_level=0xFFFFFFFF).
PCRE:
Upgraded pcrelib to 8.37. (CVE-2015-2325, CVE-2015-2326)
Phar:
Fixed bug #69680 (phar symlink in binary directory broken).
Postgres:
Fixed bug #69667 (segfault in php_pgsql_meta_data). (CVE-2015-4644)
Sqlite3:
Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416
)
Version 5.4.42
11-Jun-2015
Core:
Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in heap
overflow). (CVE-2015-4643)
Fixed bug #69646 (OS command injection vulnerability in escapeshellarg). (CVE-20
15-4642)
Fixed bug #69719 (Incorrect handling of paths with NULs). (CVE-2015-4598)
Litespeed SAPI:
Fixed bug #68812 (Unchecked return value).
Mail:
Fixed bug #68776 (mail() does not have mail header injection prevention for addi
tional headers).
Postgres:
Fixed bug #69667 (segfault in php_pgsql_meta_data). (CVE-2015-4644)
Sqlite3:
Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416
)
Version 5.6.9
14 May 2015
Core:
Fixed bug #69467
Fixed bug #69420
Fixed bug #60022
sh).
Fixed bug #67314
Fixed bug #68652
Fixed bug #69419
Fixed bug #69472
ndleA).
Fixed bug #69364
024)
Fixed bug #69403
Fixed bug #69418
Fixed bug #69522
FTP:
Fixed bug #69545
(CVE-2015-4022)
ODBC:
Fixed bug #69354
Fixed bug #69474
rect result).
Fixed bug #69381
OpenSSL:
Fixed bug #69402
PCNTL:
Fixed bug #68598
PCRE:
Upgraded pcrelib
Phar:
Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename st
arts with null). (CVE-2015-4021)
Version 5.5.25
14-May-2015
Core:
Fixed bug #69364
024)
Fixed bug #69403
Fixed bug #69418
Fixed bug #69522
Fixed bug #69467
Fixed bug #69420
Fixed bug #60022
sh).
Fixed bug #67314
Fixed bug #68652
Fixed bug #69419
Fixed bug #69472
ndleA).
FTP:
Fixed bug #69545
(CVE-2015-4022)
ODBC:
Fixed bug #69354
Fixed bug #69474
rect result).
Fixed bug #69381
OpenSSL:
Fixed bug #69402
PCNTL:
Fixed bug #68598
Phar:
Fixed bug #69453
arts with null).
Version 5.4.41
14-May-2015
Core:
Fixed bug #69364
024)
Fixed bug #69403
Fixed bug #69418
Fixed bug #69522
FTP:
Fixed bug #69545
(CVE-2015-4022)
PCNTL:
Fixed bug #68598
PCRE:
Upgraded pcrelib
Phar:
Fixed bug #69453
arts with null).
Version 5.6.8
16 Apr 2015
Core:
Fixed bug #66609 (php crashes with __get() and ++ operator in some cases).
(CVE-2015-3329)
Postgres:
Fixed bug #68741 (Null pointer dereference). (CVE-2015-1352)
SOAP:
Fixed bug #69152 (Type Confusion Infoleak Vulnerability in unserialize() with So
apFault). (CVE-2015-4599)
Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader (bisected,
regression)).
SPL:
Fixed bug #69227 (Use after free in zval_scan caused by spl_object_storage_get_g
c).
Sqlite3:
Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception).
Fixed bug #69287 (Upgrade bundled libsqlite to 3.8.8.3).
Fixed bug #66550 (SQLite prepared statement use-after-free).
Version 5.5.24
16 Apr 2015
Apache2handler:
Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler
). (CVE-2015-3330)
Core:
Fixed bug #66609 (php crashes with __get() and ++ operator in some cases).
Fixed bug #67626 (User exceptions not properly handled in streams).
Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8 characters)
.
Fixed bug #68917 (parse_url fails on some partial urls).
Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration op
tions).
Additional fix for bug #69152 (Type confusion vulnerability in exception::getTra
ceAsString).
Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in __call/... a
rg passing).
Fixed bug #69221 (Segmentation fault when using a generator in combination with
an Iterator).
Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability).
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions).
(CVE-2015-3411, CVE-2015-3412)
cURL:
Implemented FR #69278 (HTTP2 support).
Fixed bug #68739 (Missing break / control flow).
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WR
ITEHEADER).
Date:
Export date_get_immutable_ce so that it can be used by extensions.
Fixed bug #69336 (Issues with "last day of <monthname>").
Enchant:
Fixed bug #65406 (Enchant broker plugins are in the wrong place in windows build
s).
Ereg:
Fixed bug #68740 (NULL Pointer Dereference).
Fileinfo:
Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
. (CVE-2015-4604, CVE-2015-4605)
Filter:
Fixed bug #69202 (FILTER_FLAG_STRIP_BACKTICK ignored unless other flags are used
).
Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127).
Mbstring:
Fixed bug #68846 (False detection of CJK Unified Ideographs Extension E).
ODBC:
Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0).
OPCache:
Fixed bug #69281 (opcache_is_script_cached no longer works).
Fixed bug #68677 (Use After Free). (CVE-2015-1351)
OpenSSL:
Fixed bug #67403 (Add signatureType to openssl_x509_parse).
Add a check for RAND_egd to allow compiling against LibreSSL.
Phar:
Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar).
Fixed bug #64931 (phar_add_file is too restrictive on filename).
Fixed bug #65467 (Call to undefined method cli_arg_typ_string).
Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing ".tar")
.
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (CVE-20152783, CVE-2015-3307)
Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode).
(CVE-2015-3329)
Postgres:
Fixed bug #68741 (Null pointer dereference). (CVE-2015-1352)
SOAP:
Fixed bug #69152 (Type Confusion Infoleak Vulnerability in unserialize() with So
apFault). (CVE-2015-4599)
Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader (bisected,
regression)).
SPL:
Fixed bug #69227 (Use after free in zval_scan caused by spl_object_storage_get_g
c).
SQLITE:
Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception).
Fixed bug #69287 (Upgrade bundled sqlite to 3.8.8.3).
Fixed bug #66550 (SQLite prepared statement use-after-free).
Version 5.4.40
16 Apr 2015
Apache2handler:
Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler
). (CVE-2015-3330)
Core:
Additional fix for bug #69152 (Type confusion vulnerability in exception::getTra
ceAsString).
Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability).
Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions).
(CVE-2015-3411, CVE-2015-3412)
cURL:
Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WR
ITEHEADER).
Ereg:
Fixed bug #68740 (NULL Pointer Dereference).
Fileinfo:
Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault)
. (CVE-2015-4604, CVE-2015-4605)
GD:
Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (CVE-2014-9709)
Phar:
Fixed bug #68901 (use after free). (CVE-2015-2301)
Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (CVE-20152783, CVE-2015-3307)
Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode).
(CVE-2015-3329)
Postgres:
Fixed bug #68741 (Null pointer deference). (CVE-2015-1352)
SOAP:
Fixed bug #69152 (Type Confusion Infoleak Vulnerability in unserialize() with So
apFault). (CVE-2015-4599)
Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader (bisected,
regression)).
Sqlite3:
Fixed bug #66550 (SQLite prepared statement use-after-free).
Version 5.6.7
19 Mar 2015
Core:
Fixed bug #69174 (leaks when unused inner class use traits precedence).
Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize).
Fixed bug #69121 (Segfault in get_current_user when script owner is not in passw
d with ZTS build).
Fixed bug #65593 (Segfault when calling ob_start from output buffering callback)
.
Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file not valida
ted in memory.c).
Fixed bug #68166 (Exception with invalid character causes segv).
Fixed bug #69141 (Missing arguments in reflection info for some builtin function
s).
Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (CVE-2015-2787
)
Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration op
tions).
Fixed bug #69207 (move_uploaded_file allows nulls in path). (CVE-2015-2348)
CGI:
Fixed bug #69015 (php-cgi's getopt does not see $argv).
CLI:
Fixed bug #67741 (auto_prepend_file messes up __LINE__).
cURL:
Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on Win32).
Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported by li
bcurl.
Ereg:
Fixed bug #69248 (heap overflow vulnerability in regcomp.c). (CVE-2015-2305)
FPM:
Fixed bug #68822 (request time is reset too early).
ODBC:
Fixed bug #68964 (Allowed memory size exhausted with odbc_exec).
Opcache:
Fixed bug #69159 (Opcache causes problem when passing a variable variable to a f
unction).
Fixed bug #69125 (Array numeric string as key).
Fixed bug #69038 (switch(SOMECONSTANT) misbehaves).
OpenSSL:
Fixed bug #68912 (Segmentation fault at openssl_spki_new).
Fixed bug #61285, #68329, #68046, #41631 (encrypted streams don't observe socket
timeouts).
Fixed bug #68920 (use strict peer_fingerprint input checks) (Daniel Lowrey)
Fixed bug #68879 (IP Address fields in subjectAltNames not used) (Daniel Lowrey)
Fixed bug #68265 (SAN match fails with trailing DNS dot) (Daniel Lowrey)
Fixed bug #67403 (Add signatureType to openssl_x509_parse) (Daniel Lowrey)
Fixed bug #69195 (Inconsistent stream crypto values across versions) (Daniel Low
rey)
pgsql:
Fixed bug #68638 (pg_update() fails to store infinite values).
Readline:
Fixed bug #69054 (Null dereference in readline_(read|write)_history() without pa
rameters).
SOAP:
Fixed bug #69085 (SoapClient's __call() type confusion through unserialize()). (
CVE-2015-4147, CVE-2015-4148)
SPL:
Fixed bug #69108 ("Segmentation fault" when (de)serializing SplObjectStorage).
Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after calling getCh
ildren()).
ZIP:
Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap boundary). (CV
E-2015-2331)
Version 5.5.23
19 Mar 2015
Core:
Fixed bug #69174 (leaks when unused inner class use traits precedence).
Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize).
Fixed bug #69121 (Segfault in get_current_user when script owner is not in passw
d with ZTS build).
Fixed bug #65593 (Segfault when calling ob_start from output buffering callback)
.
Fixed bug #69017 (Fail to push to the empty array with the constant value define
d in class scope).
Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file not valida
ted in memory.c).
Fixed bug #68166 (Exception with invalid character causes segv).
Fixed bug #69141 (Missing arguments in reflection info for some builtin function
s).
Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (CVE-2015-2787
)
Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration op
tions).
Fixed bug #69207 (move_uploaded_file allows nulls in path). (CVE-2015-2348)
CGI:
Fixed bug #69015 (php-cgi's getopt does not see $argv).
CLI:
Fixed bug #67741 (auto_prepend_file messes up __LINE__).
cURL:
Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on Win32).
Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported by li
bcurl.
Ereg:
Fixed bug #69248 (heap overflow vulnerability in regcomp.c). (CVE-2015-2305)
FPM:
Fixed bug #68822 (request time is reset too early).
JSON :
Fixed bug #64695 (JSON_NUMERIC_CHECK has issues with strings that are numbers pl
us the letter e).
ODBC:
Fixed bug #68964 (Allowed memory size exhausted with odbc_exec).
Opcache:
Fixed bug #69125 (Array numeric string as key).
Fixed bug #69038 (switch(SOMECONSTANT) misbehaves).
OpenSSL:
Fixed bug #61285, #68329, #68046, #41631 (encrypted streams don't observe socket
timeouts).
pgsql:
Fixed bug #68638 (pg_update() fails to store infinite values).
Readline:
Fixed bug #69054 (Null dereference in readline_(read|write)_history() without pa
rameters).
SOAP:
Fixed bug #69085 (SoapClient's __call() type confusion through unserialize()). (
CVE-2015-4147, CVE-2015-4148)
SPL:
Fixed bug #69108 ("Segmentation fault" when (de)serializing SplObjectStorage).
Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after calling getCh
ildren()).
ZIP:
Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap boundary). (CV
E-2015-2331)
Version 5.4.39
19 Mar 2015
Core:
Fixed bug #68976 (Use After Free Vulnerability in unserialize()). (CVE-2015-2787
)
Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM configuration op
tions).
Fixed bug #69207 (move_uploaded_file allows nulls in path). (CVE-2015-2348)
Ereg:
Fixed bug #69248 (heap overflow vulnerability in regcomp.c). (CVE-2015-2305)
SOAP:
Fixed bug #69085 (SoapClient's __call() type confusion through unserialize()). (
CVE-2015-4147, CVE-2015-4148)
ZIP:
Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap boundary). (CV
E-2015-2331)
Version 5.6.6
19 Feb 2015
Core:
Removed support for multi-line headers, as they are deprecated by RFC 7230.
Fixed bug #67068 (getClosure returns somethings that's not a closure).
Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZon
e). (CVE-2015-0273)
GHOST: glibc gethostbyname buffer
Fixed bug #68925 (Mitigation for CVE-2015-0235
overflow).
Fixed bug #67988 (htmlspecialchars() does not respect default_charset specified
by ini_set).
Added NULL byte protection to exec, system and passthru.
Dba:
Fixed bug #68711 (useless comparisons).
Enchant:
Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()). (CVE-2
014-9705)
Fileinfo:
Fixed bug #68827 (Double free with disabled ZMM).
Fixed bug #67647 (Bundled libmagic 5.17 does not detect quicktime files correctl
y).
Fixed bug #68731 (finfo_buffer doesn't extract the correct mime with some gifs).
FPM:
Fixed bug #66479 (Wrong response to FCGI_GET_VALUES).
Fixed bug #68571 (core dump when webserver close the socket).
JSON:
Fixed bug #50224 (json_encode() does not always encode a float as a float) by ad
ding JSON_PRESERVE_ZERO_FRACTION.
LIBXML:
Pgsql:
Fixed bug #65199 (pg_copy_from() modifies input array variable).
Sqlite3:
Fixed bug #68260 (SQLite3Result::fetchArray declares wrong required_num_args).
Mysqli:
Fixed bug #68114 (linker error on some OS X machines with fixed width decimal su
pport).
Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient has round
ing errors).
Session:
Fixed bug #68941 (mod_files.sh is a bash-script).
Fixed bug #66623 (no EINTR check on flock).
Fixed bug #68063 (Empty session IDs do still start sessions).
Standard:
Fixed bug #65272 (flock() out parameter not set correctly in windows).
Fixed bug #69033 (Request may get env. variables from previous requests if PHP w
orks as FastCGI).
Streams:
Fixed bug which caused call after final close on streams filter.
Version 5.4.38
19 Feb 2015
Core:
Removed support for multi-line headers, as they are deprecated by RFC 7230.
Added NULL byte protection to exec, system and passthru.
GHOST: glibc gethostbyname buffer
Fixed bug #68925 (Mitigation for CVE-2015-0235
overflow).
Fixed bug #67827 (broken detection of system crypt sha256/sha512 support).
Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZon
e). (CVE-2015-0273)
Enchant:
Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()). (CVE-2
014-9705)
SOAP:
Fixed bug #67427 (SoapServer cannot handle large messages).
Version 5.6.5
22 Jan 2015
Core:
Upgraded crypt_blowfish to version 1.3.
Fixed bug #60704 (unlink() bug with some files path).
Fixed bug #65419 (Inside trait, self::class != __CLASS__).
Fixed bug #68536 (pack for 64bits integer is broken on bigendian).
Fixed bug #55541 (errors spawn MessageBox, which blocks test automation).
Fixed bug #68297 (Application Popup provides too few information).
Fixed bug #65769 (localeconv() broken in TS builds).
Fixed bug #65230 (setting locale randomly broken).
Fixed bug #66764 (configure doesn't define EXPANDED_DATADIR / PHP_DATADIR correc
tly).
Fixed bug #68583 (Crash in timeout thread).
Fixed bug #65576 (Constructor from trait conflicts with inherited constructor).
Fixed bug #68676 (Explicit Double Free). (CVE-2014-9425)
Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()). (CVE-201
5-0231)
CGI:
Fixed bug #68618 (out of bounds read crashes php-cgi). (CVE-2014-9427)
CLI server:
Fixed bug #68745 (Invalid HTTP requests make web server segfault).
cURL:
Fixed bug #67643 (curl_multi_getcontent returns '' when CURLOPT_RETURNTRANSFER i
sn't set).
Date:
Implemented FR #68268 (DatePeriod: Getter for start date, end date and interval)
.
EXIF:
Fixed bug #68799 (Free called on uninitialized pointer). (CVE-2015-0232)
Fileinfo:
Fixed bug #68398 (msooxml matches too many archives).
Fixed bug #68665 (invalid free in libmagic).
Fixed bug #68671 (incorrect expression in libmagic).
Removed readelf.c and related code from libmagic sources.
Fixed bug #68735 (fileinfo out-of-bounds memory access). (CVE-2014-9652)
FPM:
Implemented FR #68526 (Implement POSIX Access Control List for UDS).
Fixed bug #68751 (listen.allowed_clients is broken).
GD:
Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (CVE-2014-9709)
Implemented FR #68656 (Report gd library version).
mbstring:
Fixed bug #68504 (--with-libmbfl configure option not present on Windows).
Opcache:
Fixed bug #68644 (strlen incorrect : mbstring + func_overload=2 +UTF-8 + Opcache
).
Fixed bug #67111 (Memory leak when using "continue 2" inside two foreach loops).
OpenSSL:
Improved handling of OPENSSL_KEYTYPE_EC keys.
pcntl:
Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old handler when se
tting SIG_DFL).
PCRE:
Fixed bug #66679 (Alignment Bug in PCRE 8.34 upstream).
pgsql:
Fixed bug #68697 (lo_export return -1 on failure).
PDO:
Fixed bug #68371 (PDO#getAttribute() cannot be called with platform-specifi attr
ibute names).
PDO_mysql:
Fixed bug #68424 (Add new PDO mysql connection attr to control multi statements
option).
SPL:
Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME breaks the Rec
ursiveIterator).
Fixed bug #68479 (Added escape parameter to SplFileObject::fputcsv).
SQLite:
Fixed bug #68120 (Update bundled libsqlite to 3.8.7.2).
Streams:
Fixed bug #68532 (convert.base64-encode omits padding bytes).
Version 5.5.21
22 Jan 2015
Core:
Upgraded crypt_blowfish to version 1.3.
Fixed bug #60704 (unlink() bug with some files path).
Fixed bug #65419 (Inside trait, self::class != __CLASS__).
Fixed bug #65576 (Constructor from trait conflicts with inherited constructor).
Fixed bug #55541 (errors spawn MessageBox, which blocks test automation).
Fixed bug #68297 (Application Popup provides too few information).
Fixed bug #65769 (localeconv() broken in TS builds).
Fixed bug #65230 (setting locale randomly broken).
Fixed bug #66764 (configure doesn't define EXPANDED_DATADIR / PHP_DATADIR correc
tly).
Fixed bug #68583 (Crash in timeout thread).
Fixed bug #68676 (Explicit Double Free). (CVE-2014-9425)
Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()). (CVE-201
5-0231)
CGI:
Fixed bug #68618 (out of bounds read crashes php-cgi). (CVE-2014-9427)
CLI server:
Fixed bug #68745 (Invalid HTTP requests make web server segfault).
cURL:
Fixed bug #67643 (curl_multi_getcontent returns '' when CURLOPT_RETURNTRANSFER i
sn't set).
EXIF:
Fixed bug #68799 (Free called on uninitialized pointer). (CVE-2015-0232)
Fileinfo:
Fixed bug #68671 (incorrect expression in libmagic).
Fixed bug #68735 (fileinfo out-of-bounds memory access). (CVE-2014-9652)
Removed readelf.c and related code from libmagic sources.
FPM:
Fixed bug #68751 (listen.allowed_clients is broken).
GD:
Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (CVE-2014-9709)
Mbstring:
Fixed bug #68504 (--with-libmbfl configure option not present on Windows).
Mcrypt:
Fixed possible read after end of buffer and use after free.
Opcache:
Fixed bug #67111 (Memory leak when using "continue 2" inside two foreach loops).
OpenSSL:
Fixed bug #55618 (use case-insensitive cert name matching).
Pcntl:
Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old handler when se
tting SIG_DFL).
PCRE:
Fixed bug #66679 (Alignment Bug in PCRE 8.34 upstream).
pgsql:
Fixed bug #68697 (lo_export return -1 on failure).
PDO:
Fixed bug #68371 (PDO#getAttribute() cannot be called with platform-specific att
ribute names).
PDO_mysql:
Fixed bug #68424 (Add new PDO mysql connection attr to control multi statements
option).
SPL:
Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME breaks the Rec
ursiveIterator).
Fixed bug #65213 (cannot cast SplFileInfo to boolean).
Fixed bug #68479 (Added escape parameter to SplFileObject::fputcsv).
SQLite:
Fixed bug #68120 (Update bundled libsqlite to 3.8.7.2).
Streams:
Fixed bug #68532 (convert.base64-encode omits padding bytes).
Version 5.4.37
22 Jan 2015
Core:
Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()). (CVE-201
5-0231)
CGI:
Fixed bug #68618 (out of bounds read crashes php-cgi). (CVE-2014-9427)
EXIF:
Fixed bug #68799 (Free called on uninitialized pointer). (CVE-2015-0232)
Fileinfo:
Removed readelf.c and related code from libmagic sources.
Fixed bug #68735 (fileinfo out-of-bounds memory access). (CVE-2014-9652)
OpenSSL:
Fixed bug #55618 (use case-insensitive cert name matching).
Version 5.6.4
18 Dec 2014
Core:
Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks).
Fixed bug #68104 (Segfault while pre-evaluating a disabled function).
Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly triggered).
Fixed bug #68355 (Inconsistency in example php.ini comments).
Fixed bug #68370 ("unset($this)" can make the program crash).
Fixed bug #68422 (Incorrect argument reflection info for array_multisort()).
Fixed bug #68545 (NULL pointer dereference in unserialize.c).
Fixed bug #68446 (Array constant not accepted for array parameter default).
Fixed bug #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142
)
Date:
Fixed day_of_week function as it could sometimes return negative values internal
ly.
FPM:
Fixed bug #68381 (fpm_unix_init_main ignores log_level).
Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all addresses
).
Fixed bug #68421 (access.format='%R' doesn't log ipv6 address).
Fixed bug #68423 (PHP-FPM will no longer load all pools).
Fixed bug #68428 (listen.allowed_clients is IPv4 only).
Fixed bug #68452 (php-fpm man page is oudated).
Implemented FR #68458 (Change pm.start_servers default warning to notice).
Fixed bug #68463 (listen.allowed_clients can silently result in no allowed acces
s).
Implemented FR #68391 (php-fpm conf files loading order).
Fixed bug #68478 (access.log don't use prefix).
Mcrypt:
Fixed possible read after end of buffer and use after free.
GMP:
Fixed bug #68419 (build error with gmp 4.1).
PDO_pgsql:
Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception when no
t in transaction).
Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving).
Session:
Fixed bug #68331 (Session custom storage callable functions not being called).
SOAP:
Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes).
zlib:
Fixed bug #53829 (Compiling PHP with large file support will replace function gz
open by gzopen64).
Version 5.5.20
18 Dec 2014
Core:
Fixed bug #68091
Fixed bug #68185
Fixed bug #68370
Fixed bug #68545
Mysqli:
Fixed bug #68114 (linker error on some OS X machines with fixed width decimal su
pport).
ODBC:
Fixed bug #68087 (ODBC not correctly reading DATE column when preceded by a VARC
HAR column)
SPL:
Fixed bug #68128 (Regression in RecursiveRegexIterator)
Version 5.4.35
13 Nov 2014
Core:
Fixed bug #68365
).
Fileinfo:
Fixed bug #68283
710)
GMP:
Fixed bug #63595
).
PDO_pgsql:
Fixed bug #66584
Version 5.6.2
16 Oct 2014
Core:
Fixed bug #68044
669)
cURL:
Fixed bug #68089
EXIF:
Fixed bug #68113
XMLRPC:
Fixed bug #68027
)
Version 5.5.18
16 Oct 2014
Core:
Fixed bug #67985 (Incorrect last used array index copied to new array after unse
t).
Fixed bug #67739 (Windows 8.1/Server 2012 R2 OS build number reported as 6.2 (in
stead of 6.3)).
Fixed bug #67633 (A foreach on an array returned from a function not doing copyon-write).
Fixed bug #51800 (proc_open on Windows hangs forever).
Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3
669)
cURL:
Fixed bug #68089 (NULL byte injection - cURL lib).
Exif:
Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670)
FPM:
Fixed bug #65641 (PHP-FPM incorrectly defines the SCRIPT_NAME variable when usin
g Apache, mod_proxy-fcgi and ProxyPass).
OpenSSL:
Revert regression introduced by fix of bug #41631.
Reflection:
Fixed bug #68103 (Duplicate entry in Reflection for class alias).
Session:
Version 5.5.17
18 Sep 2014
Core:
Fixed bug #47358
Fixed bug #65463
Fixed bug #66036
Fixed bug #67878
COM:
Fixed bug #41577
Date:
Fixed bug #66091
Fixed bug #66985
Fixed bug #67109
FPM:
Fixed bug #67606
GD:
Made fontFetch's
MySQLi:
Fixed bug #67839
OpenSSL:
Fixed bug #41631
Fixed bug #67850
SPL:
Fixed bug #67813
ssage).
Zlib:
Fixed bug #67724
.
Fixed bug #67865
Version 5.4.33
18 Sep 2014
Core:
Fixed bug #47358
Fixed bug #65463
Fixed bug #66036
OpenSSL:
Fixed bug #41631
Date:
Fixed bug #66091
FPM:
Fixed bug #67606
GD:
Made fontFetch's
Wddx:
Fixed bug #67873
Zlib:
Fixed bug #67724
.
Fixed bug #67865
Version 5.6.0
28 Aug 2014
General improvements:
Added constant scalar expressions syntax.
Added dedicated syntax for variadic functions.
Added support for argument unpacking to complement the variadic syntax.
Added an exponentiation operator (**).
Added phpdbg SAPI.
never populating the $HTTP_RAW_POST_DATA global variable, which will be the defa
ult in future PHP versions.
Implemented dedicated syntax for variadic functions (RFC: https://wiki.php.net/r
fc/variadics).
Fixed bug #50333 Improving multi-threaded scalability by using emalloc/efree/est
rdup (Anatol, Dmitry)
Implemented constant scalar expressions (with support for constants) (RFC: https
://wiki.php.net/rfc/const_scalar_exprs).
Fixed bug #65784 (Segfault with finally).
Fixed bug #66509 (copy() arginfo has changed starting from 5.4).
Allow zero length comparison in substr_compare() (Tjerk)
Fixed bug #60602 (proc_open() changes environment array) (Tjerk)
Fixed bug #61019 (Out of memory on command stream_get_contents).
Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace UNIX s
ockets).
Fixed bug #66182 (exit in stream filter produces segfault).
Fixed bug #66736 (fpassthru broken).
Fixed bug #66822 (Cannot use T_POW in const expression) (Tjerk)
Fixed bug #67043 (substr_compare broke by previous change) (Tjerk)
Fixed bug #65701 (copy() doesn't work when destination filename is created by te
mpnam()).
Fixed bug #66015 (Unexpected array indexing in class's static property).
Added (constant) string/array dereferencing to static scalar expressions to comp
lete the set; now possible thanks to #66015 being fixed.
Fixed bug #66568 (Update reflection information for unserialize() function).
Fixed bug #66660 (Composer.phar install/update fails).
Fixed bug #67024 (getimagesize should recognize BMP files with negative height).
Fixed bug #67064 (Countable interface prevents using 2nd parameter ($mode) of co
unt() function).
Fixed bug #67072 (Echoing unserialized "SplFileObject" crash).
Fixed bug #67033 (Remove reference to Windows 95).
Apache2 Handler SAPI:
Fixed Apache log issue caused by APR's lack of support for %zu (APR issue https:
//issues.apache.org/bugzilla/show_bug.cgi?id=56120).
CLI server:
Added some MIME types to the CLI web server.
Fixed bug #67079 (Missing MIME types for XML/XSL files).
Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
Fixed bug #67594 (Unable to access to apache_request_headers() elements).
Implemented FR #67429 (CLI server is missing some new HTTP response codes).
Fixed bug #67406 (built-in web-server segfaults on startup).
COM:
Fixed bug #41577 (DOTNET is successful once per server run) (Aidas Kasparas)
Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas).
Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)).
Curl:
Implemented FR #65646 (re-enable CURLOPT_FOLLOWLOCATION with open_basedir or saf
e_mode).
Check for openssl.cafile ini directive when loading CA certs.
Remove cURL close policy related constants as these have no effect and are no lo
nger used in libcurl.
Fixed bug #66109 (Can't reset CURLOPT_CUSTOMREQUEST to default behaviour) (Tjerk
)
Fix compilation on libcurl versions between 7.10.5 and 7.12.2, inclusive.
Fixed bug #64247 (CURLOPT_INFILE doesn't allow reset).
Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent).
Date:
Fixed bug #66060 (Heap buffer over-read in DateInterval). (CVE-2013-6712)
Fixed bug #66091 (memory leaks in DateTime constructor) (Tjerk).
Fixed bug #67308 (Serialize of DateTime truncates fractions of second).
Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer). (CVE-2013-7327)
Fixed bug #66869 (Invalid 2nd argument crashes imageaffinematrixget).
Fixed bug #66887 (imagescale - poor quality of scaled image).
Fixed bug #66890 (imagescale segfault).
Fixed bug #66893 (imagescale ignore method argument).
GMP:
Fixed bug #66872 (invalid argument crashes gmp_testbit) (Pierre)
Fixed crashes in serialize/unserialize.
Moved GMP to use object as the underlying structure and implemented various impr
ovements based on this.
Added gmp_root() and gmp_rootrem() functions for calculating nth roots.
Hash:
Added gost-crypto (CryptoPro S-box) GOST hash algo.
Fixed bug #66698 (Missing FNV1a32 and FNV1a64 hash functions). (Michael M Slusar
z).
Implemented timing attack safe string comparison function (RFC: https://wiki.php
.net/rfc/timing_attack).
hash_pbkdf2() now works correctly if the $length argument is not specified.
Intl:
Fixed bug #66873 (A reproductible crash in UConverter when given invalid encodin
g) (Stas)
Fixed bug #66921 (Wrong argument type hint for function intltz_from_date_time_zo
ne).
Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
Fixed bug #67349 (Locale::parseLocale Double Free).
Fixed bug #67397 (Buffer overflow in locale_get_display_name and uloc_getDisplay
Name (libicu 4.8.1)).
JSON:
Fixed case part of bug #64874 ("json_decode handles whitespace and case-sensitiv
ity incorrectly")
Fixed bug #65753 (JsonSerializeable couldn't implement on module extension) (cho
bieeee@php.net)
Fixed bug #66021 (Blank line inside empty array/object when JSON_PRETTY_PRINT is
set).
ldap:
Added new function ldap_modify_batch().
Fixed issue with null bytes in LDAP bindings.
litespeed:
Fixed bug #63228 (-Werror=format-security error in lsapi code).
Mail:
Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk)
Mcrypt:
No longer allow invalid key sizes, invalid IV sizes or missing required IV in mc
rypt_encrypt, mcrypt_decrypt and the deprecated mode functions.
Use /dev/urandom as the default source for mcrypt_create_iv().
Mbstring:
Upgraded to oniguruma 5.9.5 (Anatol)
Fixed bug #67199 (mb_regex_encoding mismatch).
Milter:
Fixed bug #67715 (php-milter does not build and crashes randomly).
mysqli:
Added new function mysqli_get_links_stats() as well as new INI variable mysqli.r
ollback_on_cached_plink of type bool (Andrey)
Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed) (Remi
)
Fixed building against an external libmysqlclient.
mysqlnd:
Disabled flag for SP OUT variables for 5.5+ servers as they are not natively sup
ported by the overlying APIs.
Added a new fetching mode to mysqlnd.
Added new tlsv1.0 stream wrapper to specify TLSv1 client/server method. tls wrap
per now negotiates TLSv1, TLSv1.1 or TLSv1.2.
Encrypted client streams now enable SNI by default.
Encrypted streams now prioritize ephemeral key agreement and high strength ciphe
rs by default.
New OPENSSL_DEFAULT_STREAM_CIPHERS constant exposes default cipher list.
New STREAM_CRYPTO_METHOD_* constants for enhanced control over the crypto method
s negotiated encrypted server/client sessions.
Encrypted stream servers now automatically mitigate potential DoS vector arising
from client-initiated TLS renegotiation. New "reneg_limit", "reneg_window" and
"reneg_limit_callback" SSL context options for custom renegotiation limiting con
trol.
Fixed memory leak in windows cert verification on verify failure.
Peer certificate capturing via SSL context options now functions even if peer ve
rification fails.
Encrypted TLS servers now support the server name indication TLS extension via t
he new "SNI_server_certs" SSL context option.
Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1).
Fixed bug #66942 (memory leak in openssl_seal()).
Fixed bug #66952 (memory leak in openssl_open()).
Fixed bug #66840 (Fix broken build when extension built separately).
OPcache:
Added an optimization of class constants and constant calls to some internal fun
ctions (Laruence, Dmitry)
Added an optimization pass to convert FCALL_BY_NAME into DO_FCALL.
Added an optimization pass to merged identical constants (and related cache_slot
s) in op_array->literals table.
Added script level constant replacement optimization pass.
Added function opcache_is_script_cached().
Added information about interned strings usage.
Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault happen) (
Dmitry, Laruence)
PCRE:
Fixed bug #67238 (Ungreedy and min/max quantifier bug, applied patch from the up
stream).
Upgraded to PCRE 8.34.
Added support for (*MARK) backtracking verbs.
pgsql:
Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756), wh
ich affected builds against libpq < 7.3.
pg_insert()/pg_select()/pg_update()/pg_delete() are no longer EXPERIMENTAL.
Implemented FR #25854 (Return value for pg_insert should be resource instead of
bool).
Implemented FR #41146 (Add "description" with exteneded flag pg_meta_data(). pg_
meta_data(resource $conn, string $table [, bool extended]) It also made pg_meta_
data() return "is enum" always).
Read-only access to the socket stream underlying database connections is exposed
via a new pg_socket() function to allow read/write polling when establishing as
ynchronous connections and executing queries in non-blocking applications.
Asynchronous connections are now possible using the PGSQL_CONNECT_ASYNC flag in
conjunction with a new pg_connect_poll() function and connection polling status
constants.
New pg_flush() and pg_consume_input() functions added to manually complete non-b
locking reads/writes to underlying connection sockets.
pg_version() returns full report which obtained by PQparameterStatus().
Added pg_lo_truncate().
Added 64bit large object support for PostgreSQL 9.3 and later.
Fixed bug #67555 (Cannot build against libpq 7.3).
phpdbg:
Fixed bug #67575 (Compilation fails for phpdbg when the build directory != src d
irectory).
Fixed bug #67499 (readline feature not enabled when build with libedit).
Fixed issue #94 (List behavior is inconsistent).
Fixed issue #97 (The prompt should always ensure it is on a newline).
Fixed issue #98 (break if does not seem to work).
Fixed issue #99 (register function has the same behavior as run).
Fixed issue #100 (No way to list the current stack/frames) (Help entry was missi
ng).
Fixed bug which caused phpdbg to fail immediately on startup in non-debug builds
.
Fixed bug #67212 (phpdbg uses non-standard TIOCGWINSZ).
Included phpdbg sapi (RFC: https://wiki.php.net/rfc/phpdbg).
Added watchpoints (watch command).
Renamed some commands (next => continue and how to step).
Fixed issue #85 (Added stdin/stdout/stderr constants and their php:// wrappers).
PDO:
Fixed bug #66604 ('pdo/php_pdo_error.h' not copied to the include dir).
PDO-ODBC:
Fixed bug #50444 (PDO-ODBC changes for 64-bit).
PDO_pgsql:
Fixed bug #42614 (PDO_pgsql: add pg_get_notify support).
Fixed bug #63657 (pgsqlCopyFromFile, pgsqlCopyToArray use Postgres < 7.3 syntax)
.
Cleaned up code by increasing the requirements to libpq versions providing PQexe
cParams, PQprepare, PQescapeStringConn, PQescapeByteaConn. According to the rele
ase notes that means 8.0.8+ or 8.1.4+.
Deprecated PDO::PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT, an undocument cons
tant effectively equivalent to PDO::ATTR_EMULATE_PREPARES.
Added PDO::PGSQL_ATTR_DISABLE_PREPARES constant to execute the queries without p
reparing them, while still passing parameters separately from the command text u
sing PQexecParams.
PDO_firebird:
Fixed bug #66071 (memory corruption in error handling) (Popa)
Phar:
Fixed bug #64498 ($phar->buildFromDirectory can't compress file with an accent i
n its name).
Fixed bug #67587 (Redirection loop on nginx with FPM).
readline:
Fixed bug #55496 (Interactive mode doesn't force a newline before the prompt).
Fixed bug #67496 (Save command history when exiting interactive shell with contr
ol-c).
Reflection:
Implemented FR #67713 (loosen the restrictions on ReflectionClass::newInstanceWi
thoutConstructor()).
Session:
Fixed bug #67694 (Regression in session_regenerate_id()).
Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas).
Fixed bug #66827 (Session raises E_NOTICE when session name variable is array).
Fixed bug #65315 (session.hash_function silently fallback to default md5) (Yasuo
)
Implemented FR #17860 (Session write short circuit).
Implemented FR #20421 (session_abort() and session_reset() function).
Remove session_gc() and session_serializer_name() wich were introduced in the fi
rst 5.6.0 alpha.
SimpleXML:
Fixed bug #66084 (simplexml_load_string() mangles empty node name) (Anatol)
SQLite:
Updated the bundled libsqlite to the version 3.8.3.1 (Anatol)
Fixed bug #66967 (Updated bundled libsqlite to 3.8.4.3).
SOAP:
Fixed bug #67715 (php-milter does not build and crashes randomly).
Network:
Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597).
OpenSSL:
Fixed missing type checks in OpenSSL options.
readline:
Fixed bug #55496 (Interactive mode doesn't force a newline before the prompt).
Fixed bug #67496 (Save command history when exiting interactive shell with contr
ol-c).
Sessions:
Fixed missing type checks in php_session_create_id.
ODBC:
Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte char fi
elds).
Version 5.4.32
21 Aug 2014
Core:
Fixed bug #67717 (segfault in dns_get_record) (CVE-2014-3597).
Fixed bug #67693 (incorrect push to the empty array)
COM:
Fixed missing type checks in com_event_sink.
Fileinfo:
Fixed bug #67705 (extensive backtracking in rule regular expression) (CVE-2014-3
538).
Fixed bug #67716 (Segfault in cdf.c) (CVE-2014-3587).
GD:
Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference) (CVE-2014-2497).
Fixed bug #67730 (Null byte injection possible with imagexxx functions) (CVE-201
4-5120).
Milter:
Fixed bug #67715 (php-milter does not build and crashes randomly).
OpenSSL:
Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
Readline:
Fixed bug #55496 (Interactive mode doesn't force a newline before the prompt).
Fixed bug #67496 (Save command history when exiting interactive shell with contr
ol-c).
Sessions:
Fixed missing type checks in php_session_create_id.
SPL:
Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorti
ng) (CVE-2014-4698).
Fixed bug #67538 (SPL Iterators use-after-free) (CVE-2014-4670).
ODBC:
Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte char fi
elds).
Version 5.3.29
14 Aug 2014
Core:
Fixed bug #66127
Fixed bug #67247
Fixed bug #67249
Fixed bug #67250
Fixed bug #67252
Fixed bug #67359
Fixed bug #67390
4-3981)
Fixed bug #67399
pgsql:
Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756), wh
ich affected builds against libpq < 7.3).
Phar:
Fixed bug #67587 (Redirection loop on nginx with FPM).
SPL:
Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorti
ng). (CVE-2014-4698)
Fixed bug #67538 (SPL Iterators use-after-free) (CVE-2014-4670).
Streams:
Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects).
Version 5.4.31
24 Jul 2014
Core:
Fixed bug #67428 (header('Location: foo') will override a 308-399 response code)
.
Fixed bug #67436 (Autoloader isn't called if two method definitions don't match)
.
Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0).
Fixed bug #67151 (strtr with empty array crashes).
Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server 2012).
CLI server:
Implemented FR #67429 (CLI server is missing some new HTTP response codes).
Fixed bug #66830 (Empty header causes PHP built-in web server to hang).
FPM:
Fixed bug #67530 (error_log=syslog ignored).
Fixed bug #67531 (syslog cannot be set in pool configuration).
Intl:
Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting).
pgsql:
Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756), wh
ich affected builds against libpq < 7.3.
Phar:
Fixed bug #67587 (Redirection loop on nginx with FPM).
Streams:
Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects).
Version 5.5.14
26 Jun 2014
CLI server:
Fixed bug #67406 (built-in web-server segfaults on startup).
Core:
Fixed bug #66622 (Closures do not correctly capture the late bound class (static
::) in some cases).
Fixed bug #67390 (insecure temporary file use in the configure script). (CVE-201
4-3981).
Fixed bug #67399 (putenv with empty variable may lead to crash).
Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).
Fixed BC break introduced by patch for bug #67072.
Date:
Fixed bug #67308 (Serialize of DateTime truncates fractions of second).
Fixed regression in fix for bug #67118 (constructor can't be called twice).
Fileinfo:
Fixed bug #67326 (cdf_read_short_sector insufficient boundary check). (CVE-20140207)).
Fixed bug #67410 (mconvert incorrect handling of truncated pascal string size).
(CVE-2014-3478).
Fixed bug #67411 (cdf_check_stream_offset insufficient boundary check). (CVE-201
4-3479).
SOAP:
Implemented FR #49898 (Add SoapClient::__getCookies()).
SPL:
Fixed bug #66127 (Segmentation fault with ArrayObject unset).
Fixed bug #67359 (Segfault in recursiveDirectoryIterator).
Fixed bug #67360 (Missing element after ArrayObject::getIterator).
Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type Confusio
n) (CVE-2014-3515).
Version 5.5.13
29 May 2014
CLI server:
Fixed bug #67079 (Missing MIME types for XML/XSL files).
COM:
Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)).
Core:
Fixed bug #65701 (copy() doesn't work when destination filename is created by te
mpnam()).
Fixed bug #67072 (Echoing unserialized "SplFileObject" crash).
Fixed bug #67245 (usage of memcpy() with overlapping src and dst in zend_excepti
ons.c).
Fixed bug #67247 (spl_fixedarray_resize integer overflow).
Fixed bug #67249 (printf out-of-bounds read).
Fixed bug #67250 (iptcparse out-of-bounds read).
cURL:
Fixed bug #64247 (CURLOPT_INFILE doesn't allow reset).
Date:
Fixed bug #67118 (DateTime constructor crash with invalid data).
Fixed bug #67251 (date_parse_from_format out-of-bounds read).
Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read).
DOM:
Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag, no
t only the subset).
Fileinfo:
Fixed bug #66307 (Fileinfo crashes with powerpoint files).
Fixed bug #67327 (CDF infinite loop in nelements DoS) (CVE-2014-0238).
Fixed bug #67328 (numerous file_printf calls resulting in performance degradatio
n) (CVE-2014-0237).
FPM:
Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
GD:
Fixed bug #67248 (imageaffinematrixget missing check of parameters).
PCRE:
Fixed bug #67248 Ungreedy and min/max quantifier bug, applied patch from the ups
tream.
Phar:
Fixed bug #64498 ($phar->buildFromDirectory can't compress file with an accent i
n its name).
Version 5.4.29
29 May 2014
COM:
Fixed bug #66431
Core:
Fixed bug #65701
mpnam()).
Fixed bug #67072
Fixed bug #67245
ons.c).
Fixed bug #67247
Fixed bug #53965 (<xsl:include> cannot find files with relative paths when loade
d with "file://")
Apache2 Handler SAPI:
Fixed Apache log issue caused by APR's lack of support for %zu (APR issue https:
//issues.apache.org/bugzilla/show_bug.cgi?id=56120)
Version 5.4.28
01 May 2014
Core:
Fixed bug #61019 (Out of memory on command stream_get_contents).
Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace UNIX s
ockets).
Fixed bug #66171 (Symlinks and session handler allow open_basedir bypass).
Fixed bug #66182 (exit in stream filter produces segfault).
Fixed bug #66736 (fpassthru broken).
Fixed bug #67024 (getimagesize should recognize BMP files with negative height).
cURL:
Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent).
Date:
Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is sup
plied).
Embed:
Fixed bug #65715 (php5embed.lib isn't provided anymore).
Fileinfo:
Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian).
FPM:
Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf).
Fixed bug #67060 (sapi/fpm: possible privilege escalation due to insecure defaul
t configuration) (CVE-2014-0185).
JSON:
Fixed bug #66021 (Blank line inside empty array/object when JSON_PRETTY_PRINT is
set).
LDAP:
Fixed issue with null bytes in LDAP bindings.
OpenSSL:
Fixed bug #66942 (memory leak in openssl_seal()).
Fixed bug #66952 (memory leak in openssl_open()).
SimpleXML:
Fixed bug #66084 (simplexml_load_string() mangles empty node name) (Anatol)
XSL:
Fixed bug #53965 (<xsl:include> cannot find files with relative paths when loade
d with "file://").
Apache2 Handler SAPI:
Fixed Apache log issue caused by APR's lack of support for %zu (APR issue 56120)
.
Version 5.5.11
03 Apr 2014
Core:
Fixed bug #60602 (proc_open() changes environment array).
Allow zero length comparison in substr_compare().
cURL:
Fixed bug #66109 (Can't reset CURLOPT_CUSTOMREQUEST to default behaviour).
Fix compilation on libcurl versions between 7.10.5 and 7.12.2, inclusive.
Fileinfo:
Fixed bug #66946 (fileinfo: extensive backtracking in awk rule regular expressio
n (CVE-2013-7345)).
FPM:
Added clear_env configuration directive to disable clearenv() call.
GD:
Openssl:
Fixed bug #66501 (Add EC key support to php_openssl_is_private_key).
PCRE:
Upgraded to PCRE 8.34.
Pgsql:
Added warning for dangerous client encoding and remove possible injections for p
g_insert()/pg_update()/pg_delete()/pg_select().
Version 5.4.26
06 Mar 2014
JSON:
Fixed bug #65753 (JsonSerializeable couldn't implement on module extension)
Fileinfo:
Fixed bug #66731 (file: infinite recursion) (CVE-2014-1943).
Fixed bug #66820 (out-of-bounds memory access in fileinfo) (CVE-2014-2270).
LDAP:
Implemented ldap_modify_batch (https://wiki.php.net/rfc/ldap_modify_batch).
Openssl:
Fixed bug #66501 (Add EC key support to php_openssl_is_private_key).
Pgsql:
Added warning for dangerous client encoding and remove possible injections for p
g_insert()/pg_update()/pg_delete()/pg_select().
Version 5.5.9
06 Feb 2014
Core:
Fixed bug #66509 (copy() arginfo has changed starting from 5.4).
GD:
Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop(), CVE-2013-7226).
OPCache:
Fixed bug #66474 (Optimizer bug in constant string to boolean conversion).
Fixed bug #66461 (PHP crashes if opcache.interned_strings_buffer=0).
Fixed bug #66298 (ext/opcache/Optimizer/zend_optimizer.c has dos-style ^M as lin
eend).
PDO_pgsql:
Fixed bug #62479 (PDO-pgsql cannot connect if password contains spaces).
Readline:
Fixed bug #66412 (readline_clear_history() with libedit causes segfault after #6
5714).
Session:
Fixed bug #66469 (Session module is sending multiple set-cookie headers when ses
sion.use_strict_mode=1).
Fixed bug #66481 (Segfaults on session_name()).
Standard:
Fixed bug #66395 (basename function doesn't remove drive letter).
Sockets:
Fixed bug #66381 (__ss_family was changed on AIX 5.3).
Zend Engine:
Fixed bug #66009 (Failed compilation of PHP extension with C++ std library using
VS 2012).
Version 5.4.25
06 Feb 2014
Core:
Fixed bug #66286
Fixed bug #66509
mysqlnd:
Fixed bug #66283
PDO_pgsql:
Fixed bug #62479
Session:
Fixed bug #66481 (Calls to session_name() segfault when session.name is null).
Version 5.5.8
09 Jan 2014
Core:
Disallowed JMP into a finally block.
Added validation of class names in the autoload process.
Fixed invalid C code in zend_strtod.c.
Fixed bug #66041 (list() fails to unpack yielded ArrayAccess object).
Fixed bug #65764 (generators/throw_rethrow FAIL with ZEND_COMPILE_EXTENDED_INFO)
.
Fixed bug #61645 (fopen and O_NONBLOCK).
Fixed bug #66218 (zend_register_functions breaks reflection).
Date:
Fixed bug #66060 (Heap buffer over-read in DateInterval, CVE-2013-6712).
Fixed bug #65768 (DateTimeImmutable::diff does not work).
DOM:
Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML() Produce
s invalid Markup).
Exif:
Fixed bug #65873 (Integer overflow in exif_read_data()).
Filter:
Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer).
GD:
Fixed bug #64405 (Use freetype-config for determining freetype2 dir(s)).
PDO_odbc:
Fixed bug #66311 (Stack smashing protection kills PDO/ODBC queries).
MySQLi:
Fixed bug #65486 (mysqli_poll() is broken on win x64).
OPCache:
Fixed revalidate_path=1 behavior to avoid caching of symlinks values.
Fixed issue #140 ("opcache.enable_file_override" doesn't respect "opcache.revali
date_freq".)
SNMP:
Fixed SNMP_ERR_TOOBIG handling for bulk walk operations.
SOAP:
Fixed bug #66112 (Use after free condition in SOAP extension).
Sockets:
Fixed bug #65923 (ext/socket assumes AI_V4MAPPED is defined).
XSL:
Fixed bug #49634 (Segfault throwing an exception in a XSL registered function).
ZIP:
Fixed bug #66321 (ZipArchive::open() ze_obj->filename_len not real).
Version 5.4.24
09 Jan 2014
Core:
Added validation of class names in the autoload process.
Fixed invalid C code in zend_strtod.c.
Fixed bug #61645 (fopen and O_NONBLOCK).
Date:
Fixed bug #66060 (Heap buffer over-read in DateInterval, CVE-2013-6712).
Fixed bug #63391 (Incorrect/inconsistent day of week prior to the year 1600).
Fixed bug #61599 (Wrong Day of Week).
DOM:
Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML() Produce
s invalid Markup).
Exif:
Fixed bug #65873 (Integer overflow in exif_read_data()).
Filter:
Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer).
GD:
Fixed bug #64405 (Use freetype-config for determining freetype2 dir(s)).
PDO_odbc:
Fixed bug #66311 (Stack smashing protection kills PDO/ODBC queries).
SNMP:
Fixed SNMP_ERR_TOOBIG handling for bulk walk operations.
XSL:
Fixed bug #49634 (Segfault throwing an exception in a XSL registered function).
ZIP:
Fixed bug #66321 (ZipArchive::open() ze_obj->filename_len not real).
Version 5.5.7
12 Dec 2013
Core:
Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string).
Fixed bug #65969 (Chain assignment with T_LIST failure).
CLI server:
Added some MIME types to the CLI web server.
Implemented FR #65917 (getallheaders() is not supported by the built-in web serv
er) - also implements apache_response_headers()
OPCache:
Fixed bug #66176 (Invalid constant substitution).
Fixed bug #65915 (Inconsistent results with require return value).
Fixed bug #65559 (Opcache: cache not cleared if changes occur while running).
readline:
Fixed bug #65714 (PHP cli forces the tty to cooked mode).
Openssl:
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420).
Version 5.5.6
14 Nov 2013
Core:
Improved performance of array_merge() and func_get_args() by eliminating useless
copying.
Fixed bug #65947 (basename is no more working after fgetcsv in certain situation
).
Fixed bug #65939 (Space before ";" breaks php.ini parsing).
Fixed bug #65911 (scope resolution operator - strange behavior with $this).
Fixed bug #65936 (dangling context pointer causes crash).
FPM:
Changed default listen() backlog to 65535.
JSON:
Fixed bug #64874 (json_decode handles whitespace incorrectly).
MySQLi:
Fixed bug #66043 (Segfault calling bind_param() on mysqli).
OPCache:
Increased limit for opcache.max_accelerated_files to 1,000,000.
Fixed issue #115 (path issue when using phar).
Fixed issue #149 (Phar mount points not working with OPcache enabled).
ODBC:
Fixed bug #65950 (Field name truncation if the field name is bigger than 32 char
acters).
PDO:
Fixed bug #66033 (Segmentation Fault when constructor of PDO statement throws an
exception).
Fixed bug #65946 (sql_parser permanently converts values bound to strings).
Standard:
Fixed bug #64760 (var_export() does not use full precision for floating-point nu
mbers).
Version 5.4.23
12 Dec 2013
Core:
Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string).
Fixed bug #65947 (basename is no more working after fgetcsv in certain situation
).
JSON:
Fixed whitespace part of #64874 ("json_decode handles whitespace and case-sensit
ivity incorrectly").
MySQLi:
Fixed bug #66043 (Segfault calling bind_param() on mysqli).
mysqlnd:
Fixed bug #66124 (mysqli under mysqlnd loses precision when bind_param with 'i')
.
Fixed bug #66141 (mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES afte
r failed query).
OpenSSL:
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser).
PDO:
Fixed bug #65946 (sql_parser permanently converts values bound to strings).
Version 5.4.22
14 Nov 2013
Core:
Fixed bug #65911 (scope resolution operator - strange behavior with $this).
CLI server:
Fixed bug #65818 (Segfault with built-in webserver and chunked transfer encoding
).
Exif:
Fixed crash on unknown encoding.
FTP:
Fixed bug #65667 (ftp_nb_continue produces segfault).
ODBC:
Fixed bug #65950 (Field name truncation if the field name is bigger than 32 char
acters).
Sockets:
Fixed bug #65808 (the socket_connect() won't work with IPv6 address).
Standard:
Fixed bug #64760 (var_export() does not use full precision for floating-point nu
mbers).
XMLReader:
Fixed bug #51936 (Crash with clone XMLReader).
Fixed bug #64230 (XMLReader does not suppress errors).
Version 5.5.5
17 Oct 2013
Core:
Fixed bug #64979 (Wrong behavior of static variables in closure generators).
Fixed bug #65322 (compile time errors won't trigger auto loading).
Fixed bug #65821 (By-ref foreach on property access of string offset segfaults).
CLI Server:
Fixed bug #65633 (built-in server treat some http headers as case-sensitive).
Fixed bug #65818 (Segfault with built-in webserver and chunked transfer encoding
).
Added application/pdf to PHP CLI Web Server mime types
Datetime:
Fixed bug #64157 (DateTime::createFromFormat() reports confusing error message).
Fixed bug #65502 (DateTimeImmutable::createFromFormat returns DateTime).
.
Version 5.5.4
19 Sep 2013
Core:
Fixed bug #60598 (cli/apache sapi segfault on objects manipulation).
Improved fputcsv() to allow specifying escape character.
Fixed bug #65483 (quoted-printable encode stream filter incorrectly encoding spa
ces).
Fixed bug #65470 (Segmentation fault in zend_error() with --enable-dtrace).
Fixed bug #65490 (Duplicate calls to get lineno & filename for DTRACE_FUNCTION_*
).
Fixed bug #65225 (PHP_BINARY incorrectly set).
Fixed bug #62692 (PHP fails to build with DTrace).
Fixed bug #61759 (class_alias() should accept classes with leading backslashes).
Fixed bug #46311 (Pointer aliasing issue results in miscompile on gcc4.4).
cURL:
Fixed bug #65458 (curl memory leak).
Datetime:
Fixed bug #65554 (createFromFormat broken when weekday name is followed by some
delimiters).
Fixed bug #65564 (stack-buffer-overflow in DateTimeZone stuff caught by AddressS
anitizer).
OPCache:
Fixed bug #65561 (Zend Opcache on Solaris 11 x86 needs ZEND_MM_ALIGNMENT=4).
Openssl:
Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in some cas
es).
Session:
Fixed bug #65475 (Session ID is not initialized properly when strict session is
enabled).
Fixed bug #51127 and #65359, FR #25630/#43980/#54383 (Added php_serialize sessio
n serialize handler that uses plain serialize())
Standard:
Fix issue with return types of password API helper functions. Found via static a
nalysis by cjones.
Version 5.4.20
19 Sep 2013
Core:
Fixed bug #60598 (cli/apache sapi segfault on objects manipulation).
Fixed bug #65579 (Using traits with get_class_methods causes segfault).
Fixed bug #65490 (Duplicate calls to get lineno & filename for DTRACE_FUNCTION_*
).
Fixed bug #65483 (quoted-printable encode stream filter incorrectly encoding spa
ces).
Fixed bug #65481 (shutdown segfault due to serialize).
Fixed bug #65470 (Segmentation fault in zend_error() with --enable-dtrace).
Fixed bug #65372 (Segfault in gc_zval_possible_root when return reference fails)
.
Fixed bug #65304 (Use of max int in array_sum).
Fixed bug #65291 (get_defined_constants() causes PHP to crash in a very limited
case).
Fixed bug #65225 (PHP_BINARY incorrectly set).
Improved fix for bug #63186 (compile failure on netbsd).
Fixed bug #62692 (PHP fails to build with DTrace).
Fixed bug #61759 (class_alias() should accept classes with leading backslashes).
Fixed bug #61345 (CGI mode - make install don't work).
Cherry-picked some DTrace build commits (allowing builds on Linux, bug #62691 an
d bug #63706) from PHP 5.5 branch.
magerotate).
Fixed bug #65060 (imagecreatefrom... crashes with user streams).
Fixed bug #65084 (imagecreatefromjpeg fails with URL).
Fix gdImageCreateFromWebpCtx and use same logic to load WebP image that other fo
rmats.
Intl:
Add IntlCalendar::setMinimalDaysInFirstWeek()/intlcal_set_minimal_days_in_first_
week().
Fixed trailing space in name of constant IntlCalendar::FIELD_FIELD_COUNT.
Fixed bug #62759 (Buggy grapheme_substr() on edge case).
Fixed bug #61860 (Offsets may be wrong for grapheme_stri* functions).
OCI8:
Bump PECL package info version check to allow PECL installs with PHP 5.5+.
PDO:
Allowed PDO_OCI to compile with Oracle Database 12c client libraries.
Pgsql:
pg_unescape_bytea() raises E_WARNING for invalid inputs.
Phar:
Fixed bug #65142 (Missing phar man page).
Session:
Added optional create_sid() argument to session_set_save_handler(), SessionHandl
er and new SessionIdInterface.
Sockets:
#63472Setting SO_BINDTODEVICE with socket_set_option.
Allowed specifying paths in the abstract namespace for the functions socket_bind
(), socket_connect() and socket_sendmsg().
Fixed bug #65260sendmsg() ancillary data construction for SCM_RIGHTS is faulty.
SPL:
Fixed bug #65136RecursiveDirectoryIterator segfault.
Fixed bug #61828Memleak when calling Directory(Recursive)Iterator/Spl(Temp)FileO
bject ctor twice.
CGI/FastCGI SAPI:
Added PHP_FCGI_BACKLOG, overrides the default listen backlog.
Version 5.3.28
12 Dec 2013
Openssl:
Fixed handling null bytes in subjectAltName (CVE-2013-4248).
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser).
Version 5.3.27
11 Jul 2013
Core:
Fixed bug #64966
Fixed bug #64960
Fixed bug #64934
Fixed bug #63186
DateTime:
Fixed bug #53437
PDO_firebird:
Fixed bug #64037
Fixed bug #62024
PDO_pgsql:
Fixed bug #64949
pgsql:
Fixed bug #64609
SPL:
Fixed bug #64997
ems).
XML:
(segfault in zend_do_fcall_common_helper_SPEC).
(Segfault in gc_zval_possible_root).
(Apache2 TS crash with get_browser()).
(compile failure on netbsd).
(Crash when using unserialized DatePeriod instance).
(Firebird return wrong value for numeric field).
(Cannot insert second row with null using parametrized query).
(Buffer overflow in _pdo_pgsql_error).
(pg_convert enum type support).
(Segfault while using RecursiveIteratorIterator on 64-bits syst
Fixed bug #64515 (Memoryleak when using the same variablename 2times in function
declaration)
Fixed bug #64503 (Compilation fails with error: conflicting types for 'zendparse
')
Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or 5.4.11)
Fixed bug #64523 allow XOR in php.ini
Fixed bug #64354 (Unserialize array of objects whose class can't be autoloaded f
ail)
Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT'])
Fixed bug #64166 (quoted-printable-encode stream filter incorrectly discarding w
hitespace)
Fixed bug #64142 (dval to lval different behavior on ppc64)
Fixed bug #64135 (Exceptions from set_error_handler are not always propagated)
Fixed bug #63980 (object members get trimmed by zero bytes)
Fixed bug #63874 (Segfault if php_strip_whitespace has heredoc)
Fixed bug #63830 (Segfault on undefined function call in nested generator)
Fixed bug #63822 (Crash when using closures with ArrayAccess)
Fixed bug #61681 (Malformed grammar)
Fixed bug #61038 (unpack("a5", "str\0\0") does not work as expected)
Fixed bug #61025 (__invoke() visibility not honored)
Fixed bug #60833 (self, parent, static behave inconsistently case-sensitive)
Fixed bug #52126 timestamp for mail.log
Fixed bug #49348 (Uninitialized ++$foo->bar; does not cause a notice)
Fixed bug #23955 allow specifying Max-Age attribute in setcookie()
Fixed bug #18556 (Engine uses locale rules to handle class names)
Fix undefined behavior when converting double variables to integers. The double
is now always rounded towards zero, the remainder of its division by 2^32 or 2^6
4 (depending on sizeof(long)) is calculated and it's made signed assuming a two'
s complement representation
Removed legacy features:
Remove php_logo_guid(), php_egg_logo_guid(), php_real_logo_guid(), zend_logo_gui
d()
Drop Windows XP and 2003 support
Apache2 Handler SAPI:
Enabled Apache 2.4 configure option for Windows.
Calendar:
Fixed bug #64895 (Integer overflow in SndToJewish).
Fixed bug #54254 (cal_from_jd returns month = 6 when there is only one Adar).
CLI server:
Fixed bug #64128 (buit-in web server is broken on ppc64).
CURL:
Remove curl stream wrappers.
Implemented FR #46439 (added CURLFile for safer file uploads).
Added support for CURLOPT_FTP_RESPONSE_TIMEOUT, CURLOPT_APPEND, CURLOPT_DIRLISTO
NLY, CURLOPT_NEW_DIRECTORY_PERMS, CURLOPT_NEW_FILE_PERMS, CURLOPT_NETRC_FILE, CU
RLOPT_PREQUOTE, CURLOPT_KRBLEVEL, CURLOPT_MAXFILESIZE, CURLOPT_FTP_ACCOUNT, CURL
OPT_COOKIELIST, CURLOPT_IGNORE_CONTENT_LENGTH, CURLOPT_CONNECT_ONLY, CURLOPT_LOC
ALPORT, CURLOPT_LOCALPORTRANGE, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_SSL_SES
SIONID_CACHE, CURLOPT_FTP_SSL_CCC, CURLOPT_HTTP_CONTENT_DECODING, CURLOPT_HTTP_T
RANSFER_DECODING, CURLOPT_PROXY_TRANSFER_MODE, CURLOPT_ADDRESS_SCOPE, CURLOPT_CR
LFILE, CURLOPT_ISSUERCERT, CURLOPT_USERNAME, CURLOPT_PASSWORD, CURLOPT_PROXYUSER
NAME, CURLOPT_PROXYPASSWORD, CURLOPT_NOPROXY, CURLOPT_SOCKS5_GSSAPI_NEC, CURLOPT
_SOCKS5_GSSAPI_SERVICE, CURLOPT_TFTP_BLKSIZE, CURLOPT_SSH_KNOWNHOSTS, CURLOPT_FT
P_USE_PRET, CURLOPT_MAIL_FROM, CURLOPT_MAIL_RCPT, CURLOPT_RTSP_CLIENT_CSEQ, CURL
OPT_RTSP_SERVER_CSEQ, CURLOPT_RTSP_SESSION_ID, CURLOPT_RTSP_STREAM_URI, CURLOPT_
RTSP_TRANSPORT, CURLOPT_RTSP_REQUEST, CURLOPT_RESOLVE, CURLOPT_ACCEPT_ENCODING,
CURLOPT_TRANSFER_ENCODING, CURLOPT_DNS_SERVERS and CURLOPT_USE_SSL
Fixed bug #55635 (CURLOPT_BINARYTRANSFER no longer used. The constant still exis
ts for backward compatibility but is doing nothing)
Fixed bug #54995 (Missing CURLINFO_RESPONSE_CODE support)
Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, SMB or with n
on std tmp dir).
Streams:
Fixed bug #64770 (stream_select() fails with pipes returned by proc_open() on Wi
ndows x64).
Zend Engine:
Fixed bug #64821 (Custom Exception crash when internal properties overridden).
Version 5.4.15
09 May 2013
Core:
Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap: segfa
ult).
Fixed bug #64458 (dns_get_record result with string of length -1).
Fixed bug #64433 (follow_location parameter of context is ignored for most respo
nse codes).
Fixed bug #47675 (fd leak on Solaris).
Fixed bug #64577 (fd leak on Solaris).
Fileinfo:
Upgraded libmagic to 5.14.
Streams:
Fixed Windows x64 version of stream_socket_pair() and improved error handling.
Zip:
Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).
Version 5.3.25
09 May 2013
Core:
Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap: segfa
ult).
Fixed bug #64458 (dns_get_record result with string of length -1).
Fixed bug #47675 (fd leak on Solaris).
Fixed bug #64577 (fd leak on Solaris).
Streams:
Fixed Windows x64 version of stream_socket_pair() and improved error handling.
Zip:
Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).
Version 5.4.14
11 Apr 2013
Core:
Fixed bug #64529 (Ran out of opcode space).
Fixed bug #64515 (Memoryleak when using the same variablename two times in funct
ion declaration).
Fixed bug #64432 (more empty delimiter warning in strX methods).
Fixed bug #64417 (ArrayAccess::&offsetGet() in a trait causes fatal error).
Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']).
Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or 5.4.11).
Fixed bug #63976 (Parent class incorrectly using child constant in class propert
y).
Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle exceptions pr
operly).
Fixed bug #62343 (Show class_alias In get_declared_classes()).
PCRE:
Merged PCRE 8.32.
SNMP:
Fixed bug #61981 (OO API, walk: $suffix_as_key is not working correctly).
Zip:
Fixed bug #64452 (Zip crash intermittently). (Anatol)
Version 5.3.24
11 Apr 2013
Core:
Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']).
Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle exceptions pr
operly).
Fixed bug #62343 (Show class_alias In get_declared_classes()).
PCRE:
Merged PCRE 8.32.
mysqlnd:
Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc for
stmt->param_bind).
DateTime:
Fixed bug #62852 (Unserialize Invalid Date causes crash).
Zip:
Fixed bug #64452 (Zip crash intermittently).
Version 5.4.13
14 Mar 2013
Core:
Fixed bug #64235 (Insteadof not work for class method in 5.4.11).
Implemented FR #64175 (Added HTTP codes as of RFC 6585).
Fixed bug #64142 (dval to lval different behavior on ppc64).
Fixed bug #64070 (Inheritance with Traits failed with error).
CLI server:
Fixed bug #64128 (buit-in web server is broken on ppc64).
Mbstring:
mb_split() can now handle empty matches like preg_split() does.
OpenSSL:
Fixed bug #61930 (openssl corrupts ssl key resource when using openssl_get_publi
ckey()).
PDO_mysql:
Fixed bug #60840 (undefined symbol: mysqlnd_debug_std_no_trace_funcs).
Phar:
Fixed timestamp update on Phar contents modification.
SOAP:
Added check that soap.wsdl_cache_dir conforms to open_basedir (CVE-2013-1635).
Disabled external entities loading (CVE-2013-1643, CVE-2013-1824).
SPL:
Fixed bug #64264 (SPLFixedArray toArray problem).
Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS).
Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended).
Fixed bug #52861 (unset fails with ArrayObject and deep arrays).
SNMP:
Fixed bug #64124 (IPv6 malformed).
Version 5.3.23
14 Mar 2013
Phar:
Fixed timestamp update on Phar contents modification.
SOAP
Added check that soap.wsdl_cache_dir conforms to open_basedir (CVE-2013-1635).
Disabled external entities loading (CVE-2013-1643, CVE-2013-1824).
SPL:
Fixed bug #64264 (SPLFixedArray toArray problem).
Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS).
Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended).
Fixed bug #52861 (unset fails with ArrayObject and deep arrays).
Version 5.4.12
21 Feb 2013
Core:
Fixed bug #64099 (Wrong TSRM usage in zend_register_class alias).
Fixed bug #64011 (get_html_translation_table() output incomplete with HTML_ENTIT
IES and ISO-8859-1).
Fixed bug #63982 (isset() inconsistently produces a fatal error on protected pro
perty).
Fixed bug #63943 (Bad warning text from strpos() on empty needle).
Fixed bug #63899 (Use after scope error in zend_compile).
Fixed bug #63893 (Poor efficiency of strtr() using array with keys of very diffe
rent length).
Fixed bug #63882 (zend_std_compare_objects crash on recursion).
Fixed bug #63462 (Magic methods called twice for unset protected properties).
Fixed bug #62524 (fopen follows redirects for non-3xx statuses).
Support BITMAPV5HEADER in getimagesize().
Date:
Fixed bug #63699 (Performance improvements for various ext/date functions).
Fixed bug #55397 Comparsion of incomplete DateTime causes SIGSEGV.
FPM:
Fixed bug #63999 (php with fpm fails to build on Solaris 10 or 11).
Litespeed:
Fixed bug #63228 (-Werror=format-security error in lsapi code).
sqlite3:
Fixed bug #63921 (sqlite3::bindvalue and relative PHP functions aren't using sql
ite3_*_int64 API).
PDO_OCI:
Fixed bug #57702 (Multi-row BLOB fetches).
Fixed bug #52958 (Segfault in PDO_OCI on cleanup after running a long testsuite)
.
PDO_sqlite:
Fixed bug #63916 (PDO::PARAM_INT casts to 32bit int internally even on 64bit bui
lds in pdo_sqlite).
Version 5.3.22
21 Feb 2013
Zend Engine:
Fixed bug #64099
Fixed bug #63899
Core:
Fixed bug #63943
Date:
Fixed bug #55397
FPM:
Fixed bug #63999
SPL:
Fixed bug #64106
Version 5.4.11
17 Jan 2013
Core:
Fixed bug #63762 (Sigsegv when Exception::$trace is changed by user).
Fixed bug #43177 (Errors in eval()'ed code produce status code 500).
Filter:
Fixed bug #63757 (getenv() produces memory leak with CGI SAPI).
Fixed bug #54096 (FILTER_VALIDATE_INT does not accept +0 and -0).
JSON:
Fixed bug #63737 (json_decode does not properly decode with options parameter).
CLI server:
Update list of common mime types. Added webm, ogv, ogg.
cURL extension:
Zend Engine:
Fixed bug #63635 (Segfault in gc_collect_cycles).
Fixed bug #63512 (parse_ini_file() with INI_SCANNER_RAW removes quotes from valu
e).
Fixed bug #63468 (wrong called method as callback with inheritance).
Core:
Fixed bug #63451 (config.guess file does not have AIX 7 defined, shared objects
are not created).
Fixed bug #63377 (Segfault on output buffer).
Apache2 Handler SAPI:
Enabled Apache 2.4 configure option for Windows.
Date:
Fixed bug #63435 (Datetime::format('u') sometimes wrong by 1 microsecond).
Fileinfo:
Fixed bug #63248 (Load multiple magic files from a directory under Windows).
Fixed bug #63590 (Different results in TS and NTS under Windows).
FPM:
Fixed bug #63581 (Possible null dereference and buffer overflow).
Imap:
Fixed bug #63126 (DISABLE_AUTHENTICATOR ignores array).
MySQLnd:
Fixed bug #63398 (Segfault when polling closed link).
Reflection:
Fixed bug #63614 (Fatal error on Reflection).
SOAP:
Fixed bug #63271 (SOAP wsdl cache is not enabled after initial requests).
Version 5.4.9
22 Nov 2012
Core:
Fixed bug #63305 (zend_mm_heap corrupted with traits).
Fixed bug #63369 ((un)serialize() leaves dangling pointers, causes crashes).
Fixed bug #63241 (PHP fails to open Windows deduplicated files).
Fixed bug #62444 (Handle leak in is_readable on windows).
Curl:
Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST).
Fileinfo:
Fixed bug #63248 (Load multiple magic files from a directory under Windows).
Libxml
Fixed bug #63389 (Missing context check on libxml_set_streams_context() causes m
emleak).
Mbstring:
Fixed bug #63447 (max_input_vars doesn't filter variables when mbstring.encoding
_translation = On).
OCI8:
Fixed bug #63265 (Add ORA-00028 to the PHP_OCI_HANDLE_ERROR macro)
PCRE:
Fixed bug #63180 (Corruption of hash tables).
Fixed bug #63055 (Segfault in zend_gc with SF2 testsuite).
Fixed bug #63284 (Upgrade PCRE to 8.31).
PDO:
Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).
PDO_pgsql:
Fixed bug #62593 (Emulate prepares behave strangely with PARAM_BOOL).
Phar:
Fixed bug #63297 (Phar fails to write an openssl based signature).
Streams:
Fixed bug #63240 (stream_get_line() return contains delimiter string).
Reflection:
Fixed bug #63399 (ReflectionClass::getTraitAliases() incorrectly resolves traitn
ames).
Version 5.3.19
22 Nov 2012
Core:
Fixed bug #63241 (PHP fails to open Windows deduplicated files).
Fixed bug #62444 (Handle leak in is_readable on windows).
Libxml:
Fixed bug #63389 (Missing context check on libxml_set_streams_context() causes m
emleak).
Mbstring:
Fixed bug #63447 (max_input_vars doesn't filter variables when mbstring.encoding
_translation = On).
MySQL:
Fixed compilation failure on mixed 32/64 bit systems.
OCI8:
Fixed bug #63265 (Add ORA-00028 to the PHP_OCI_HANDLE_ERROR macro)
PCRE:
Fixed bug #63055 (Segfault in zend_gc with SF2 testsuite).
Fixed bug #63284 (Upgrade PCRE to 8.31).
PDO:
Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).
PDO_pgsql:
Fixed bug #62593 (Emulate prepares behave strangely with PARAM_BOOL).
Phar:
Fixed bug #63297 (Phar fails to write an openssl based signature).
Streams:
Fixed bug #63240 (stream_get_line() return contains delimiter string).
Version 5.4.8
18 Oct 2012
CLI server
Changed response to unknown HTTP method to 501 according to RFC.
Support HTTP PATCH method.
Core
Added optional second argument for assert() to specify custom message.
Support building PHP with the native client toolchain.
Added --offline option for tests.
Fixed bug #63162 (parse_url does not match password component).
Fixed bug #63111 (is_callable() lies for abstract static method).
Fixed bug #63093 (Segfault while load extension failed in zts-build).
Fixed bug #62976 (Notice: could not be converted to int when comparing some buil
tin classes).
Fixed bug #62955 (Only one directive is loaded from "Per Directory Values" Windo
ws registry).
Fixed bug #62907 (Double free when use traits).
Fixed bug #61767 (Shutdown functions not called in certain error situation).
Fixed bug #60909 (custom error handler throwing Exception + fatal error = no shu
tdown function).
Fixed bug #60723 (error_log error time has changed to UTC ignoring default timez
one).
cURL
Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will cause cpu
Soaring).
Date
Fixed bug #62896 ("DateTime->modify('+0 days')" modifies DateTime object)
Fixed bug #62561 (DateTime add 'P1D' adds 25 hours).
DOM
Fixed bug #63015 (Incorrect arginfo for DOMErrorHandler).
FPM
13 Sep 2012
Core
Fixed bug (segfault while build with zts and GOTO vm-kind)
Fixed bug #62955 (Only one directive is loaded from "Per Directory Values" Windo
ws registry)
Fixed bug #62844 (parse_url() does not recognize //)
Fixed bug #62829 (stdint.h included on platform where HAVE_STDINT_H is not set)
Fixed bug #62763 (register_shutdown_function and extending class)
Fixed bug #62725 (Calling exit() in a shutdown function does not return the exit
value)
Fixed bug #62744 (dangling pointers made by zend_disable_class)
Fixed bug #62716 (munmap() is called with the incorrect length)
Fixed bug #62358 (Segfault when using traits a lot)
Fixed bug #62328 (implementing __toString and a cast to string fails)
Fixed bug #51363 (Fatal error raised by var_export() not caught by error handler
)
Fixed bug #40459 (Stat and Dir stream wrapper methods do not call constructor)
CURL
Fixed bug #62912 (CURLINFO_PRIMARY_* AND CURLINFO_LOCAL_* not exposed)
Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE)
DateTime
Fixed bug #62852 (Unserialize invalid DateTime causes crash)
Intl
Fixed Spoofchecker not being registered on ICU 49.1
Fixed bug #62933 (ext/intl compilation error on icu 3.4.1)
Fixed bug #62915 (defective cloning in several intl classes)
Installation
Fixed bug #62460 (php binaries installed as binary.dSYM)
PCRE
Fixed bug #55856 (preg_replace should fail on trailing garbage)
PDO
Fixed bug #62685 (Wrong return datatype in PDO::inTransaction())
Reflection
Fixed bug #62892 (ReflectionClass::getTraitAliases crashes on importing trait me
thods as private)
Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong result)
Session
Fixed bug (segfault due to retval is not initialized)
Fixed bug (segfault due to PS(mod_user_implemented) not be reseted when close ha
ndler call exit)
SPL
Fixed bug #62904 (Crash when cloning an object which inherits SplFixedArray)
Implemented FR #62840 (Add sort flag to ArrayObject::ksort)
Standard
Fixed bug #62836 (Seg fault or broken object references on unserialize())
FPM
Merged PR 121 by minitux to add support for slow request counting on PHP FPM sta
tus page
Version 5.3.17
13 Sep 2012
Core
Fixed bug (segfault while build with zts and GOTO vm-kind)
Fixed bug #62955 (Only one directive is loaded from "Per Directory Values" Windo
ws registry)
Fixed bug #62763 (register_shutdown_function and extending class)
Fixed bug #62744 (dangling pointers made by zend_disable_class)
Fixed bug #62716 (munmap() is called with the incorrect length)
Fixed bug #62460 (php binaries installed as binary.dSYM)
CURL
Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE)
DateTime
Fixed bug #62852 (Unserialize invalid DateTime causes crash)
Intl
Fix null pointer dereferences in some classes of ext/intl
MySQLnd
Phar
Fixed bug #62227 (Invalid phar stream path causes crash)
Readline
Fixed bug #62186 (readline fails to compile - void function should not return a
value)
Reflection
Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault)
Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with const
ant)
Sockets
Fixed bug #62025 (__ss_family was changed on AIX 5.3)
SPL
Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to dot fil
es)
Fixed bug #62262 (RecursiveArrayIterator does not implement Countable)
XML Writer
Fixed bug #62064 (memory leak in the XML Writer module)
Zip
Upgraded libzip to 0.10.
Version 5.3.15
19 Jul 2012
Zend Engine
Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includ
es a semi-colon)
COM
Fixed bug #62146 com_dotnet cannot be built shared
Core
Fixed potential overflow in _php_stream_scandir, CVE-2012-2688
Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent)
Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)
Fileinfo
Fixed magic file regex support
FPM
Fixed bug #61045 (fpm don't send error log to fastcgi clients)
Fixed bug #61835 (php-fpm is not allowed to run as root)
Fixed bug #61295 (php-fpm should not fail with commented 'user' for non-root sta
rt)
Fixed bug #61026 (FPM pools can listen on the same address)
Fixed bug #62033 (php-fpm exits with status 0 on some failures to start)
Fixed bug #62153 (when using unix sockets, multiples FPM instances can be launch
ed without errors)
Fixed bug #62160 (Add process.priority to set nice(2) priorities)
Fixed bug #61218 (FPM drops connection while receiving some binary values in Fas
tCGI requests)
Fixed bug #62205 (php-fpm segfaults (null passed to strstr))
Intl
Fixed bug #62083 (grapheme_extract() memory leaks)
Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice)
Fixed bug #62070 (Collator::getSortKey() returns garbage)
Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern
)
Fixed bug #60785 (memory leak in IntlDateFormatter constructor)
JSON
Reverted fix for bug #61537
Phar
Fixed bug #62227 (Invalid phar stream path causes crash)
Reflection
Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault)
Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with const
ant)
SPL
Fixed bug #62262 (RecursiveArrayIterator does not implement Countable)
SQLite
Fixed open_basedir bypass, CVE-2012-3365
XML Write
Fixed bug #62064 (memory leak in the XML Writer module)
Zip
Upgraded libzip to 0.10
Version 5.4.4
06 Jun 2012
CLI SAPI
Implemented FR #61977 (Need CLI web-server support for files with .htm & svg ext
ensions)
Improved performance while sending error page, this also fixed bug Fixed bug #61
785 (Memory leak when access a non-exists file without router)
Fixed bug #61546 (functions related to current script failed when chdir() in cli
sapi)
Core
Fixed missing bound check in iptcparse()
Fixed CVE-2012-2143
Fixed bug #62097 (fix for bug #54547)
Fixed bug #62005 (unexpected behavior when incrementally assigning to a member o
f a null object)
Fixed bug #61978 (Object recursion not detected for classes that implement JsonS
erializable)
Fixed bug #61991 (long overflow in realpath_cache_get())
Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config)
Fixed bug #61827 (incorrect \e processing on Windows)
Fixed bug #61782 (__clone/__destruct do not match other methods when checking ac
cess controls)
Fixed bug #61761 ('Overriding' a private static method with a different signatur
e causes crash)
Fixed bug #61730 (Segfault from array_walk modifying an array passed by referenc
e)
Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown phase)
Fixed bug #61660 (bin2hex(hex2bin($data)) != $data)
Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables (without a
pache2))
Fixed bug #61605 (header_remove() does not remove all headers)
Fixed bug #54547 (wrong equality of string numbers)
Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename set to
null)
Changed php://fd to be available only for CLI
CURL
Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
COM
Fixed bug #62146 com_dotnet cannot be built shared
Fileinfo
Fixed bug #61812 (Uninitialised value used in libmagic)
FPM
Fixed bug #61812 (Uninitialised value used in libmagic)
Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a directory desc
riptor under windows
Fixed bug #61566 failure caused by the posix lseek and read versions under windo
ws in cdf_read()
Iconv
Fixed a bug that iconv extension fails to link to the correct library when anoth
er extension makes use of a library that links to the iconv library. See https:/
Streams
Fixed bug #61961 (file_get_contents leaks when access empty file with maxlen set
)
Version 5.4.3
08 May 2012
Fixed bug #61807 Buffer Overflow in apache_request_headers, CVE-2012-2329.
Fixed bug #61910 Improve fix for PHP-CGI query string parameter vulnerability, C
VE-2012-2311.
Version 5.3.13
08 May 2012
Fixed bug #61910 Improve fix for PHP-CGI query string parameter vulnerability, C
VE-2012-2311.
Version 5.4.2
03 May 2012
Fixed bug #61910 Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823
.
Version 5.3.12
03 May 2012
Fixed bug #61910 Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823
.
Version 5.4.1
26 Apr 2012
CLI Server
Fixed bug #61461 (missing checks around malloc() calls).
Implemented FR #60850 (Built in web server does not set $_SERVER['SCRIPT_FILENAM
E'] when using router).
Core
Fixed crash in ZTS using same class in many threads.
Fixed bug #61374 (html_entity_decode tries to decode code points that don't exis
t in ISO-8859-1).
Fixed bug #61225 (Incorrect lexing of 0b00*+<NUM>).
Fixed bug #61106 (Segfault when using header_register_callback).
Fixed bug #61052 (Missing error check in trait 'insteadof' clause).
Fixed bug #61011 (Crash when an exception is thrown by __autoload accessing a st
atic property).
Fixed bug #60978 (exit code incorrect).
Fixed bug #60911 (Confusing error message when extending traits).
Fixed bug #60717 (Order of traits in use statement can cause a fatal error).
Fixed bug #60573 (type hinting with "self" keyword causes weird errors).
Fileinfo
Fix fileinfo test problems.
Intl
Fixed bug #61487 (Incorrent bounds checking in grapheme_strpos).
mbstring
MFH mb_ereg_replace_callback() for security enhancements.
mysqlnd
Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled).
Standard
Fixed memory leak in substr_replace.
Make max_file_uploads ini directive settable outside of php.
Fixed bug #61409 (Bad formatting on phpinfo()).
Fixed bug #60222 (time_nanosleep() does validate input params).
Fixed bug #60106 (stream_socket_server silently truncates long unix socket paths
).
Version 5.3.11
26 Apr 2012
Core
Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables (without a
pache2)).
Fixed bug #61273 (call_user_func_array with more than 16333 arguments leaks / cr
ashes).
Fixed bug #61165 (Segfault - strip_tags()).
Fixed bug #61095 (Incorect lexing of 0x00*+<NUM>).
Fixed bug #61087 (Memory leak in parse_ini_file when specifying invalid scanner
mode).
Fixed bug #61072 (Memory leak when restoring an exception handler).
Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical vars).
Fixed bug #60895 (Possible invalid handler usage in windows random functions).
Fixed bug #60825 (Segfault when running symfony 2 tests).
Fixed bug #60801 (strpbrk() mishandles NUL byte).
Fixed bug #60569 (Nullbyte truncates Exception $message).
Fixed bug #60227 (header() cannot detect the multi-line header with CR).
Fixed bug #60222 (time_nanosleep() does validate input params).
Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_
FILES indices). (CVE-2012-1172).
Fixed bug #52719 (array_walk_recursive crashes if third param of the function is
by reference).
Improve performance of set_exception_handler while doing reset.
Fixed bug #51860 (Include fails with toplevel symlink to /).
DOM
Added debug info handler to DOM objects.
FPM
Fixed bug #61430 (Transposed memset() params in sapi/fpm/fpm/fpm_shm.)
Fixed bug #60811 (php-fpm compilation problem).
Fileinfo
Upgraded libmagic to 5.
Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a directory desc
riptor under windows.
Fixed bug #61566 failure caused by the posix lseek and read versions under windo
ws in cdf_read().
Fixed bug #61173 (Unable to detect error from finfo constructor).
Firebird Database extension (ibase)
Fixed bug #60802 (ibase_trans() gives segfault when passing params).
Ibase
Fixed bug #60947 (Segmentation fault while executing ibase_db_info).
Installation
Fixed bug #61172 (Add Apache 2.4 support).
mysqli
Fixed bug #61003 (mysql_stat() require a valid connection).
PDO_mysql
Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't always
work).
Fixed bug #61194 (PDO should export compression flag with myslqnd).
PDO_odbc
Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO).
PDO_pgsql
Fixed bug #61267 (pdo_pgsql's PDO::exec() returns the number of SELECTed rows on
postgresql >= 9).
PDO_Sqlite extension
Add createCollation support.
pgsql
Fixed bug #60718 (Compile problem with libpq (PostgreSQL 7.3 or less).
Phar
Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL bytes).
Readline
Fixed bug #61088 (Memory leak in readline_callback_handler_install).
Add open_basedir checks to readline_write_history and readline_read_history.
Reflection
Fixed bug #61388 (ReflectionObject:getProperties() issues invalid reads when get
_properties returns a hash table with (inaccessible) dynamic numeric properties)
.
Fixed bug #60968 (Late static binding doesn't work with ReflectionMethod::invoke
Args()).
Session
Fixed bug #60860 (session.save_handler=user without defined function core dumps)
.
Fixed bug #60634 (Segmentation fault when trying to die() in SessionHandler::wri
te()).
SOAP
Fixed bug #61423 (gzip compression fails).
Fixed bug #60887 (SoapClient ignores user_agent option and sends no User-Agent h
eader).
Fixed bug #60842, Fixed bug #51775 (Chunked response parsing error when chunksiz
e length line is > 10 bytes).
Fixed bug #49853 (Soap Client stream context header option ignored).
SPL
Fixed memory leak when calling SplFileInfo's constructor twice.
Fixed bug #61418 (Segmentation fault when DirectoryIterator's or FilesystemItera
tor's iterators are requested more than once without having had its dtor callbac
k called in between).
Fixed bug #61347 (inconsistent isset behavior of Arrayobject).
Fixed bug #61326 (ArrayObject comparison).
SQLite3 extension
Add createCollation() method.
Streams
Fixed bug #61371 (stream_context_create() causes memory leaks on use streams_soc
ket_create).
Fixed bug #61253 (Wrappers opened with errors concurrency problem on ZTS).
Fixed bug #61115 (stream related segfault on fatal error in php_stream_context_l
ink).
Fixed bug #60817 (stream_get_line() reads from stream even when there is already
sufficient data buffered). stream_get_line() now behaves more like fgets(), as
is documented.
Further fix for bug Fixed bug #60455 (stream_get_line misbehaves if EOF is not d
etected together with the last read).
Fixed bug #60106 (stream_socket_server silently truncates long unix socket paths
).
Tidy
Fixed bug #54682 (tidy null pointer dereference).
XMLRPC
Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary variable).
Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals).
Zlib
Fixed bug #61306 (initialization of global inappropriate for ZTS).
Fixed bug #61287 (A particular string fails to decompress).
Fixed bug #61139 (gzopen leaks when specifying invalid mode).
Version 5.4.0
01 Mar 2012
autoconf 2.59+ is now supported (and required) for generating the configure scri
pt with ./buildconf. Autoconf 2.60+ is desirable otherwise the configure help or
der may be incorrect.
Removed legacy features
Added support for SORT_NATURAL and SORT_FLAG_CASE in array sort functions (sort,
rsort, ksort, krsort, asort, arsort and array_multisort). #55158.
Added stream metadata API support and stream_metadata() stream class handler.
User wrappers can now define a stream_truncate() method that responds to truncat
ion, e.g. through ftruncate(). #53888.
Improved unserialize() performance.
Changed array_combine() to return empty array instead of FALSE when both paramet
er arrays are empty. #34857.
Fixed invalid free in call_user_method() function.
Fixed crypt_blowfish handling of 8-bit characters. (CVE-2011-2483).
Fixed bug #61095 (Incorect lexing of 0x00*+<NUM>).
Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with $double=fals
e).
Fixed bug #60895 (Possible invalid handler usage in windows random functions).
Fixed bug #60879 (unserialize() Does not invoke __wakeup() on object).
Fixed bug #60825 (Segfault when running symfony 2 tests).
Fixed bug #60809 (TRAITS - PHPDoc Comment Style Bug).
Fixed bug #60627 (httpd.worker segfault on startup with php_value).
Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax).
Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax).
Fixed bug #60558 (Invalid read and writes).
Fixed bug #60536 (Traits Segfault).
Fixed bug #60444 (Segmentation fault with include & class extending).
Fixed bug #60362 (non-existent sub-sub keys should not have values).
Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
Fixed bug #60321 (ob_get_status(true) no longer returns an array when buffer is
empty).
Fixed bug #60282 (Segfault when using ob_gzhandler() with open buffers).
Fixed bug #60240 (invalid read/writes when unserializing specially crafted strin
gs).
Fixed bug #60227 (header() cannot detect the multi-line header with CR(0x0D)).
Fixed bug #60174 (Notice when array in method prototype error).
Fixed bug #60169 (Conjunction of ternary and list crashes PHP).
Fixed bug #60120 (proc_open's streams may hang with stdin/out/err when the data
exceeds or is equal to 2048 bytes).
Fixed bug #60099 (__halt_compiler() works in braced namespaces).
Fixed bug #60038 (SIGALRM cause segfault in php_error_cb).
Fixed bug #55874 (GCC does not provide __sync_fetch_and_add on some archs).
Fixed bug #55871 (Interruption in substr_replace()).
Fixed bug #55825 (Missing initial value of static locals in trait methods).
Fixed bug #55801 (Behavior of unserialize has changed).
Fixed bug #55622 (memory corruption in parse_ini_string).
Fixed bug #55758 (Digest Authenticate missed in 5.4) .
Fixed bug #55748 (multiple NULL Pointer Dereference with zend_strndup()) (CVE-20
11-4153).
Fixed bug #55749 (TOCTOU issue in getenv() on Windows builds).
Fixed bug #55707 (undefined reference to `__sync_fetch_and_add_4' on Linux paris
c).
Fixed bug #55705 (Omitting a callable typehinted argument causes a segfault).
Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a
and is_subclass_of).
Fixed bug #55471 (ZTS build broken with dtrace).
Fixed bug #55124 (recursive mkdir fails with current (dot) directory in path).
Fixed bug #55084 (Function registered by header_register_callback is called only
once per process).
Implement #54514 (Get php binary path during script execution).
Fixed bug #52624 (tempnam() by-pass open_basedir with nonexistent directory).
Fixed bug #52211 (iconv() returns part of string on error).
Fixed bug #51860 (Include fails with toplevel symlink to /).
Improved generic SAPI support
Version 5.3.9
10 Jan 2012
Core:
Added max_input_vars directive to prevent attacks based on hash collisions (Dmit
ry).
Fixed bug #60205 (possible integer overflow in content_length). (Laruence)
Fixed bug #60139 (Anonymous functions create cycles not detected by the GC). (Dm
itry)
Fixed bug #60138 (GC crash with referenced array in RecursiveArrayIterator) (Dmi
try).
Fixed bug #60120 (proc_open's streams may hang with stdin/out/err when the data
exceeds or is equal to 2048 bytes). (Pierre, Pascal Borreli)
Fixed bug #60099 (__halt_compiler() works in braced namespaces). (Felipe)
Fixed bug #60019 (Function time_nanosleep() is undefined on OS X). (Ilia)
Fixed bug #55874 (GCC does not provide __sync_fetch_and_add on some archs). (kli
ghtspeed at netspace dot net dot au)
Fixed bug #55798 (serialize followed by unserialize with numeric object prop. gi
ves integer prop). (Gustavo)
Fixed bug #55749 (TOCTOU issue in getenv() on Windows builds). (Pierre)
Fixed bug #55707 (undefined reference to `__sync_fetch_and_add_4' on Linux paris
c). (Felipe)
Fixed bug #55674 (fgetcsv & str_getcsv skip empty fields in some tab-separated r
ecords). (Laruence)
Fixed bug #55649 (Undefined function Bug()). (Laruence)
Fixed bug #55622 (memory corruption in parse_ini_string). (Pierre)
Fixed bug #55576 (Cannot conditionally move uploaded file without race condition
). (Gustavo)
Fixed bug #55510: $_FILES 'name' missing first character after upload. (Arpad)
Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence)
Fixed bug #55504 (Content-Type header is not parsed correctly on HTTP POST reque
st). (Hannes)
Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a
and is_subclass_of). (alan_k)
Fixed bug #52461 (Incomplete doctype and missing xmlns). (virsacer at web dot de
, Pierre)
Fixed bug #55366 (keys lost when using substr_replace an array). (Arpad)
Fixed bug #55273 (base64_decode() with strict rejects whitespace after pad). (Il
ia)
Fixed bug #52624 (tempnam() by-pass open_basedir with nonnexistent directory). (
Felipe)
Fixed bug #50982 (incorrect assumption of PAGE_SIZE size). (Dmitry)
Fixed invalid free in call_user_method() function. (Felipe)
Fixed bug #43200 (Interface implementation / inheritence not possible in abstrac
t classes). (Felipe)
BCmath:
Fixed bug #60377 (bcscale related crashes on 64bits platforms). (shm)
Calendar:
Fixed bug #55797 (Integer overflow in SdnToGregorian leads to segfault (in optim
ized builds). (Gustavo)
cURL:
Fixed bug #60439 (curl_copy_handle segfault when used with CURLOPT_PROGRESSFUNCT
ION). (Pierrick)
Fixed bug #54798 (Segfault when CURLOPT_STDERR file pointer is closed before cal
ling curl_exec). (Hannes)
Fixed issues were curl_copy_handle() would sometimes lose copied preferences. (H
annes)
DateTime:
Fixed bug #60373 (Startup errors with log_errors on cause segfault). (Derick)
Fixed bug #60236 (TLA timezone dates are not converted properly from timestamp).
(Derick)
Fixed bug #55253 (DateTime::add() and sub() result -1 hour on objects with time
zone type 2). (Derick)
Fixed bug #54851 (DateTime::createFromFormat() doesn't interpret "D"). (Derick)
Fixed bug #53502 (strtotime with timezone memory leak). (Derick)
Fixed bug #52062 (large timestamps with DateTime::getTimestamp and DateTime::set
Timestamp). (Derick)
Fixed bug #51994 (date_parse_from_format is parsing invalid date using 'yz' form
at). (Derick)
Fixed bug #52113 (Seg fault while creating (by unserialization) DatePeriod). (De
rick)
Fixed bug #48476 (cloning extended DateTime class without calling parent::__cons
tr crashed PHP). (Hannes)
EXIF:
Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (
Stas, flolechaud at gmail dot com)
Fileinfo:
Fixed bug #60094 (C++ comment fails in c89). (Laruence)
Fixed possible memory leak in finfo_open(). (Felipe)
Fixed memory leak when calling the Finfo constructor twice. (Felipe)
Filter:
Fixed bug #55478 (FILTER_VALIDATE_EMAIL fails with internationalized domain name
addresses containing >1 -). (Ilia)
FTP:
Fixed bug #60183 (out of sync ftp responses). (bram at ebskamp dot me, rasmus)
Gd:
Fixed bug #60160 (imagefill() doesn't work correctly for small images). (Florian
)
Intl:
Fixed bug #60192 (SegFault when Collator not constructed properly). (Florian)
Fixed memory leak in several Intl locale functions. (Felipe)
JSON:
Fixed bug #55543 (json_encode() with JSON_NUMERIC_CHECK fails on objects with nu
meric string properties). (Ilia, dchurch at sciencelogic dot com)
mbstring:
Fixed possible crash in mb_ereg_search_init() using empty pattern. (Felipe)
MS SQL:
Fixed bug #60267 (Compile failure with freetds 0.91). (Felipe)
MySQL:
Fixed bug #55550 (mysql.trace_mode miscounts result sets). (Johannes)
MySQLi extension:
Fixed bug #55859 (mysqli->stat property access gives error). (Andrey)
Fixed bug #55582 (mysqli_num_rows() returns always 0 for unbuffered, when mysqln
d is used). (Andrey)
Fixed bug #55703 (PHP crash when calling mysqli_fetch_fields). (eran at zend dot
com, Laruence)
mysqlnd:
Fixed bug #55609 (mysqlnd cannot be built shared). (Johannes)
Fixed bug #55067 (MySQL doesn't support compression - wrong config option). (And
rey)
NSAPI SAPI:
Don't set $_SERVER['HTTPS'] on unsecure connection (bug #55403). (Uwe Schindler)
OpenSSL:
Fixed bug #60279 (Fixed NULL pointer dereference in stream_socket_enable_crypto,
case when ssl_handle of session_stream is not initialized.) (shm)
Fix segfault with older versions of OpenSSL. (Scott)
Oracle Database extension (OCI8):
Fixed bug #59985 (show normal warning text for OCI_NO_DATA). (Chris Jones)
Increased maximum Oracle error message buffer length for new 11.2.0.3 size. (Chr
is Jones)
rds)
SOAP
Fixed bug #54911 (Access to a undefined member in inherit SoapClient may cause S
egmentation Fault). (Dmitry)
Fixed bug #48216 (PHP Fatal error: SOAP-ERROR: Parsing WSDL: Extra content at th
e end of the doc, when server uses chunked transfer encoding with spaces after c
hunk size). (Dmitry)
Fixed bug #44686 (SOAP-ERROR: Parsing WSDL with references). (Dmitry)
Sockets:
Fixed bug #60048 (sa_len a #define on IRIX). (china at thewrittenword dot com)
SPL:
Fixed bug #60082 (Crash in ArrayObject() when using recursive references). (Tony
)
Fixed bug #55807 (Wrong value for splFileObject::SKIP_EMPTY). (jgotti at modedem
ploi dot fr, Hannes)
Fixed bug #54304 (RegexIterator::accept() doesn't work with scalar values). (Han
nes)
Streams:
Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together wit
h the last read). (Gustavo)
Tidy:
Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference). (Maksymilian Arcie
mowicz, Felipe)
XSL:
Added xsl.security_prefs ini option to define forbidden operations within XSLT s
tylesheets, default is not to enable write operations. This option won't be in 5
.4, since there's a new method. Fixes Bug #54446. (Chregu, Nicolas Gregoire)
Version 5.3.8
23 Aug 2011
Core:
Fixed bug #55439 (crypt() returns only the salt for MD5). (Stas)
OpenSSL:
Reverted a change in timeout handling restoring PHP 5.3.6 behavior, as the new b
ehavior caused mysqlnd SSL connections to hang ( bug #55283). (Pierre, Andrey, J
ohannes)
Version 5.3.7
18 Aug 2011
Upgraded bundled SQLite to version 3.7.7.1. (Scott)
Upgraded bundled PCRE to version 8.12. (Scott)
Zend Engine:
Fixed bug #55156 (ReflectionClass::getDocComment() returns comment even though t
he class has none). (Felipe)
Fixed bug #55007 (compiler fail after previous fail). (Felipe)
Fixed bug #54910 (Crash when calling call_user_func with unknown function name).
(Dmitry)
Fixed bug #54804 (__halt_compiler and imported namespaces). (Pierrick, Felipe)
Fixed bug #54624 (class_alias and type hint). (Felipe)
Fixed bug #54585 (track_errors causes segfault). (Dmitry)
Fixed bug #54423 (classes from dl()'ed extensions are not destroyed). (Tony, Dmi
try)
Fixed bug #54372 (Crash accessing global object itself returned from its __get()
handle). (Dmitry)
Fixed bug #54367 (Use of closure causes problem in ArrayAccess). (Dmitry)
Fixed bug #54358 (Closure, use and reference). (Dmitry)
Fixed bug #54262 (Crash when assigning value to a dimension in a non-array). (Dm
itry)
Fixed bug #54039 (use() of static variables in lambda functions can break static
ness). (Dmitry)
Core:
Updated crypt_blowfish to 1.2. (CVE-2011-2483) (Solar Designer) (more info)
Removed warning when argument of is_a() or is_subclass_of() is not a known class
. (Stas)
Fixed crash in error_log(). (Felipe) Reported by Mateusz Kocielski.
Added PHP_MANDIR constant telling where the manpages were installed into, and an
--man-dir argument to php-config. (Hannes)
Fixed a crash inside dtor for error handling. (Ilia)
Fixed buffer overflow on overlog salt in crypt(). (Clment LECIGNE, Stas
Implemented FR #54459 (Range function accuracy). (Adam)
Fixed bug #55399 (parse_url() incorrectly treats ':' as a valid path). (Ilia)
Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off). (Dmitry)
Fixed bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow (Pierr
e)
Fixed bug #55258 (Windows Version Detecting Error). ( xiaomao5 at live dot com,
Pierre)
Fixed bug #55187 (readlink returns weird characters when false result). (Pierre)
Fixed bug #55082 (var_export() doesn't escape properties properly). (Gustavo)
Fixed bug #55014 (Compile failure due to improper use of ctime_r()). (Ilia)
Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filen
ame). (Felipe) Reported by Krzysztof Kotowicz. (CVE-2011-2202)
Fixed bug #54935 php_win_err can lead to crash. (Pierre)
Fixed bug #54924 (assert.* is not being reset upon request shutdown). (Ilia)
Fixed bug #54895 (Fix compiling with older gcc version without need for membar_p
roducer macro). (mhei at heimpold dot de)
Fixed bug #54866 (incorrect accounting for realpath_cache_size). (Dustin Ward)
Fixed bug #54723 (getimagesize() doesn't check the full ico signature). (Scott)
Fixed bug #54721 (Different Hashes on Windows, BSD and Linux on wrong Salt size)
. (Pierre, os at irj dot ru)
Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive i
s set through php_admin_value). (Gustavo)
Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption). (Dmitry)
Fixed bug #54305 (Crash in gc_remove_zval_from_buffer). (Dmitry)
Fixed bug #54238 (use-after-free in substr_replace()). (Stas) (CVE-2011-1148)
Fixed bug #54204 (Can't set a value with a PATH section in php.ini). (Pierre)
Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment). (toma
s dot brastavicius at quantum dot lt, Pierrick)
Fixed bug #54137 (file_get_contents POST request sends additional line break). (
maurice-php at mertinkat dot net, Ilia)
Fixed bug #53848 (fgetcsv() ignores spaces at beginnings of fields). (Ilia)
Alternative fix for bug Fixed bug #52550, as applied to the round() function (si
gned overflow), as the old fix impacted the algorithm for numbers with magnitude
smaller than 0. (Gustavo)
Fixed bug #53727 (Inconsistent behavior of is_subclass_of with interfaces) (Ralp
h Schindler, Dmitry)
Fixed bug #52935 (call exit in user_error_handler cause stream relate core). (Gu
stavo)
Fixed bug #51997 (SEEK_CUR with 0 value, returns a warning). (Ilia)
Fixed bug #50816 (Using class constants in array definition fails). (Pierrick, D
mitry)
Fixed bug #50363 (Invalid parsing in convert.quoted-printable-decode filter). (s
lusarz at curecanti dot org)
Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using TMPDIR on
Windows). (Pierre)
Apache2 Handler SAPI:
Fixed bug #54529 (SAPI crashes on apache_config.c:197). (hebergement at riastudi
o dot fr)
CLI SAPI:
Fixed bug #52496 (Zero exit code on option parsing failure). (Ilia)
cURL extension:
Added ini option curl.cainfo (support for custom cert db). (Pierre)
Added CURLINFO_REDIRECT_URL support. (Daniel Stenberg, Pierre)
Added support for CURLOPT_MAX_RECV_SPEED_LARGE and CURLOPT_MAX_SEND_SPEED_LARGE.
FR Fixed bug #51815. (Pierrick)
DateTime extension:
Fixed bug where the DateTime object got changed while using date_diff(). (Derick
)
Fixed bug #54340 (DateTime::add() method bug). (Adam)
Fixed bug #54316 (DateTime::createFromFormat does not handle trailing '|' correc
tly). (Adam)
Fixed bug #54283 (new DatePeriod(NULL) causes crash). (Felipe)
Fixed bug #51819 (Case discrepancy in timezone names cause Uncaught exception an
d fatal error). (Hannes)
DBA extension:
Supress warning on non-existent file open with Berkeley DB 5.2 (Chris Jones)
Fixed bug #54242 (dba_insert returns true if key already exists). (Felipe)
Exif extesion:
Fixed bug #54121 (error message format string typo). (Ilia)
Fileinfo extension:
Fixed bug #54934 (Unresolved symbol strtoull in HP-UX 11.11). (Felipe)
Filter extension:
Added 3rd parameter to filter_var_array() and filter_input_array() functions tha
t allows disabling addition of empty elements. (Ilia)
Fixed bug #53037 (FILTER_FLAG_EMPTY_STRING_NULL is not implemented). (Ilia)
Interbase extension:
Fixed bug #54269 (Short exception message buffer causes crash). (Felipe)
intl extension:
Implemented FR #54561 (Expose ICU version info). (David Zuelke, Ilia)
Implemented FR #54540 (Allow loading of arbitrary resource bundles when fallback
is disabled). (David Zuelke, Stas)
Imap extension:
Fixed bug #55313 (Number of retries not set when params specified). (kevin at ke
vinlocke dot name)
json extension:
Fixed bug #54484 (Empty string in json_decode doesn't reset json_last_error()).
(Ilia)
LDAP extension:
Fixed bug #53339 (Fails to build when compilng with gcc 4.5 and DSO libraries).
(Clint Byrum, Raphael)
libxml extension:
Fixed bug #54601 (Removing the doctype node segfaults). (Hannes)
Fixed bug #54440 (libxml extension ignores default context). (Gustavo)
mbstring extension:
Fixed bug #54494 (mb_substr() mishandles UTF-32LE and UCS-2LE). (Gustavo)
MCrypt extension:
Change E_ERROR to E_WARNING in mcrypt_create_iv when not enough data has been fe
tched (Windows). (Pierre)
Fixed bug #55169 (mcrypt_create_iv always fails to gather sufficient random data
on Windows). (Pierre)
MySQL Improved extension:
Fixed Bug Fixed bug #54221 (mysqli::get_warnings segfault when used in multi que
ries). (Andrey)
mysqlnd
Fixed crash when using more than 28,000 bound parameters. Workaround is to set m
ysqlnd.net_cmd_buffer_size to at least 9000. (Andrey)
Fixed bug #54674 mysqlnd valid_sjis_(head|tail) is using invalid operator and ra
nge). (nihen at megabbs dot com, Andrey)
MySQLi extension:
Fixed bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi persisten
t connections). (Andrey)
OpenSSL extension:
openssl_encrypt()/openssl_decrypt() truncated keys of variable length ciphers to
the OpenSSL default for the algorithm. (Scott)
On blocking SSL sockets respect the timeout option where possible. (Scott)
Fixed bug #54992 (Stream not closed and error not returned when SSL CN_match fai
ls). (Gustavo, laird_ngrps at dodo dot com dot au)
Oracle Database extension (OCI8):
Added oci_client_version() returning the runtime Oracle client library version (
Chris Jones)
PCRE extension:
Increased the backtrack limit from 100000 to 1000000 (Rasmus)
PDO extension:
Fixed bug #54929 (Parse error with single quote in sql comment). (Felipe)
Fixed bug #52104 (bindColumn creates Warning regardless of ATTR_ERRMODE settings
). (Ilia)
PDO DBlib driver:
Fixed bug #54329 (MSSql extension memory leak). (dotslashpok at gmail dot com)
Fixed bug #54167 (PDO_DBLIB returns null on SQLUNIQUE field). (mjh at hodginsmed
ia dot com, Felipe)
PDO ODBC driver:
Fixed data type usage in 64bit. (leocsilva at gmail dot com)
PDO MySQL driver:
Fixed bug #54644 (wrong pathes in php_pdo_mysql_int.h). (Tony, Johannes)
Fixed bug #53782 (foreach throws irrelevant exception). (Johannes, Andrey)
Implemented FR #48587 (MySQL PDO driver doesn't support SSL connections). (Rob)
PDO PostgreSQL driver:
Fixed bug #54318 (Non-portable grep option used in PDO pgsql configuration). (bw
alton at artsci dot utoronto dot ca)
PDO Oracle driver:
Fixed bug #44989 (64bit Oracle RPMs still not supported by pdo-oci). (jbnance at
tresgeek dot net)
Phar extension:
Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters). (Fe
lipe)
PHP-FPM SAPI:
Implemented FR #54499 (FPM ping and status_path should handle HEAD request). (fa
t)
Implemented FR #54172 (Overriding the pid file location of php-fpm). (fat)
Fixed missing Expires and Cache-Control headers for ping and status pages. (fat)
Fixed memory leak. (fat) Reported and fixed by Giovanni Giacobbi.
Fixed wrong value of log_level when invoking fpm with -tt. (fat)
Added xml format to the status page. (fat)
Removed timestamp in logs written by children processes. (fat)
Fixed exit at FPM startup on fpm_resources_prepare() errors. (fat)
Added master rlimit_files and rlimit_core in the global configuration settings.
(fat)
Removed pid in debug logs written by chrildren processes. (fat)
Added custom access log (also added per request %CPU and memory mesurement). (fa
t)
Added a real scoreboard and several improvements to the status page. (fat)
Reflection extension:
Fixed bug #54347 (reflection_extension does not lowercase module function name).
(Felipe, laruence at yahoo dot com dot cn)
SOAP extension:
Fixed bug #55323 (SoapClient segmentation fault when XSD_TYPEKIND_EXTENSION cont
ains itself). (Dmitry)
Fixed bug #54312 (soap_version logic bug). (tom at samplonius dot org)
Sockets extension:
Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) Found by Mateus
z Kocielski, Marek Kroemeke and Filip Palian. (Felipe)
Fixed bug #53903 (userspace stream stat callback does not separate the elements
of the returned array before converting them). (Gustavo)
Implemented FR #26158 (open arbitrary file descriptor with fopen). (Gustavo)
Tokenizer Extension
Fixed bug #54089 (token_get_all() does not stop after __halt_compiler). (Ilia)
XSL extension:
Fixed memory leaked introduced by the NULL poisoning patch. (Mateusz Kocielski,
Pierre)
Zip extension:
Added the filename into the return value of stream_get_meta_data(). (Hannes)
Fixed bug #53923 (Zip functions assume HAVE_GLOB is defined). (Adam)
Fixed bug #53893 (Wrong return value for ZipArchive::extractTo()). (Pierre)
Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (Stas
, Maksymilian Arciemowicz). (CVE-2011-0421)
Fixed bug #53854 (Missing constants for compression type). (Richard, Adam)
Fixed bug #53603 (ZipArchive should quiet stat errors). (brad dot froehle at gma
il dot com, Gustavo)
Fixed bug #53579 (stream_get_contents() segfaults on ziparchive streams). (Hanne
s)
Fixed bug #53568 (swapped memset arguments in struct initialization). (crrodrigu
ez at opensuse dot org)
Fixed bug #53166 (Missing parameters in docs and reflection definition). (Richar
d)
Fixed bug #49072 (feof never returns true for damaged file in zip). (Gustavo, Ri
chard Quadling)
Version 5.3.5
06 Jan 2011
Fixed bug #53632 (PHP hangs on numeric value 2.2250738585072011e-308). (CVE-2010
-4645) (Rasmus, Scott)
Version 5.2.17
06 Jan 2011
Fixed bug #53632 (PHP hangs on numeric value 2.2250738585072011e-308). (CVE-2010
-4645) (Rasmus, Scott)
Version 5.2.16
16 Dec 2010
Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down). (gyp
at balabit dot hu)
Fixed bug #53516 (Regression in open_basedir handling). (Ilia)
Version 5.3.4
09 Dec 2010
Upgraded bundled Sqlite3 to version 3.7.3. (Ilia)
Upgraded bundled PCRE to version 8.10. (Ilia)
Security enhancements:
Fixed crash in zip extract method (possible CWE-170). (Maksymilian Arciemowicz,
Pierre)
Paths with NULL in them (foo\0bar.txt) are now considered as invalid. (Rasmus)
Fixed a possible double free in imap extension (Identified by Mateusz Kocielski)
. (CVE-2010-4150). (Ilia)
Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709)
. (Maksymilian Arciemowicz)
Fixed possible flaw in open_basedir (CVE-2010-3436). (Pierre)
Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). (Pierre)
Fixed symbolic resolution support when the target is a DFS share. (Pierre)
Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large a
mount of data) (CVE-2010-3710). (Adam)
General improvements:
Fixed bug #47199 (pg_delete() fails on NULL). (ewgraf at gmail dot com)
Reflection extension:
Fixed ReflectionProperty::isDefault() giving a wrong result for properties obtai
ned with ReflectionClass::getProperties(). (Gustavo)
Fixed bug #53366 (Reflection doesnt get dynamic property value from getProperty(
)). (Felipe)
Fixed bug #52854 (ReflectionClass::newInstanceArgs does not work for classes wit
hout constructors). (Johannes)
SOAP extension:
Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy with S
oapClient object). (Dmitry)
SPL extension:
Fixed bug #53362 (Segmentation fault when extending SplFixedArray). (Felipe)
Fixed bug #53279 (SplFileObject doesn't initialise default CSV escape character)
. (Adam)
Fixed bug #53144 (Segfault in SplObjectStorage::removeAll()). (Felipe)
Fixed bug #53071 (SPLObjectStorage defeats gc_collect_cycles). (Gustavo)
Fixed bug #52573 (SplFileObject::fscanf Segmentation fault). (Felipe)
Fixed bug #51763 (SplFileInfo::getType() does not work symbolic link and directo
ry). (Pierre)
Fixed bug #50481 (Storing many SPLFixedArray in an array crashes). (Felipe)
Fixed bug #50579 (RegexIterator::REPLACE doesn't work). (Felipe)
SQLite3 extension:
Fixed bug #53463 (sqlite3 columnName() segfaults on bad column_number). (Felipe)
Streams:
Fixed forward stream seeking emulation in streams that don't support seeking in
situations where the read operation gives back less data than requested and when
there was data in the buffer before the emulation started. Also made more consi
stent its behavior -- should return failure every time less data than was reques
ted was skipped. (Gustavo)
Fixed bug #53241 (stream casting that relies on fdopen/fopencookie fails with st
reams opened with, inter alia, the 'xb' mode). (Gustavo)
Fixed bug #53006 (stream_get_contents has an unpredictable behavior when the und
erlying stream does not support seeking). (Gustavo)
Fixed bug #52944 (Invalid write on second and subsequent reads with an inflate f
ilter fed invalid data). (Gustavo)
Fixed bug #52820 (writes to fopencookie FILE* not commited when seeking the stre
am). (Gustavo)
WDDX extension:
Fixed bug #52468 (wddx_deserialize corrupts integer field value when left empty)
. (Felipe)
Zlib extension:
Fixed bug #52926 (zlib fopen wrapper does not use context). (Gustavo)
Version 5.2.15
08 Dec 2010
Fixed extract() to do not overwrite $GLOBALS and $this when using EXTR_OVERWRITE
. (jorto at redhat dot com)
Fixed crash in zip extract method (possible CWE-170). (Maksymilian Arciemowicz,
Pierre)
Fixed a possible double free in imap extension (Identified by Mateusz Kocielski)
. (CVE-2010-4150). (Ilia)
Fixed possible flaw in open_basedir (CVE-2010-3436). (Pierre)
Fixed possible crash in mssql_fetch_batch(). (Kalle)
Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709)
. (Maksymilian Arciemowicz)
Fixed bug #53492 (fix crash if anti-aliasing steps are invalid). (Pierre)
Fixed bug #53323 (pdo_firebird getAttribute() crash). (preeves at ibphoenix dot
com)
Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large a
Fixed bug #51273 (Faultstring property does not exist when the faultstring is em
pty) (Ilia, dennis at transip dot nl)
Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam)
Fixed bug #51263 (imagettftext and rotated text uses wrong baseline) (cschneid a
t cschneid dot com, Takeshi Abe)
Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com)
Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia, alexr
at oplot dot com)
Fixed bug #51192 (FILTER_VALIDATE_URL will invalidate a hostname that includes '
-'). (Adam, solar at azrael dot ws).
Fixed bug #51190 (ftp_put() returns false when transfer was successful). (Ilia)
Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio). (Sriram
Natarajan)
Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when an in
valid option is provided). (Ilia)
Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre)
Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones)
Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris Jones)
Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4). (Raphael Ge
issert)
Fixed bug #50762 (in WSDL mode Soap Header handler function only being called if
defined in WSDL). (mephius at gmail dot com)
Fixed bug #50698 (SoapClient should handle wsdls with some incompatiable endpoin
ts). (Justin Dearing)
Fixed bug #50383 (Exceptions thrown in __call() / __callStatic() do not include
file and line in trace). (Felipe)
Fixed bug #49730 (Firebird - new PDO() returns NULL). (Felipe)
Fixed bug #49723 (LimitIterator with empty SeekableIterator). (Etienne)
Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus)
Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe)
Fixed bug #49267 (Linking fails for iconv). (Moriyosh)
Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob)
Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken). (Adam,
patch from hiroaki dot kawai at gmail dot com).
Fixed bug #43314 (iconv_mime_encode(), broken Q scheme). (Rasmus)
Fixed bug #33210 (getimagesize() fails to detect width/height on certain JPEGs).
(Ilia)
Fixed bug #23229 (syslog() truncates messages). (Adam)
Version 5.3.2
04 Mar 2010
Security Fixes
Improved LCG entropy. (Rasmus, Samy Kamkar)
Fixed safe_mode validation inside tempnam() when the directory path does not end
with a /). (Martin Jansen)
Fixed a possible open_basedir/safe_mode bypass in the session extension identifi
ed by Grzegorz Stachowiak. (Ilia)
Upgraded bundled sqlite to version 3.6.22. (Ilia)
Upgraded bundled libmagic to version 5.03. (Mikko)
Upgraded bundled PCRE to version 8.00. (Scott)
Updated timezone database to version 2010.3. (Derick)
Improved LCG entropy. (Rasmus, Samy Kamkar)
Improved crypt support for edge cases (UFC compatibility). (Solar Designer, Joey
, Pierre)
Changed gmp_strval() to use full range from 2 to 62, and -2 to -36. FR #50283 (D
avid Soria Parra)
Changed "post_max_size" php.ini directive to allow unlimited post size by settin
g it to 0. (Rasmus)
Changed tidyNode class to disallow manual node creation. (Pierrick)
Removed automatic file descriptor unlocking happening on shutdown and/or stream
Fixed bug #50185 (ldap_get_entries() return false instead of an empty array when
there is no error). (Jani)
Fixed bug #50174 (Incorrectly matched docComment). (Felipe)
Fixed bug #50168 (FastCGI fails with wrong error on HEAD request to non-existant
file). (Dmitry)
Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle databas
e). (Felipe)
Fixed bug #50159 (wrong working directory in symlinked files). (Dmitry)
Fixed bug #50158 (FILTER_VALIDATE_EMAIL fails with valid addresses containing =
or ?). (Pierrick)
Fixed bug #50152 (ReflectionClass::hasProperty behaves like isset() not property
_exists). (Felipe)
Fixed bug #50146 (property_exists: Closure object cannot have properties). (Feli
pe)
Fixed bug #50145 (crash while running bug35634.phpt). (Felipe)
Fixed bug #50140 (With default compilation option, php symbols are unresolved fo
r nsapi). (Uwe Schindler)
Fixed bug #50087 (NSAPI performance improvements). (Uwe Schindler)
Fixed bug #50073 (parse_url() incorrect when ? in fragment). (Ilia)
Fixed bug #50023 (pdo_mysql doesn't use PHP_MYSQL_UNIX_SOCK_ADDR). (Ilia)
Fixed bug #50005 (Throwing through Reflection modified Exception object makes se
gmentation fault). (Felipe)
Fixed bug #49990 (SNMP3 warning message about security level printed twice). (Ja
ni)
Fixed bug #49985 (pdo_pgsql prepare() re-use previous aborted transaction). (ben
dot pineau at gmail dot com, Ilia, Matteo)
Fixed bug #49938 (Phar::isBuffering() returns inverted value). (Greg)
Fixed bug #49936 (crash with ftp stream in php_stream_context_get_option()). (Pi
errick)
Fixed bug #49921 (Curl post upload functions changed). (Ilia)
Fixed bug #49866 (Making reference on string offsets crashes PHP). (Dmitry)
Fixed bug #49855 (import_request_variables() always returns NULL). (Ilia, sjoerd
at php dot net)
Fixed bug #49851, #50451 (http wrapper breaks on 1024 char long headers). (Ilia)
Fixed bug #49800 (SimpleXML allow (un)serialize() calls without warning). (Ilia,
wmeler at wp-sa dot pl)
Fixed bug #49719 (ReflectionClass::hasProperty returns true for a private proper
ty in base class). (Felipe)
Fixed bug #49677 (ini parser crashes with apache2 and using ${something} ini var
iables). (Jani)
Fixed bug #49660 (libxml 2.7.3+ limits text nodes to 10MB). (Felipe)
Fixed bug #49647 (DOMUserData does not exist). (Rob)
Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe)
Fixed bug #49585 (date_format buffer not long enough for >4 digit years). (Deric
k, Adam)
Fixed bug #49560 (oci8: using LOBs causes slow PHP shutdown). (Oracle Corp.)
Fixed bug #49521 (PDO fetchObject sets values before calling constructor). (Pier
rick)
Fixed bug #49472 (Constants defined in Interfaces can be overridden). (Felipe)
Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob)
Fixed bug #49244 (Floating point NaN cause garbage characters). (Sjoerd)
Fixed bug #49224 (Compile error due to old DNS functions on AIX systems). (Scott
)
Fixed bug #49174 (crash when extending PDOStatement and trying to set queryStrin
g property). (Felipe)
Fixed bug #48811 (Directives in PATH section do not get applied to subdirectorie
s). (Patch by: ct at swin dot edu dot au)
Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram)
Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive in H
TTP uploads). (Ilia)
Fixed bug #48899 (is_callable returns true even if method does not exist in pare
nt class). (Felipe)
Fixed bug #48893 (Problems compiling with Curl). (Felipe)
Fixed bug #48872 (string.c: errors: duplicate case values). (Kalle)
Fixed bug #48854 (array_merge_recursive modifies arrays after first one). (Felip
e)
Fixed bug #48805 (IPv6 socket transport is not working). (Ilia)
Fixed bug #48802 (printf() returns incorrect outputted length). (Jani)
Fixed bug #48880 (Random Appearing open_basedir problem). (Rasmus, Gwynne)
Fixed bug #48791 (open office files always reported as corrupted). (Greg)
Fixed bug #48788 (RecursiveDirectoryIterator doesn't descend into symlinked dire
ctories). (Ilia)
Fixed bug #48783 (make install will fail saying phar file exists). (Greg)
Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()). (Sriram Natarajan)
Fixed bug #48771 (rename() between volumes fails and reports no error on Windows
). (Pierre)
Fixed bug #48768 (parse_ini_*() crash with INI_SCANNER_RAW). (Jani)
Fixed bug #48763 (ZipArchive produces corrupt archive). (dani dot church at gmai
l dot com, Pierre)
Fixed bug #48762 (IPv6 address filter still rejects valid address). (Felipe)
Fixed bug #48757 (ReflectionFunction::invoke() parameter issues). (Kalle)
Fixed bug #48754 (mysql_close() crash php when no handle specified). (Johannes,
Andrey)
Fixed bug #48752 (Crash during date parsing with invalid date). (Pierre)
Fixed bug #48746 (Unable to browse directories within Junction Points). (Pierre,
Kanwaljeet Singla)
Fixed bug #48745 (mysqlnd: mysql_num_fields returns wrong column count for mysql
_list_fields). (Andrey)
Fixed bug #48740 (PHAR install fails when INSTALL_ROOT is not the final install
location). (james dot cohen at digitalwindow dot com, Greg)
Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on files
that have been opened with r+). (Ilia)
Fixed bug #48719 (parse_ini_*(): scanner_mode parameter is not checked for sanit
y). (Jani)
Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain compone
nts). (Ilia)
Fixed bug #48681 (openssl signature verification for tar archives broken). (Greg
)
Fixed bug #48660 (parse_ini_*(): dollar sign as last character of value fails).
(Jani)
Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal html-enti
ties). (Moriyoshi)
Fixed bug #48637 ("file" fopen wrapper is overwritten when using --with-curlwrap
pers). (Jani)
Fixed bug #48608 (Invalid libreadline version not detected during configure). (J
ani)
Fixed bug #48400 (imap crashes when closing stream opened with OP_PROTOTYPE flag
). (Jani)
Fixed bug #48377 (error message unclear on converting phar with existing file).
(Greg)
Fixed bug #48247 (Infinite loop and possible crash during startup with errors wh
en errors are logged). (Jani)
Fixed bug #48198 error: 'MYSQLND_LLU_SPEC' undeclared. Cause for #48780 and #469
52 - both fixed too. (Andrey)
Fixed bug #48189 (ibase_execute error in return param). (Kalle)
Fixed bug #48182 (ssl handshake fails during asynchronous socket connection). (S
riram Natarajan)
Fixed bug #48116 (Fixed build with Openssl 1.0). (Pierre, Al dot Smith at aeschi
dot ch dot eu dot org)
Fixed bug #48057 (Only the date fields of the first row are fetched, others are
Felipe, Pierre)
Improved hash extension:
Changed mhash to be a wrapper layer around the hash extension. (Scott)
Added hash_copy() function. (Tony)
Added sha224 hash algorithm to the hash extension. (Scott)
Improved IMAP support (Pierre):
Added imap_gc() to clear the imap cache
Added imap_utf8_to_mutf7() and imap_mutf7_to_utf8()
Improved mbstring extension:
Added "mbstring.http_output_conv_mimetypes" INI directive that allows common non
-text types such as "application/xhtml+xml" to be converted by mb_output_handler
(). (Moriyoshi)
Improved OCI8 extension (Chris Jones/Oracle Corp.):
Added Database Resident Connection Pooling (DRCP) and Fast Application Notificat
ion (FAN) support.
Added support for Oracle External Authentication (not supported on Windows).
Improve persistent connection handling of restarted DBs.
Added SQLT_AFC (aka CHAR datatype) support to oci_bind_by_name.
Fixed bug #45458 (Numeric keys for associative arrays are not handled properly)
Fixed bug #41069 (Segmentation fault with query over DB link).
Fixed define of SQLT_BDOUBLE and SQLT_BFLOAT constants with Oracle 10g ORACLE_HO
ME builds.
Changed default value of oci8.default_prefetch from 10 to 100.
Fixed PECL bug #16035 (OCI8: oci_connect without ORACLE_HOME defined causes segf
ault) (Chris Jones/Oracle Corp.)
Fixed PECL bug #15988 (OCI8: sqlnet.ora isn't read with older Oracle libraries)
(Chris Jones/Oracle Corp.)
Fixed PECL bug #14268 (Allow "pecl install oci8" command to "autodetect" an Inst
ant Client RPM install) (Chris Jones/Oracle Corp.)
Fixed PECL bug #12431 (OCI8 ping functionality is broken).
Allow building (e.g from PECL) the PHP 5.3-based OCI8 code with PHP 4.3.9 onward
s.
Provide separate extensions for Oracle 11g and 10g on Windows. (Pierre, Chris)
Improved OpenSSL extension:
Added support for OpenSSL digest and cipher functions. (Dmitry)
Added access to internal values of DSA, RSA and DH keys. (Dmitry)
Fixed a memory leak on openssl_decrypt(). (Henrique)
Fixed segfault caused by openssl_pkey_new(). (Henrique)
Fixed bug caused by uninitilized variables in openssl_pkcs7_encrypt() and openss
l_pkcs7_sign(). (Henrique)
Fixed error message in openssl_seal(). (Henrique)
Improved pcntl extension: (Arnaud)
Added pcntl_signal_dispatch().
Added pcntl_sigprocmask().
Added pcntl_sigwaitinfo().
Added pcntl_sigtimedwait().
Improved SOAP extension:
Added support for element names in context of XMLSchema's <any>. (Dmitry)
Added ability to use Traversable objects instead of plain arrays. (Joshua Reese,
Dmitry)
Fixed possible crash bug caused by an uninitialized value. (Zdash Urf)
Improved SPL extension:
Added SPL to list of standard extensions that cannot be disabled. (Marcus)
Added ability to store associative information with objects in SplObjectStorage.
(Marcus)
Added ArrayAccess support to SplObjectStorage. (Marcus)
Added SplDoublyLinkedList, SplStack, SplQueue classes. (Etienne)
Added FilesystemIterator. (Marcus)
Added GlobIterator. (Marcus)
Added SplHeap, SplMinHeap, SplMaxHeap, SplPriorityQueue classes. (Etienne)
on). (Felipe)
Fixed bug #43817 (opendir() fails on Windows directories with parent directory u
naccessible). (Dmitry)
Fixed bug #43069 (SoapClient causes 505 HTTP Version not supported error message
). (Dmitry)
Fixed bug #43008 (php://filter uris ignore url encoded filternames and can't han
dle slashes). (Arnaud)
Fixed bug #42362 (HTTP status codes 204 and 304 should not be gzipped). (Scott,
Edward Z. Yang)
Fixed bug #41874 (separate STDOUT and STDERR in exec functions). (Kanwaljeet Sin
gla, Venkat Raman Don, Pierre)
Fixed bug #41534 (SoapClient over HTTPS fails to reestablish connection). (Dmitr
y)
Fixed bug #38802 (max_redirects and ignore_errors). (patch by datibbaw@php.net)
Fixed bug #35980 (touch() works on files but not on directories). (Pierre)
Version 5.2.12
17 Dec 2009
Security Fixes
Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (Rasmus
)
Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak.
(Rasmus)
Added "max_file_uploads" INI directive, which can be set to limit the number of
file uploads per-request to 20 by default, to prevent possible DOS via temporary
file exhaustion. (Ilia)
Added protection for $_SESSION from interrupt corruption and improved "session.s
ave_path" check, identified by Stefan Esser. (Stas)
Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (
Moriyoshi, hello at iwamot dot com)
Updated timezone database to version 2009.19 (2009s). (Derick)
Added LIBXML_PARSEHUGE constant to overrides the maximum text size of a single t
ext node when using libxml2.7.3+. (Kalle)
Changed "post_max_size" php.ini directive to allow unlimited post size by settin
g it to 0. (Rasmus)
Fixed error_log() to be binary safe when using message_type 3. (Jani)
Fixed unnecessary invocation of setitimer when timeouts have been disabled. (Arv
ind Srinivasan)
Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery() wh
en calling using Reflection. (Felipe)
Fixed crash when instantiating PDORow and PDOStatement through Reflection. (Feli
pe)
Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)
Fixed bug #50445 (PDO-ODBC stored procedure call from Solaris 64-bit causes seg
fault). (davbrown4 at yahoo dot com, Felipe)
Fixed bug #50345 (nanosleep not detected properly on some solaris versions). (Ja
ni)
Fixed bug #50323 (Allow use of ; in values via ;; in PDO DSN). (Ilia, Pierrick)
Fixed bug #50285 (xmlrpc does not preserve keys in encoded indexed arrays). (Fel
ipe)
Fixed bug #50282 (xmlrpc_encode_request() changes object into array in calling f
unction). (Felipe)
Fixed bug #50266 (conflicting types for llabs). (Jani)
Fixed bug #50255 (isset() and empty() silently casts array to object). (Felipe)
Fixed bug #50219 (soap call Segmentation fault on a redirected url). (Pierrick)
Fixed bug #50209 (Compiling with libedit cannot find readline.h). (tcallawa at r
edhat dot com)
Fixed bug #50207 (segmentation fault when concatenating very large strings on 64
bit linux). (Ilia)
Fixed bug #50195 (pg_copy_to() fails when table name contains schema. (Ilia)
Fixed bug #50185 (ldap_get_entries() return false instead of an empty array when
there is no error). (Jani)
Fixed bug #50174 (Incorrectly matched docComment). (Felipe)
Fixed bug #50168 (FastCGI fails with wrong error on HEAD request to non-existent
file). (Dmitry)
Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle databas
e). (Felipe)
Fixed bug #50158 (FILTER_VALIDATE_EMAIL fails with valid addresses containing =
or ?). (Pierrick)
Fixed bug #50073 (parse_url() incorrect when ? in fragment). (Ilia)
Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
Fixed bug #50005 (Throwing through Reflection modified Exception object makes se
gmentation fault). (Felipe)
Fixed bug #49990 (SNMP3 warning message about security level printed twice). (Ja
ni)
Fixed bug #49985 (pdo_pgsql prepare() re-use previous aborted transaction). (ben
dot pineau at gmail dot com, Ilia, Matteo)
Fixed bug #49972 (AppendIterator undefined function crash). (Johannes)
Fixed bug #49921 (Curl post upload functions changed). (Ilia)
Fixed bug #49855 (import_request_variables() always returns NULL). (Ilia, sjoerd
at php dot net)
Fixed bug #49847 (exec() fails to return data inside 2nd parameter, given output
lines >4095 bytes). (Ilia)
Fixed bug #49809 (time_sleep_until() is not available on OpenSolaris). (Jani)
Fixed bug #49757 (long2ip() can return wrong value in a multi-threaded applicati
ons). (Ilia, Florian Anderiasch)
Fixed bug #49738 (calling mcrypt() after mcrypt_generic_deinit() crashes). (Srir
am Natarajan)
Fixed bug #49719 (ReflectionClass::hasProperty returns true for a private proper
ty in base class). (Felipe)
Fixed bug #49698 (Unexpected change in strnatcasecmp()). (Rasmus)
Fixed bug #49677 (ini parser crashes with apache2 and using ${something} ini var
iables). (Jani)
Fixed bug #49660 (libxml 2.7.3+ limits text nodes to 10MB). (Felipe)
Fixed bug #49647 (DOMUserData does not exist). (Rob)
Fixed bug #49630 (imap_listscan() function missing). (Felipe)
Fixed bug #49627 (error_log to specified file does not log time according to dat
e.timezone). (Dmitry)
Fixed bug #49578 (make install-pear fails). (Hannes)
Fixed bug #49536 (mb_detect_encoding() returns incorrect results when mbstring.s
trict_mode is turned on). (Moriyoshi)
Fixed bug #49531 (CURLOPT_INFILESIZE sometimes causes warning "CURLPROTO_FILE ca
nnot be set"). (Felipe)
Fixed bug #49528 (UTF-16 strings prefixed by BOMs wrongly converted). (Moriyoshi
)
Fixed bug #49521 (PDO fetchObject sets values before calling constructor). (Pier
rick)
Fixed bug #49517 (cURL's CURLOPT_FILE prevents file from being deleted after fcl
ose()). (Ilia)
Fixed bug #49472 (Constants defined in Interfaces can be overridden). (Felipe)
Fixed bug #49354 (mb_strcut() cuts wrong length when offset is in the middle of
a multibyte character). (Moriyoshi)
Fixed bug #49332 (Build error with Snow Leopard). (Scott)
Fixed bug #49244 (Floating point NaN cause garbage characters). (Sjoerd)
Fixed bug #49174 (crash when extending PDOStatement and trying to set queryStrin
g property). (Felipe)
Fixed bug #49098 (mysqli segfault on error). (Rasmus)
Fixed bug #48805 (IPv6 socket transport is not working). (Ilia)
Fixed bug #48764 (PDO_pgsql::query() always uses implicit prepared statements if
26 Feb 2009
Security Fixes
Fixed security issue in imagerotate(), background colour isn't validated correct
ly with a non truecolour image. Reported by Hamid Ebadi, APA Laboratory (Fixes C
VE-2008-5498). (Scott)
Fixed a crash on extract in zip when files or directories entry names contain a
relative path. (Pierre)
Fixed explode() behavior with empty string to respect negative limit. (Shire)
Fixed a segfault when malformed string is passed to json_decode(). (Scott)
Fixed bug in xml_error_string() which resulted in messages being off by one. (Sc
ott)
Changed __call() to be invoked on private/protected method access, similar to pr
operties and __get(). (Andrei)
Added optional sorting type flag parameter to array_unique(). Default is SORT_RE
GULAR. (Andrei)
Fixed zip filename property read. (Pierre)
Fixed error conditions handling in stream_filter_append(). (Arnaud)
Fixed bug #47422 (modulus operator returns incorrect results on 64 bit linux). (
Matt)
Fixed bug #47399 (mb_check_encoding() returns true for some illegal SJIS charact
ers). (for-bugs at hnw dot jp, Moriyoshi)
Fixed bug #47353 (crash when creating a lot of objects in object destructor). (T
ony)
Fixed bug #47322 (sscanf %d doesn't work). (Felipe)
Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses as inva
lid). (Ilia)
Fixed bug #47220 (segfault in dom_document_parser in recovery mode). (Rob)
Fixed bug #47217 (content-type is not set properly for file uploads). (Ilia)
Fixed bug #47174 (base64_decode() interprets pad char in mid string as terminato
r). (Ilia)
Fixed bug #47165 (Possible memory corruption when passing return value by refere
nce). (Dmitry)
Fixed bug #47152 (gzseek/fseek using SEEK_END produces strange results). (Felipe
)
Fixed bug #47131 (SOAP Extension ignores "user_agent" ini setting). (Ilia)
Fixed bug #47109 (Memory leak on $a->{"a"."b"} when $a is not an object). (Etien
ne, Dmitry)
Fixed bug #47104 (Linking shared extensions fails with icc). (Jani)
Fixed bug #47049 (SoapClient::__soapCall causes a segmentation fault). (Dmitry)
Fixed bug #47048 (Segfault with new pg_meta_data). (Felipe)
Fixed bug #47042 (PHP cgi sapi is removing SCRIPT_FILENAME for non apache). (Sri
ram Natarajan)
Fixed bug #47037 (No error when using fopen with empty string). (Cristian Rodrig
uez R., Felipe)
Fixed bug #47035 (dns_get_record returns a garbage byte at the end of a TXT reco
rd). (Felipe)
Fixed bug #47027 (var_export doesn't show numeric indices on ArrayObject). (Deri
ck)
Fixed bug #46985 (OVERWRITE and binary mode does not work, regression introduced
in 5.2.8). (Pierre)
Fixed bug #46973 (IPv6 address filter rejects valid address). (Felipe)
Fixed bug #46964 (Fixed pdo_mysql build with older version of MySQL). (Ilia)
Fixed bug #46959 (Unable to disable PCRE). (Scott)
Fixed bug #46918 (imap_rfc822_parse_adrlist host part not filled in correctly).
(Felipe)
Fixed bug #46889 (Memory leak in strtotime()). (Derick)
Fixed bug #46887 (Invalid calls to php_error_docref()). (oeriksson at mandriva d
ot com, Ilia)
Fixed bug #46873 (extract($foo) crashes if $foo['foo'] exists). (Arnaud)
Fixed bug #46843 (CP936 euro symbol is not converted properly). (ty_c at cybozuy
dot co dot jp, Moriyoshi)
Fixed bug #46798 (Crash in mssql extension when retrieving a NULL value inside a
binary or image column type). (Ilia)
Fixed bug #46782 (fastcgi.c parse error). (Matt)
Fixed bug #46760 (SoapClient doRequest fails when proxy is used). (Felipe)
Fixed bug #46748 (Segfault when an SSL error has more than one error). (Scott)
Fixed bug #46739 (array returned by curl_getinfo should contain content_type key
). (Mikko)
Fixed bug #46699 (xml_parse crash when parser is namespace aware). (Rob)
Fixed bug #46419 (Elements of associative arrays with NULL value are lost). (Dmi
try)
Fixed bug #46282 (Corrupt DBF When Using DATE). (arne at bukkie dot nl)
Fixed bug #46026 (bz2.decompress/zlib.inflate filter tries to decompress after e
nd of stream). (Greg)
Fixed bug #46005 (User not consistently logged under Apache2). (admorten at umic
h dot edu, Stas)
Fixed bug #45996 (libxml2 2.7 causes breakage with character data in xml_parse()
). (Rob)
Fixed bug #45940 (MySQLI OO does not populate connect_error property on failed c
onnect). (Johannes)
Fixed bug #45923 (mb_st[r]ripos() offset not handled correctly). (Moriyoshi)
Fixed bug #45327 (memory leak if offsetGet throws exception). (Greg)
Fixed bug #45239 (Encoding detector hangs with mbstring.strict_detection enabled
). (Moriyoshi)
Fixed bug #45161 (Reusing a curl handle leaks memory). (Mark Karpeles, Jani)
Fixed bug #44336 (Improve pcre UTF-8 string matching performance). (frode at cor
etrek dot com, Nuno)
Fixed bug #43841 (mb_strrpos() offset is byte count for negative values). (Moriy
oshi)
Fixed bug #37209 (mssql_execute with non fatal errors). (Kalle)
Fixed bug #35975 (Session cookie expires date format isn't the most compatible.
Now matches that of setcookie()). (Scott)
Version 5.2.8
08 Dec 2008
Reverted bug fix Fixed bug #42718 that broke magic_quotes_gpc (Scott)
Version 5.2.7
04 Dec 2008
Security Fixes
Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371) (Ilia)
Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksy
milian Arciemowicz. (Stas)
Fixed incorrect php_value order for Apache configuration, reported by Maksymilia
n Arciemowicz. (Stas)
Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). (Pierre)
Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). (Laurent Gaffie)
Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666. (Christian Ho
ffmann)
Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).(Fixes CV
E-2008-3660) (Dmitry)
Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer overflow).
(Fixes CVE-2008-2829) (Dmitry)
Updated timezone database to version 2008.9. (Derick)
Upgraded bundled libzip to 0.9.0. (Pierre)
Added logging option for error_log to send directly to SAPI. (Stas)
Added PHP_MAJOR_VERSION, PHP_MINOR_VERSION, PHP_RELEASE_VERSION,PHP_EXTRA_VERSIO
N, PHP_VERSION_ID, PHP_ZTS and PHP_DEBUG constants. (Pierre)
Added "PHP_INI_SCAN_DIR" environment variable which can be used to either disabl
e or change the compile time ini scan directory (FR Fixed bug #45114). (Jani)
Fixed memory leak inside sqlite_create_aggregate(). (Felipe)
Fixed memory leak inside PDO sqlite's sqliteCreateAggregate() method. (Felipe)
Fixed memory leak inside readline_callback_handler_remove() function. (Felipe)
Fixed sybase_fetch_*() to continue reading after CS_ROW_FAIL status (Timm)
Fixed a bug inside dba_replace() that could cause file truncation with invalid k
eys. (Ilia)
Fixed memory leak inside readline_callback_handler_install() function. (Ilia)
Fixed memory leak inside readline_completion_function() function. (Felipe)
Fixed stream_get_contents() when using $maxlength and socket is not closed. inde
yets [at] php [dot] net on Fixed bug #46049. (Arnaud)
Fixed stream_get_line() to behave as documented on non-blocking streams. (Arnaud
)
Fixed endless loop in PDOStatement::debugDumpParams().(jonah.harris at gmail dot
com)
Fixed ability to use "internal" heaps in extensions. (Arnaud, Dmitry)
Fixed weekdays adding/subtracting algorithm. (Derick)
Fixed some ambiguities in the date parser. (Derick)
Fixed a bug with the YYYY-MM format not resetting the day correctly. (Derick)
Fixed a bug in the DateTime->modify() methods, it would not use the advanced rel
ative time strings. (Derick)
Fixed extraction of zip files or directories when the entry name is a relative p
ath. (Pierre)
Fixed read or write errors for large zip archives. (Pierre)
Fixed simplexml asXML() not to lose encoding when dumping entire document to fil
e. (Ilia)
Fixed a crash inside PDO when trying instantiate PDORow manually. (Felipe)
Fixed build failure of ext/mysqli with libmysql 6.0 - missing rpl functions. (An
drey)
Fixed a regression when using strip_tags() and < is within an attribute. (Scott)
Fixed a crash on invalid method in ReflectionParameter constructor. (Christian S
eiler)
Reverted fix for bug Fixed bug #44197 due to behaviour change in minor version.
(Felipe)
Fixed bug #46732 (mktime.year description is wrong). (Derick)
Fixed bug #46696 (cURL fails in upload files with specified content-type). (Ilia
)
Fixed bug #46673 (stream_lock call with wrong parameter). (Arnaud)
Fixed bug #46649 (Setting array element with that same array produces inconsiste
nt results). (Arnaud)
Fixed bug #46626 (mb_convert_case does not handle apostrophe correctly). (Ilia)
Fixed bug #46543 (ibase_trans() memory leaks when using wrong parameters). (Feli
pe)
Fixed bug #46521 (Curl ZTS OpenSSL, error in config.m4 fragment). (jd at cpanel
dot net)
Fixed bug #46496 (wddx_serialize treats input as ISO-8859-1). (Mark Karpeles)
Fixed bug #46427 (SoapClient() stumbles over its "stream_context" parameter). (D
mitry, Herman Radtke)
Fixed bug #46426 (offset parameter of stream_get_contents() does not workfor "0"
). (Felipe)
Fixed bug #46406 (Unregistering nodeclass throws E_FATAL). (Rob)
Fixed bug #46389 (NetWare needs small patch for _timezone). (patch by guenter@ph
p.net)
Fixed bug #46388 (stream_notification_callback inside of object destroys object
variables). (Felipe)
Fixed bug #46381 (wrong $this passed to internal methods causes segfault). (Tony
)
Fixed bug #46379 (Infinite loop when parsing '#' in one line file). (Arnaud)
Fixed bug #46366 (bad cwd with / as pathinfo). (Dmitry)
Fixed bug #46360 (TCP_NODELAY constant for socket_{get,set}_option). (bugs at tr
Fixed bug #44991 (Compile Failure With freetds0.82). (jklowden at freetds dot or
g, matthias at dsx dot at)
Fixed bug #44938 (gettext functions crash with overly long domain). (Christian S
chneider, Ilia)
Fixed bug #44925 (preg_grep() modifies input array). (Nuno)
Fixed bug #44900 (OpenSSL extension fails to link with OpenSSL 0.9.6). (jd at cp
anel dot net, Pierre)
Fixed bug #44891 Memory leak using registerPHPFunctions and XSLT Variable as fun
ction parameter. (Rob)
Fixed bug #44882 (SOAP extension object decoding bug). (Dmitry)
Fixed bug #44830 (Very minor issue with backslash in heredoc). (Matt)
Fixed bug #44818 (php://memory writeable when opened read only). (Arnaud)
Fixed bug #44811 (Improve error message when creating a new SoapClient that cont
ains invalid data). (Markus Fischer, David C)
Fixed bug #44798 (Memory leak assigning value to attribute). (Ilia)
Fixed bug #44716 (Progress notifications incorrect). (Hannes)
Fixed bug #44712 (stream_context_set_params segfaults on invalid arguments). (Ha
nnes)
Fixed bug #44617 (wrong HTML entity output when substitute_character=entity). (M
oriyoshi)
Fixed bug #44607 (stream_get_line unable to correctly identify the "ending" in t
he stream content). (Arnaud)
Fixed bug #44425 (Extending PDO/MySQL class with a __call() function doesn'twork
). (Johannes)
Fixed bug #44327 (PDORow::queryString property & numeric offsets / Crash). (Feli
pe)
Fixed bugs #44251, #41125 (PDO + quote() + prepare() can result in segfault). (t
steiner at nerdclub dot net)
Fixed bug #44246 (closedir() accepts a file resource opened by fopen()). (Dmitry
, Tony)
Fixed bug #44182 (extract($a, EXTR_REFS) can fail to split copy-on-write referen
ces). (robin_fernandes at uk dot ibm dot com)
Fixed bug #44181 (extract($a, EXTR_OVERWRITE|EXTR_REFS) can fail to create refer
ences to $a). (robin_fernandes at uk dot ibm dot com)
Fixed bug #44127 (UNIX abstract namespace socket connect does not work). (Jani)
Fixed bug #43993 (mb_substr_count() behaves differently to substr_count() with o
verlapping needles). (Moriyoshi)
Fixed bug #43958 (class name added into the error message). (Dmitry)
Fixed bug #43941 (json_encode silently cuts non-UTF8 strings). (Stas)
Fixed bug #43925 (Incorrect argument counter in prepared statements with pgsql).
(Felipe)
Fixed bug #43731 (socket_getpeername: cannot use on stdin with inetd). (Arnaud)
Fixed bug #43723 (SOAP not sent properly from client for <choice>). (Dmitry)
Fixed bug #43668 (Added odbc.default_cursortype to control the ODBCcursor model)
. (Patrick)
Fixed bug #43666 (Fixed code to use ODBC 3.52 datatypes for 64bit systems). (Pat
rick)
Fixed bug #43540 (rfc1867 handler newlength problem). (Arnaud)
Fixed bug #43452 (strings containing a weekday, or a number plus weekday behaved
incorrect of the current day-of-week was the same as the one in the phrase).(De
rick)
Fixed bug #43353 (wrong detection of 'data' wrapper causes notice). (gk at gknw
dot de, Arnaud)
Fixed bug #43053 (Regression: some numbers shown in scientific notation). (int-e
at gmx dot de)
Fixed bug #43045 (SOAP encoding violation on "INF" for type double/float). (Dmit
ry)
Fixed bug #42855 (dns_get_record() doesn't return all text from TXT record). (a
dot u dot savchuk at gmail dot com)
Fixed bug #42737 (preg_split('//u') triggers a E_NOTICE with newlines). (Nuno)
Fixed bug #42718 (FILTER_UNSAFE_RAW not applied when configured as default filte
r). (Arnaud)
Fixed bug #42604 ("make test" fails with --with-config-file-scan-dir=path). (Jan
i)
Fixed bug #42473 (ob_start php://output and headers). (Arnaud)
Fixed bug #42318 (problem with nm on AIX, not finding object files). (Dmitry)
Fixed bug #42294 (Unified solution for round() based on C99 round). (Ilia)
Fixed bug #42078 (pg_meta_data mix tables metadata from different schemas). (Fel
ipe)
Fixed bug #41348 (OCI8: allow compilation with Oracle 8.1). (Chris Jones)
Fixed bug #41033 (enable signing with DSA keys. (gordyf at google dot com, Pierr
e)
Fixed bug #37100 (data is returned truncated with BINARY CURSOR). (Tony)
Fixed bug #30312 (crash in sybase_unbuffered_query() function). (Timm)
Fixed bug #24679 (pg_* functions doesn't work using schema). (Felipe)
Fixed PECL bug #14962 (::extractTo 2nd argument is not really optional). (Mark v
an Der Velden)
Fixed bug #14032 (Mail() always returns false but mail is sent). (Mikko)
Version 5.2.6
01 May 2008
Security Fixes
Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin)
Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia, Stefa
n Esser)
Fixed security issue detailed in CVE-2008-0599. (Rasmus)
Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. (Ilia)
Upgraded PCRE to version 7.6 (Nuno)
Fixed two possible crashes inside posix extension (Tony)
Fixed incorrect heredoc handling when label is used within the block. (Matt)
Fixed sending of uninitialized paddings which may contain some information. (And
rei Nigmatulin)
Fixed a bug in formatting timestamps when DST is active in the default timezone
(Derick)
Fix integer overflow in printf(). (Stas, Maksymilian Aciemowicz)
Fixed potential memleak in stream filter parameter for zlib filter. (Greg)
Added Reflection API metadata for the methods of the DOM classes. (Sebastian)
Fixed weird behavior in CGI parameter parsing. (Dmitry, Hannes Magnusson)
Fixed a bug with PDO::FETCH_COLUMN|PDO::FETCH_GROUP mode when a column # by whic
h to group by data is specified. (Ilia)
Fixed segfault in filter extension when using callbacks. (Arnar Mar Sig, Felipe)
Fixed faulty fix for bug Fixed bug #40189 (endless loop in zlib.inflate stream f
ilter). (Greg)
Fixed bug #44742 (timezone_offset_get() causes segmentation faults). (Derick)
Fixed bug #44720 (Prevent crash within session_register()). (Scott)
Fixed bug #44703 (htmlspecialchars() does not detect bad character set argument)
. (Andy Wharmby)
Fixed bug #44673 (With CGI argv/argc starts from arguments, not from script) (Dm
itry)
Fixed bug #44667 (proc_open() does not handle pipes with the mode 'wb' correctly
). (Jani)
Fixed bug #44663 (Crash in imap_mail_compose if "body" parameter invalid). (Ilia
)
Fixed bug #44650 (escapeshellscmd() does not check arg count). (Ilia)
Fixed bug #44613 (Crash inside imap_headerinfo()). (Ilia, jmessa)
Fixed bug #44603 (Order issues with Content-Type/Length headers on POST). (Ilia)
Fixed bug #44594 (imap_open() does not validate # of retries parameter). (Ilia)
Fixed bug #44591 (imagegif's filename parameter). (Felipe)
Fixed bug #44557 (Crash in imap_setacl when supplied integer as username) (Thoma
s Jarosch)
ount). (Rui)
Fixed bug #43808 (date_create never fails (even when it should)). (Derick)
Fixed bug #43793 (zlib filter is unable to auto-detect gzip/zlib file headers).
(Greg)
Fixed bug #43703 (Signature compatibility check broken). (Dmitry)
Fixed bug #43677 (Inconsistent behaviour of include_path set with php_value). (m
anuel at mausz dot at)
Fixed bug #43663 (Extending PDO class with a __call() function doesn't work). (D
avid Soria Parra)
Fixed bug #43647 (Make FindFile use PATH_SEPARATOR instead of ";"). (Ilia)
Fixed bug #43635 (mysql extension ingores INI settings on NULL values passed to
mysql_connect()). (Ilia)
Fixed bug #43620 (Workaround for a bug inside libcurl 7.16.2 that can result in
a crash). (Ilia)
Fixed bug #43614 (incorrect processing of numerical string keys of array in arbi
trary serialized data). (Dmitriy Buldakov, Felipe)
Fixed bug #43606 (define missing depencies of the exif extension). (crrodriguez
at suse dot de)
Fixed bug #43589 (a possible infinite loop in bz2_filter.c). (Greg)
Fixed bug #43580 (removed bogus declaration of a non-existent php_is_url() funct
ion). (Ilia)
Fixed bug #43559 (array_merge_recursive() doesn't behave as expected with duplic
ate NULL values). (Felipe, Tony)
Fixed bug #43533 (escapeshellarg('') returns null). (Ilia)
Fixed bug #43527 (DateTime created from a timestamp reports environment timezone
). (Derick)
Fixed bug #43522 (stream_get_line() eats additional characters). (Felipe, Ilia,
Tony)
Fixed bug #43507 (SOAPFault HTTP Status 500 - would like to be able to set the H
TTP Status). (Dmitry)
Fixed bug #43505 (Assign by reference bug). (Dmitry)
Fixed bug #43498 (file_exists() on a proftpd server got SIZE not allowed in ASCI
I mode). (Ilia, crrodriguez at suse dot de)
Fixed bug #43497 (OCI8 XML/getClobVal aka temporary LOBs leak UGA memory). (Chri
s)
Fixed bug #43495 (array_merge_recursive() crashes with recursive arrays). (Ilia)
Fixed bug #43493 (pdo_pgsql does not send username on connect when password is n
ot available). (Ilia)
Fixed bug #43491 (Under certain conditions, file_exists() never returns). (Dmitr
y)
Fixed bug #43483 (get_class_methods() does not list all visible methods). (Dmitr
y)
Fixed bug #43482 (array_pad() does not warn on very small pad numbers). (Ilia)
Fixed bug #43457 (Prepared statement with incorrect parms doesn't throw exceptio
n with pdo_pgsql driver). (Ilia)
Fixed bug #43450 (Memory leak on some functions with implicit object __toString(
) call). (David C.)
Fixed bug #43386 (array_globals not reset to 0 properly on init). (Ilia)
Fixed bug #43377 (PHP crashes with invalid argument for DateTimeZone). (Ilia)
Fixed bug #43373 (pcntl_fork() should not raise E_ERROR on error). (Ilia)
Fixed bug #43364 (recursive xincludes don't remove internal xml nodes properly).
(Rob, patch from ddb@bitxtender.de)
Fixed bug #43301 (mb_ereg*_replace() crashes when replacement string is invalid
PHP expression and 'e' option is used). (Jani)
Fixed bug #43295 (crash because of uninitialized SG(sapi_headers).mimetype). (Dm
itry)
Fixed bug #43293 (Multiple segfaults in getopt()). (Hannes)
Fixed bug #43279 (pg_send_query_params() converts all elements in 'params' to st
rings). (Ilia)
Fixed bug #43276 (Incomplete fix for bug #42739, mkdir() under safe_mode). (Ilia
)
Fixed bug #43248 (backward compatibility break in realpath()). (Dmitry)
Fixed bug #43221 (SimpleXML adding default namespace in addAttribute). (Rob)
Fixed bug #43216 (stream_is_local() returns false on "file://"). (Dmitry)
Fixed bug #43201 (Crash on using uninitialized vals and __get/__set). (Dmitry)
Fixed bug #43182 (file_put_contents() LOCK_EX does not work properly on file tru
ncation). (Ilia)
Fixed bug #43175 (__destruct() throwing an exception with __call() causes segfau
lt). (Dmitry)
Fixed bug #43128 (Very long class name causes segfault). (Dmitry)
Fixed bug #43105 (PHP seems to fail to close open files). (Hannes)
Fixed bug #43092 (curl_copy_handle() crashes with > 32 chars long URL). (Jani)
Fixed bug #43003 (Invalid timezone reported for DateTime objects constructed usi
ng a timestamp). (Derick)
Fixed bug #42978 (mismatch between number of bound params and values causes a cr
ash in pdo_pgsql). (Ilia)
Fixed bug #42945 (preg_split() swallows part of the string). (Nuno)
Fixed bug #42937 (__call() method not invoked when methods are called on parent
from child class). (Dmitry)
Fixed bug #42841 (REF CURSOR and oci_new_cursor() crash PHP). (Chris)
Fixed bug #42838 (Wrong results in array_diff_uassoc) (Felipe)
Fixed bug #42779 (Incorrect forcing from HTTP/1.0 request to HTTP/1.1 response).
(Ilia)
Fixed bug #42736 (xmlrpc_server_call_method() crashes). (Tony)
Fixed bug #42692 (Procedure 'int1' not present with doc/lit SoapServer). (Dmitry
)
Fixed bug #42548 (mysqli PROCEDURE calls can't return result sets). (Hartmut)
Fixed bug #42505 (new sendmail default breaks on Netware platform) (Guenter Knau
f)
Fixed bug #42369 (Implicit conversion to string leaks memory). (David C., Rob).
Fixed bug #42272 (var_export() incorrectly escapes char(0)). (Derick)
Fixed bug #42261 (Incorrect lengths for date and boolean data types). (Ilia)
Fixed bug #42190 (Constructing DateTime with TimeZone Indicator invalidates Date
TimeZone). (Derick)
Fixed bug #42177 (Warning "array_merge_recursive(): recursion detected" comes ag
ain...). (Felipe)
Fixed bug #41941 (oci8 extension not lib64 savvy). (Chris)
Fixed bug #41828 (Failing to call RecursiveIteratorIterator::__construct() cause
s a sefault). (Etienne)
Fixed bug #41599 (setTime() fails after modify() is used). (Derick)
Fixed bug #41562 (SimpleXML memory issue). (Rob)
Fixed bug #40013 (php_uname() does not return nodename on Netware (Guenter Knauf
)
Fixed bug #38468 (Unexpected creation of cycle). (Dmitry)
Fixed bug #32979 (OpenSSL stream->fd casts broken in 64-bit build) (stotty at tv
net dot hu)
Version 5.2.5
08 Nov 2007
Security Fixes
Fixed dl() to only accept filenames. reported by Laurent Gaffie.
Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
Fixed htmlentities/htmlspecialchars not to accept partial multibyte sequences.
Fixed possible triggering of buffer overflows inside glibc implementations of th
e fnmatch(), setlocale() and glob() functions. Reported by Laurent Gaffie.
Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable in .h
taccess due to the security implications reported by SecurityReason.
Fixed bug #42869 (automatic session id insertion adds sessions id to non-local f
orms).
Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten w
ith ini_set()).
Upgraded PCRE to version 7.3 (Nuno)
Added optional parameter $provide_object to debug_backtrace(). (Sebastian)
Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre)
Added ability to control memory consumption between request using ZEND_MM_COMPAC
T environment variable. (Dmitry)
Improved speed of array_intersect_key(), array_intersect_assoc(), array_uinterse
ct_assoc(), array_diff_key(), array_diff_assoc() and array_udiff_assoc(). (Dmitr
y)
Fixed move_uploaded_file() to always set file permissions of resulting file acco
rding to UMASK. (Andrew Sitnikov)
Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf)
Fixed regression in glob() when enforcing safe_mode/open_basedir checks on paths
containing '*'. (Ilia)
Fixed PDO crash when driver returns empty LOB stream. (Stas)
Fixed iconv_*() functions to limit argument sizes as workaround to libc bug (CVE
-2007-4783, CVE-2007-4840 by Laurent Gaffie). (Christian Hoffmann, Stas)
Fixed missing brackets leading to build warning and error in the log. Win32 code
. (Andrey)
Fixed leaks with multiple connects on one mysqli object. (Andrey)
Fixed endianness detection on MacOS when building universal binary. (Uwe Schindl
er, Christian Speich, Tony)
Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre)
Fixed bug #43196 (array_intersect_assoc() crashes with non-array input). (Jani)
Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with fetchAl
l()). (Ilia)
Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani)
Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia)
Fixed bug #43099 (XMLWriter::endElement() does not check # of params). (Ilia)
Fixed bug #43020 (Warning message is missing with shuffle() and more than one ar
gument). (Scott)
Fixed bug #42976 (Crash when constructor for newInstance() or newInstanceArgs()
fails) (Ilia)
Fixed bug #42943 (ext/mssql: Move *timeout initialization from RINIT to connect
time). (Ilia)
Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode). (Ilia)
Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client). (Andrey)
Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry)
Fixed bug #42817 (clone() on a non-object does not result in a fatal error). (Il
ia)
Fixed bug #42785 (json_encode() formats doubles according to locale rather then
following standard syntax). (Ilia)
Fixed bug #42783 (pg_insert() does not accept an empty list for insertion). (Ili
a)
Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry)
Fixed bug #42772 (Storing $this in a static var fails while handling a cast to s
tring). (Dmitry)
Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia)
Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is enable
d). (Ilia)
Fixed bug #42703 (Exception raised in an iterator::current() causes segfault in
FilterIterator) (Marcus)
Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry)
Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves) (Marcu
s)
Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia)
Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran)
Fixed bug #42629 (Dynamically loaded PHP extensions need symbols exported on Mac
OSX). (jdolecek at NetBSD dot org)
Fixed bug #42627 (bz2 extension fails to build with -fno-common). (dolecek at ne
Changed error handler to send HTTP 500 instead of blank page on PHP errors. (Dmi
try, Andrei Nigmatulin)
Changed mail() function to be always available. (Johannes)
Added check for unknown options passed to configure. (Jani)
Added persistent connection status checker to pdo_pgsql. (Elvis Pranskevichus, I
lia)
Added support for ATTR_TIMEOUT inside pdo_pgsql driver. (Ilia)
Added php_ini_loaded_file() function which returns the path to the actual php.in
i in use. (Jani)
Added GD version constants GD_MAJOR_VERSION, GD_MINOR_VERSION GD_RELEASE_VERSION
, GD_EXTRA_VERSION and GD_VERSION_STRING. (Pierre)
Added missing open_basedir checks to CGI. (anight at eyelinkmedia dot com, Tony)
Added missing format validator to unpack() function. (Ilia)
Added missing error check inside bcpowmod(). (Ilia)
Added CURLOPT_PRIVATE & CURLINFO_PRIVATE constants. (Andrey A. Belashkov, Tony)
Added missing MSG_EOR and MSG_EOF constants to sockets extension. (Jani)
Added PCRE_VERSION constant. (Tony)
Added ReflectionExtension::info() function to print the phpinfo() block for an e
xtension. (Johannes)
Implemented FR #41884 (ReflectionClass::getDefaultProperties() does not handle s
tatic attributes). (Tony)
Fixed possible crash in imagepsloadfont(), work around a bug in the pslib on Win
dows. (Pierre)
Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g client li
braries. (Chris Jones)
Fixed EOF handling in case of reading from file opened in write only mode. (Dmit
ry)
Fixed var_export() to use the new H modifier so that it can generate parseable P
HP code for floats, independent of the locale. (Derick)
Fixed regression introduced by the fix for the libgd bug #74. (Pierre)
Fixed SimpleXML's behavior when used with empty(). (Sara)
Fixed crash in OpenSSL extension because of non-string passphrase. (Dmitry)
Fixed PECL bug #11345 (PDO_OCI crash after National language Support "NLS" envir
onment initialization error). (Chris Jones)
Fixed PECL bug #11216 (crash in ZipArchive::addEmptyDir when a directory already
exists). (Pierre)
Fixed bug #42368 (Incorrect error message displayed by pg_escape_string). (Ilia)
Fixed bug #42365 (glob() crashes and/or accepts way too many flags). (Jani)
Fixed bug #42364 (Crash when using getRealPath with DirectoryIterator). (Johanne
s)
Fixed bug #42292 ($PHP_CONFIG not set for phpized builds). (Jani)
Fixed bug #42261 (header wrong for date field). (roberto at spadim dot com dot b
r, Ilia)
Fixed bug #42259 (SimpleXMLIterator loses ancestry). (Rob)
Fixed bug #42247 (ldap_parse_result() not defined under win32). (Jani)
Fixed bug #42243 (copy() does not output an error when the first arg is a dir).
(Ilia)
Fixed bug #42242 (sybase_connect() crashes). (Ilia)
Fixed bug #42237 (stream_copy_to_stream returns invalid values for mmaped stream
s). (andrew dot minerd at sellingsource dot com, Ilia)
Fixed bug #42233 (Problems with in extract()). (Jani)
Fixed bug #42222 (possible buffer overflow in php_openssl_make_REQ). (Pierre)
Fixed bug #42211 (property_exists() fails to find protected properties from a pa
rent class). (Dmitry)
Fixed bug #42208 (substr_replace() crashes when the same array is passed more th
an once). (crrodriguez at suse dot de, Ilia)
Fixed bug #42198 (SCRIPT_NAME and PHP_SELF truncated when inside a userdir and u
sing PATH_INFO). (Dmitry)
Fixed bug #42195 (C++ compiler required always). (Jani)
Fixed bug #42183 (classmap causes crash in non-wsdl mode). (Dmitry)
Fixed bug #42173 (oci8 INTERVAL and TIMESTAMP type fixes). (Chris)
Fixed bug #42151 (__destruct functions not called after catching a SoapFault exc
eption). (Dmitry)
Fixed bug #42142 (substr_replace() returns FALSE when length > string length). (
Ilia)
Fixed bug #42135 (Second call of session_start() causes creation of SID). (Ilia)
Fixed bug #42134 (oci_error() returns false after oci_new_collection() fails). (
Tony)
Fixed bug #42119 (array_push($arr,&$obj) doesn't work with zend.ze1_compatibilit
y_mode On). (Dmitry)
Fixed bug #42117 (bzip2.compress loses data in internal buffer). (Philip, Ilia)
Fixed bug #42112 (deleting a node produces memory corruption). (Rob)
Fixed bug #42107 (sscanf broken when using %2$s format parameters). (Jani)
Fixed bug #42090 (json_decode causes segmentation fault). (Hannes)
Fixed bug #42082 (NodeList length zero should be empty). (Hannes)
Fixed bug #42072 (No warning message for clearstatcache() with arguments). (Ilia
)
Fixed bug #42071 (ini scanner allows using NULL as option name). (Jani)
Fixed bug #42027 (is_file() / is_dir() matches file/dirnames with wildcard char
or trailing slash in Windows). (Dmitry)
Fixed bug #42019 (configure option --with-adabas=DIR does not work). (Jani)
Fixed bug #42015 (ldap_rename(): server error "DSA is unwilling to perform"). (b
ob at mroczka dot com, Jani)
Fixed bug #42009 (is_a() and is_subclass_of() should NOT call autoload, in the s
ame way as "instanceof" operator). (Dmitry)
Fixed bug #41989 (move_uploaded_file() & relative path in ZTS mode). (Tony)
Fixed bug #41984 (Hangs on large SoapClient requests). (Dmitry)
Fixed bug #41983 (Error Fetching http headers terminated by '\n'). (Dmitry)
Fixed bug #41973 (--with-ldap=shared fails with LDFLAGS="-Wl,--as-needed"). (Nun
o)
Fixed bug #41971 (PDOStatement::fetch and PDOStatement::setFetchMode causes unex
pected behavior). (Ilia)
Fixed bug #41964 (strtotime returns a timestamp for non-time string of pattern '
(A|a) .+'). (Derick)
Fixed bug #41961 (Ensure search for hidden private methods does not stray from c
lass hierarchy). (robin_fernandes at uk dot ibm dot com)
Fixed bug #41947 (SimpleXML incorrectly registers empty strings as namespaces).
(Rob)
Fixed bug #41929 (Foreach on object does not iterate over all visible properties
). (Dmitry)
Fixed bug #41919 (crash in string to array conversion). (judas dot iscariote at
gmail dot com, Ilia)
Fixed bug #41909 (var_export() is locale sensitive when exporting float values).
(Derick)
Fixed bug #41908 (CFLAGS="-Os" ./configure --enable-debug fails). (christian at
hoffie dot info, Tony)
Fixed bug #41904 (proc_open(): empty env array should cause empty environment to
be passed to process). (Jani)
Fixed bug #41867 (SimpleXML: getName is broken). (Rob)
Fixed bug #41865 (fputcsv(): 2nd parameter is not optional). (Jani)
Fixed bug #41861 (SimpleXML: getNamespaces() returns the namespaces of a node's
siblings). (Rob)
Fixed bug #41845 (pgsql extension does not compile with PostgreSQL <7.4). (Ilia)
Fixed bug #41844 (Format returns incorrect number of digits for negative years 0001 to -0999). (Derick)
Fixed bug #41842 (Cannot create years < 0100 & negative years with date_create o
r new DateTime). (Derick)
Fixed bug #41833 (addChild() on a non-existent node, no node created, getName()
segfaults). (Rob)
Fixed bug #41831 (pdo_sqlite prepared statements convert resources to strings).
(Ilia)
Fixed bug #41815 (Concurrent read/write fails when EOF is reached). (Sascha)
Fixed bug #41813 (segmentation fault when using string offset as an object). (ju
das dot iscariote at gmail dot com, Tony)
Fixed bug #41795 (checkdnsrr does not support DNS_TXT type). (lucas at facebook
dot com, Tony)
Fixed bug #41773 (php_strip_whitespace() sends headers with errors suppressed).
(Tony)
Fixed bug #41770 (SSL: fatal protocol error due to buffer issues). (Ilia)
Fixed bug #41765 (Recode crashes/does not work on amd64). (nexus at smoula dot n
et, Stas)
Fixed bug #41724 (libxml_get_last_error() - errors service request scope). (thek
id at php dot net, Ilia)
Fixed bug #41717 (imagepolygon does not respect thickness). (Pierre)
Fixed bug #41713 (Persistent memory consumption on win32 since 5.2). (Dmitry)
Fixed bug #41711 (NULL temporary lobs not supported in OCI8). (Chris Jones, Tony
)
Fixed bug #41709 (strtotime() does not handle 00.00.0000). (Derick)
Fixed bug #41698 (float parameters truncated to integer in prepared statements).
(Ilia)
Fixed bug #41692 (ArrayObject shows weird behavior in respect to inheritance). (
Tony)
Fixed bug #41691 (ArrayObject::exchangeArray hangs Apache). (Tony)
Fixed bug #41686 (Omitting length param in array_slice not possible). (Ilia)
Fixed bug #41685 (array_push() fails to warn when next index is already occupied
). (Ilia)
Fixed bug #41655 (open_basedir bypass via glob()). (Ilia)
Fixed bug #41640 (get_class_vars produces error on class constants). (Johannes)
Fixed bug #41635 (SoapServer and zlib.output_compression with FastCGI result in
major slowdown). (Dmitry)
Fixed bug #41633 (Crash instantiating classes with self-referencing constants).
(Dmitry)
Fixed bug #41630 (segfault when an invalid color index is present in the image d
ata). (Reported by Elliot wccoder@gmail dot com) (Pierre)
Fixed bug #41628 (PHP settings leak between Virtual Hosts in Apache 1.3). (Scott
, manuel at mausz dot at)
Fixed bug #41608 (segfault on a weird code with objects and switch()). (Tony)
Fixed bug #41600 (url rewriter tags doesn't work with namespaced tags). (Ilia)
Fixed bug #41596 (Fixed a crash inside pdo_pgsql on some non-well-formed SQL que
ries). (Ilia)
Fixed bug #41594 (OCI8 statement cache is flushed too frequently). (Tony)
Fixed bug #41582 (SimpleXML crashes when accessing newly created element). (Tony
)
Fixed bug #41576 (configure failure when using --without-apxs or some other SAPI
s disabling options). (Jani)
Fixed bug #41567 (json_encode() double conversion is inconsistent with PHP). (Lu
cas, Ilia)
Fixed bug #41566 (SOAP Server not properly generating href attributes). (Dmitry)
Fixed bug #41555 (configure failure: regression caused by fix for #41265). (Jani
)
Fixed bug #41527 (WDDX deserialize numeric string array key). (Matt, Ilia)
Fixed bug #41523 (strtotime('0000-00-00 00:00:00') is parsed as 1999-11-30). (De
rick)
Fixed bug #41518 (file_exists() warns of open_basedir restriction on non-existen
t file). (Tony)
Fixed bug #41445 (parse_ini_file() has a problem with certain types of integer a
s sections). (Tony)
Fixed bug #41433 (DBA: configure fails to include correct db.h for db4). (Jani)
Fixed bug #41372 (Internal pointer of source array resets during array copying).
(Dmitry)
Fixed PHP CLI usage of php.ini from the binary location. (Hannes)
Fixed segfault in strripos(). (Tony, Joxean Koret)
Fixed gd build when used with freetype 1.x (Pierre, Tony)
Fixed bug #41525 (ReflectionParameter::getPosition() not available). (Marcus)
Fixed bug #41511 (Compile failure under IRIX 6.5.30 building md5.c). (Jani)
Fixed bug #41504 (json_decode() incorrectly decodes JSON arrays with empty strin
g keys). (Ilia)
Fixed bug #41477 (no arginfo about SoapClient::__soapCall()). (Ilia)
Fixed bug #41455 (ext/dba/config.m4 pollutes global $LIBS and $LDFLAGS). (mmarek
at suse dot cz, Tony)
Fixed bug #41442 (imagegd2() under output control). (Tony)
Fixed bug #41430 (Fatal error with negative values of maxlen parameter of file_g
et_contents()). (Tony)
Fixed bug #41423 (PHP assumes wrongly that certain ciphers are enabled in OpenSS
L). (Pierre)
Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults). (Tony, Dm
itry)
Fixed bug #41403 (json_decode cannot decode floats if localeconv decimal_point i
s not '.'). (Tony)
Fixed bug #41401 (wrong unary operator precedence). (Stas)
Fixed bug #41394 (dbase_create creates file with corrupted header). (Tony)
Fixed bug #41390 (Clarify error message with invalid protocol scheme). (Scott)
Fixed bug #41378 (fastcgi protocol lacks support for Reason-Phrase in "Status:"
header). (anight at eyelinkmedia dot com, Dmitry)
Fixed bug #41374 (whole text concats values of wrong nodes). (Rob)
Fixed bug #41358 (configure cannot determine SSL lib with libcurl >= 7.16.2). (M
ike)
Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input). (Ilia)
Fixed bug #41351 (Invalid opcode with foreach ($a[] as $b)). (Dmitry, Tony)
Fixed bug #41347 (checkdnsrr() segfaults on empty hostname). (Scott)
Fixed bug #41337 (WSDL parsing doesn't ignore non soap bindings). (Dmitry)
Fixed bug #41326 (Writing empty tags with Xmlwriter::WriteElement[ns]) (Pierre)
Fixed bug #41321 (downgrade read errors in getimagesize() to E_NOTICE). (Ilia)
Fixed bug #41304 (compress.zlib temp files left). (Dmitry)
Fixed bug #41293 (Fixed creation of HTTP_RAW_POST_DATA when there is no default
post handler). (Ilia)
Fixed bug #41291 (FastCGI does not set SO_REUSEADDR). (fmajid at kefta dot com,
Dmitry)
Fixed bug #41287 (Namespace functions don't allow xmlns definition to be optiona
l). (Rob)
Fixed bug #41283 (Bug with deserializing array key that are doubles or floats in
wddx). (Ilia)
Fixed bug #41257 (lookupNamespaceURI does not work as expected). (Rob)
Fixed bug #41236 (Regression in timeout handling of non-blocking SSL connections
during reads and writes). (Ilia)
Fixed bug #41134 (zend_ts_hash_clean not thread-safe). (marco dot cova at gmail
dot com, Tony)
Fixed bug #41097 (ext/soap returning associative array as indexed without using
WSDL). (Dmitry)
Fixed bug #41004 (minOccurs="0" and null class member variable). (Dmitry)
Fixed bug #39542 (Behavior of require/include different to < 5.2.0). (Dmitry)
Version 5.2.2
03 May 2007
Security Fixes
Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric) (Pie
rre)
Fixed a header injection via Subject and To parameters to the mail() function (M
OPB-34 by Stefan Esser) (Ilia)
Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser) (Ilia)
ds). (Tony)
Fixed bug #40451 (addAttribute() may crash when used with non-existent child nod
e). (Tony)
Fixed bug #40442 (ArrayObject::offsetExists broke in 5.2.1, works in 5.2.0). (ol
ivier at elma dot fr, Marcus)
Fixed bug #40428 (imagepstext() doesn't accept optional parameter). (Pierre)
Fixed bug #40417 (Allow multiple instances of the same named PDO token in prepar
ed statement emulation code). (Ilia)
Fixed bug #40414 (possible endless fork() loop when running fastcgi). (Dmitry)
Fixed bug #40410 (ext/posix does not compile on MacOS 10.3.9). (Tony)
Fixed bug #40392 (memory leaks in PHP milter SAPI). (tuxracer69 at gmail dot com
, Tony)
Fixed bug #40371 (pg_client_encoding() not working on Windows). (Edin)
Fixed bug #40352 (FCGI_WEB_SERVER_ADDRS function get lost). (Dmitry)
Fixed bug #40290 (strtotime() returns unexpected result with particular timezone
offset). (Derick)
Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when pa
rent is killed). (Dmitry)
Fixed bug #40261 (Extremely slow data handling due to memory fragmentation). (Dm
itry)
Fixed bug #40236 (php -a function allocation eats memory). (Dmitry)
Fixed bug #40109 (iptcembed fails on non-jfif jpegs). (Tony)
Fixed bug #39965 (Latitude and longitude are backwards in date_sun_info()). (Der
ick)
Fixed bug #39836 (SplObjectStorage empty after unserialize). (Marcus)
Fixed bug #39416 (Milliseconds in date()). (Derick)
Fixed bug #39396 (stream_set_blocking crashes on Win32). (Ilia, maurice at icebl
og dot de)
Fixed bug #39351 (relative include fails on Solaris). (Dmitry, Tony)
Fixed bug #39322 (proc_terminate() destroys process resource). (Nuno)
Fixed bug #38406 (crash when assigning objects to SimpleXML attributes). (Tony)
Fixed bug #37799 (ftp_ssl_connect() falls back to non-ssl connection). (Nuno)
Fixed bug #36496 (SSL support in imap_open() not working on Windows). (Edin)
Fixed bug #36226 (Inconsistent handling when passing nillable arrays). (Dmitry)
Fixed bug #35872 (Avoid crash caused by object store being referenced during RSH
UTDOWN). (Andy)
Fixed bug #34794 (proc_close() hangs when used with two processes). (jdolecek at
netbsd dot org, Nuno)
Fixed bug #38710 (data leakage because of nonexisting boundary checking in state
ments in mysqli) (Stas)
Fixed bug #37386 (autocreating element doesn't assign value to first node). (Rob
)
Fixed bug #37013 (server hangs when returning circular object references). (Dmit
ry)
Fixed bug #33664 Console window appears when using exec() (Richard Quadling, Sta
s)
Fixed PECL bug #10194 (crash in Oracle client when memory limit reached in the c
allback). (Tony)
Version 5.2.1
08 Feb 2007
Added CURLOPT_TCP_NODELAY constant to Curl extension. (Sara)
Added support for hex numbers of any size. (Matt)
Added function stream_socket_shutdown(). It is a wrapper for system shutdown() f
unction, that shut downs part of a full-duplex connection. (Dmitry)
Added internal heap protection (Dmitry)
memory-limit is always enabled (--enable-memory-limit removed)
default value if memory-limit is set to 128M
safe unlinking
cookies
Fixed bug #39984 (redirect response code in header() could be ignored in CGI sap
i). (Ilia)
Fixed bug #39979 (PGSQL_CONNECT_FORCE_NEW will causes next connect to establish
a new connection). (Ilia)
Fixed bug #39971 (pg_insert/pg_update do not allow now() to be used for timestam
p fields). (Ilia)
Fixed bug #39969 (ini setting short_open_tag has no effect when using --enable-m
aintainer-zts). (Dmitry)
Fixed bug #39952 (zip ignoring --with-libdir on zlib checks) (judas dot iscariot
e at gmail dot com)
Fixed bug #39944 (References broken). (Dmitry)
Fixed bug #39935 (Extensions tidy,mcrypt,mhash,pdo_sqlite ignores --with-libdir)
. (judas dot iscariote at gmail dot com, Derick)
Fixed bug #39903 (Notice message when executing __halt_compiler() more than once
). (Tony)
Fixed bug #39898 (FILTER_VALIDATE_URL validates \r\n\t etc). (Ilia)
Fixed bug #39890 (using autoconf 2.6x and --with-layout=GNU breaks PEAR install
path). (Tony)
Fixed bug #39884 (ReflectionParameter::getClass() throws exception for type hint
self). (thekid at php dot net)
Fixed bug #39878 (CURL doesn't compile on Sun Studio Pro). (Ilia)
Fixed bug #39873 (number_format() breaks with locale & decimal points). (Ilia)
Fixed bug #39869 (safe_read does not initialize errno). (michiel at boland dot o
rg, Dmitry)
Fixed bug #39850 (SplFileObject throws contradictory/wrong error messages when t
rying to open "php://wrong"). (Tony)
Fixed bug #39846 (Invalid IPv4 treated as valid). (Ilia)
Fixed bug #39845 (Persistent connections generate a warning in pdo_pgsql). (Ilia
)
Fixed bug #39832 (SOAP Server: parameter not matching the WSDL specified type ar
e set to 0). (Dmitry)
Fixed bug #39825 (foreach produces memory error). (Dmitry)
Fixed bug #39816 (apxs2filter ignores httpd.conf & .htaccess php config settings
). (Ilia)
Fixed bug #39815 (SOAP double encoding is not locale-independent). (Dmitry)
Fixed bug #39797 (virtual() does not reset changed INI settings). (Ilia)
Fixed bug #39795 (build fails on AIX because crypt_r() uses different data struc
t). (Tony)
Fixed bug #39791 (Crash in strtotime() on overly long relative date multipliers)
. (Ilia)
Fixed bug #39787 (PHP doesn't work with Apache 2.3). (mv at binarysec dot com).
Fixed bug #39782 (setTime() on a DateTime constructed with a Weekday yields inco
rrect results). (Ilia)
Fixed bug #39780 (PNG image with CRC/data error raises fatal error) (Pierre)
Fixed bug #39779 (Enable AUTH PLAIN mechanism in underlying libc-client). (micha
el dot heimpold at s2000 dot tu-chemnitz dot de, Ilia)
Fixed bug #39775 ("Indirect modification ..." message is not shown). (Dmitry)
Fixed bug #39763 (magic quotes are applied twice by ext/filter in parse_str()).
(Ilia)
Fixed bug #39760 (cloning fails on nested SimpleXML-Object). (Rob)
Fixed bug #39759 (Can't use stored procedures fetching multiple result sets in p
do_mysql). (Ilia)
Fixed bug #39754 (Some POSIX extension functions not thread safe). (Ilia, wharmb
y at uk dot ibm dot com)
Fixed bug #39751 (putenv crash on Windows). (KevinJohnHoffman at gmail.com)
Fixed bug #39732 (oci_bind_array_by_name doesn't work on Solaris 64bit). (Tony)
Fixed bug #39724 (Broken build due to spl/filter usage of pcre extension). (Tony
, Ilia)
Fixed bug #39718 (possible crash if assert.callback is set in ini). (Ilia)
Fixed bug #39702 (php crashes in the allocator on linux-m68k). (Dmitry)
Fixed bug #37588 (COM Property propputref converts to PHP function and can't be
accesed). (Rob)
Fixed bug #36975 (natcasesort() causes array_pop() to misbehave). (Hannes)
Fixed bug #36812 (pg_execute() modifies input array). (Ilia)
Fixed bug #36798 (Error parsing named parameters with queries containing high-as
cii chars). (Ilia)
Fixed bug #36644 (possible crash in variant_date_from_timestamp()). (Ilia)
Fixed bug #36427 (proc_open() / proc_close() leak handles on windows). (jdolecek
at NetBSD dot org, Nuno)
Fixed bug #36392 (wrong number of decimal digits with %e specifier in sprintf).
(Matt,Ilia)
Fixed bug #36214 (__get method works properly only when conditional operator is
used). (Dmitry)
Fixed bug #35634 (Erroneous "Class declarations may not be nested" error raised)
. (Carl P. Corliss, Dmitry)
Fixed bug #35106 (nested foreach fails when array variable has a reference). (Dm
itry)
Fixed bug #34564 (COM extension not returning modified "out" argument) (Andy)
Fixed bug #33734 (Something strange with COM Object). (Rob)
Fixed bug #33386 (ScriptControl only sees last function of class). (Rob)
Fixed bug #33282 (Re-assignment by reference does not clear the is_ref flag) (Il
ia, Dmitry, Matt Wilmas)
Fixed bug #30074 (apparent symbol table error with extract($blah, EXTR_REFS)) (B
rian)
Fixed bug #29840 (is_executable() does not honor safe_mode_exec_dir setting). (I
lia)
Fixed PECL bug #7295 (ORA-01405: fetched column value is NULL on LOB fields). (T
ony)
Version 5.2.0
02 Nov 2006
Updated bundled OpenSSL to version 0.9.8d in the Windows distro. (Edin)
Updated Postgresql client libraries to 8.1.4 in the Windows distro. (Edin)
Updated PCRE to version 6.7. (Ilia)
Updated libsqlite in ext/pdo_sqlite to 3.3.7. (Ilia)
Updated bundled MySQL client library to version 5.0.22 in the Windows distributi
on. (Edin)
Updated timezonedb to version 2006.14. (Derick)
Added ability to make SOAP call userspace PHP<->XML converters. (Dmitry)
Added support for character sets in pg_escape_string() for PostgreSQL 8.1.4 and
higher. (Ilia)
Added support for character sets in PDO quote() method for PostgreSQL 8.1.4 and
higher. (Ilia)
Added DSA key generation support to openssl_pkey_new(), FR #38731 (marci at bala
bit dot hu, Tony)
Added SoapServer::setObject() method (it is a simplified version of SoapServer::
setClass() method). (Dmitry)
Added support for hexadecimal entity in imagettftext() for the bundled GD. (Pier
re)
Added support for httpOnly flag for session extension and cookie setting functio
ns. (Scott MacVicar, Ilia)
Added version specific registry keys to allow different configurations for diffe
rent php version. (Richard, Dmitry)
Added "PHPINIDir" Apache directive to apache and apache_hooks SAPIs. (Dmitry)
Added an optional boolean parameter to memory_get_usage() and memory_get_peak_us
age() to get memory size allocated by emalloc() or real size of memory allocated
from system. (Dmitry)
Added Zip Archive extension. (Pierre)
Added RFC1867 fileupload processing hook. (Stefan E.)
Added JSON and Filter extensions. (Derick, Rasmus, Pierre, Ilia)
.cache_expire). (Tony)
Fixed bug #38276 file_exists() works incorrectly with long filenames on Windows)
. (Ilia, Tony)
Fixed bug #38269 fopen wrapper doesn't fail on invalid hostname with curlwrapper
s enabled). (Tony)
Fixed bug #38265 heap corruption). (Dmitry)
Fixed bug #38261 openssl_x509_parse() leaks with invalid cert) (Pierre)
Fixed bug #38255 openssl possible leaks while passing keys) (Pierre)
Fixed bug #38253 PDO produces segfault with default fetch mode). (Tony)
Fixed bug #38251 socket_select() and invalid arguments). (Tony)
Fixed bug #38236 Binary data gets corrupted on multipart/formdata POST). (Ilia)
Fixed bug #38234 Exception in __clone makes memory leak). (Dmitry, Nuno)
Fixed bug #38229 strtotime() does not parse YYYY-MM format). (Ilia)
Fixed bug #38224 session extension can't handle broken cookies). (Ilia)
Fixed bug #38220 Crash on some object operations). (Dmitry)
Fixed bug #38217 ReflectionClass::newInstanceArgs() tries to allocate too much m
emory). (Tony)
Fixed bug #38214 gif interlace output cannot work). (Pierre)
Fixed bugs #38213, #37611, #37571 (wddx encoding fails to handle certain charact
ers). (Ilia)
Fixed bug #38212 Segfault on invalid imagecreatefromgd2part() parameters). (Pier
re)
Fixed bug #38211 variable name and cookie name match breaks script execution). (
Dmitry)
Fixed bug #38199 fclose() unable to close STDOUT and STDERR). (Tony)
Fixed bug #38198 possible crash when COM reports an exception). (Ilia)
Fixed bug #38194 ReflectionClass::isSubclassOf() returns TRUE for the class itse
lf). (Ilia)
Fixed bug #38183 disable_classes=Foobar causes disabled class to be called Foo).
(Jani)
Fixed bug #38179 imagecopy from a palette to a truecolor image loose alpha chann
el) (Pierre)
Fixed bug #38173 Freeing nested cursors causes OCI8 to segfault). (Tony)
Fixed bug #38168 Crash in pdo_pgsql on missing bound parameters). (Ilia)
Fixed bug #38161 oci_bind_by_name() returns garbage when Oracle didn't set the v
ariable). (Tony)
Fixed bug #38146 Cannot use array returned from foo::__get('bar') in write conte
xt). (Dmitry)
Fixed bug #38132 ReflectionClass::getStaticProperties() retains \0 in key names)
. (Ilia)
Fixed bug #38125 undefined reference to spl_dual_it_free_storage). (Marcus)
Fixed bug #38112 corrupted gif segfaults) (Pierre)
Fixed bug #38096 large timeout values ignored on 32bit machines in stream_socket
_accept() and stream_socket_client()). (Ilia)
Fixed bug #38086 stream_copy_to_stream() returns 0 when maxlen is bigger than th
e actual length). (Tony)
Fixed bug #38072 boolean arg for mysqli_autocommit() is always true on Solaris).
(Tony)
Fixed bug #38067 Parameters are not decoded from utf-8 when using encoding optio
n). (Dmitry)
Fixed bug #38064 ignored constructor visibility). (Marcus)
Fixed bug #38055 Wrong interpretation of boolean parameters). (Dmitry)
Fixed bug #38047 "file" and "line" sometimes not set in backtrace from inside er
ror handler). (Dmitry)
Fixed bug #38019 segfault extending mysqli class). (Dmitry)
Fixed bug #38005 SoapFault faultstring doesn't follow encoding rules). (Dmitry)
Fixed bug #38004 Parameters in SoapServer are decoded twice). (Dmitry)
Fixed bug #38003 in classes inherited from MySQLi it's possible to call private
constructors from invalid context). (Tony)
Fixed bug #37987 invalid return of file_exists() in safe mode). (Ilia)
(Dmitry)
(Rob)
(Wez).
Fixed bug #36857 (Added support for partial content fetching to the HTTP streams
wrapper). (Ilia)
Fixed bug #36851 (Documentation and code discrepancies for NULL data in oci_fetc
h_*() functions). (Tony)
Fixed bug #36825 (Exceptions thrown in ArrayObject::offsetGet cause segfault). (
Tony)
Fixed bug #36820 (Privileged connection with an Oracle password file fails). (To
ny)
Fixed bug #36809 (__FILE__ behavior changed). (Dmitry)
Fixed bug #36808 (syslog ident becomes garbage between requests). (Tony)
Fixed bug #36802 (mysqli_set_charset() crash with a non-open connection). (Ilia)
Fixed bug #36756 (DOMDocument::removeChild corrupts node). (Rob)
Fixed bug #36749 (SOAP: 'Error Fetching http body' when using HTTP Proxy). (Dmit
ry)
Fixed bug #36745 (No error message when load data local file isn't found). (Geor
g)
Fixed bug #36743 (In a class extending XMLReader array properties are not writab
le). (Tony)
Fixed bug #36727 (segfault in pdo_pgsql bindValue() when no parameters are defin
ed). (Tony)
Fixed bug #36721 (The SoapServer is not able to send a header that it didn't rec
eive). (Dmitry)
Fixed bug #36697 (Transparency is lost when using imagecreatetruecolor). (Pierre
)
Fixed bug #36689 (Removed arbitrary limit on the length of syslog messages). (Il
ia)
Fixed bug #36656 (http_build_query generates invalid URIs due to use of square b
rackets). (Mike)
Fixed bug #36638 (strtotime() returns false when 2nd argument < 1). (Derick)
Fixed bug #36629 (SoapServer::handle() exits on SOAP faults). (Dmitry)
Fixed bug #36625 (pg_trace() does not work). (iakio at mono-space dot net)
Fixed bug #36614 (Segfault when using Soap). (Dmitry)
Fixed bug #36611 (assignment to SimpleXML object attribute changes argument type
to string). (Tony)
Fixed bug #36606 (pg_query_params() changes arguments type to string). (Tony)
Fixed bug #36599 (DATE_W3C format constant incorrect). (Derick)
Fixed bug #36575 (SOAP: Incorrect complex type instantiation with hierarchies).
(Dmitry)
Fixed bug #36572 (Added PDO::MYSQL_ATTR_DIRECT_QUERY constant that should be set
when executing internal queries like "show master status" via MySQL). (Ilia)
Fixed bug #36568 (memory_limit setting on win32 has no effect). (Dmitry)
Fixed bug #36513 (comment will be outputted in last line). (Dmitry)
Fixed bug #36510 (strtotime() fails to parse date strings with tabs). (Ilia, Der
ick)
Fixed bug #36459 (Incorrect adding PHPSESSID to links, which contains \r\n). (Il
ia)
Fixed bug #36458 (sleep() accepts negative values). (Ilia)
Fixed bug #36436 (DBA problem with Berkeley DB4). (Marcus)
Fixed bug #36434 (Improper resolution of declaring class name of an inherited pr
operty). (Ilia)
Fixed bug #36420 (segfault when access result->num_rows after calling result->cl
ose()). (Ilia,Tony)
Fixed bug #36403 (oci_execute() no longer supports OCI_DESCRIBE_ONLY). (Tony)
Fixed bug #36400 (Custom 5xx error does not return correct HTTP response error c
ode). (Tony)
Fixed bug #36396 (strtotime() fails to parse dates in dd-mm-yyyy format). (Deric
k)
Fixed bug #36388 (ext/soap crashes when throwing exception and session persisten
ce). (David)
Fixed bug #36382 (PDO/PgSQL's getColumnMeta() crashes). (Derick)
Fixed bug #36359 (splFileObject::fwrite() doesn't write when no data length spec
ified). (Tony)
Fixed bug #36351 (parse_url() does not parse numeric paths properly). (Ilia)
Fixed bug #36345 (PDO/MySQL problem loading BLOB over 1MB). (Ilia)
Fixed bug #36337 (ReflectionProperty fails to return correct visibility). (Ilia)
Fixed bug #36334 (Added missing documentation about realpath cache INI settings)
. (Ilia)
Fixed bug #36308 (ReflectionProperty::getDocComment() does not reflect extended
class commentary). (Ilia)
Fixed bug #36306 (crc32() differ on 32-bit and 64-bit platforms) (anight@eyelink
media dot com, Pierre)
Fixed bug #36303 (foreach on error_zval produces segfault). (Dmitry)
Fixed bug #36295 (typo in SplFileObject::flock() parameter name). (Tony)
Fixed bug #36287 (Segfault with SplFileInfo conversion). (Marcus)
Fixed bug #36283 (SOAPClient Compression Broken). (Dmitry)
Fixed bug #36268 (Object destructors called even after fatal errors). (Dmitry)
Fixed bug #36258 (SplFileObject::getPath() may lead to segfault). (Tony)
Fixed bug #36250 (PHP causes ORA-07445 core dump in Oracle server 9.2.x). (Tony)
Fixed bug #36242 (Possible memory corruption in stream_select()). (Tony)
Fixed bug #36235 (ocicolumnname returns false before a successful fetch). (Tony)
Fixed bug #36226 (Inconsistent handling when passing potential arrays). (Dmitry)
Fixed bug #36224 (date(DATE_ATOM) gives wrong results). (Derick, Hannes Magnusso
n)
Fixed bug #36222 (errorInfo in PDOException is always NULL). (Ilia)
Fixed bug #36208 (symbol namespace conflicts using bundled gd). (Jakub Moc)
Fixed bug #36205 (Memory leaks on duplicate cookies). (Dmitry)
Fixed bug #36185 (str_rot13() crash on non-string parameter). (Pierre)
Fixed bug #36176 (PDO_PGSQL - PDO::exec() does not return number of rows affecte
d by the operation). (Ilia)
Fixed bug #36158 (SIGTERM is not handled correctly when running as a FastCGI ser
ver). (Dmitry)
Fixed bug #36152 (problems with curl+ssl and pgsql+ssl in same PHP). (Mike)
Fixed bug #36148 (unpack("H*hex", $data) is adding an extra character to the end
of the string). (Ilia)
Fixed bug #36134 (DirectoryIterator constructor failed to detect empty directory
names). (Ilia)
Fixed bug #36113 (Reading records of unsupported type causes segfault). (Tony)
Fixed bug #36096 (oci_result() returns garbage after oci_fetch() failed). (Tony)
Fixed bug #36083 (SoapClient waits for responses on one-way operations). (Dmitry
)
Fixed bug #36071 (Engine Crash related with 'clone'). (Dmitry)
Fixed bug #36055 (possible OCI8 crash in multi-threaded environment). (Tony)
Fixed bug #36046 (parse_ini_file() miscounts lines in multi-line values). (Ilia)
Fixed bug #36038 (ext/hash compile failure on Mac OSX). (Tony)
Fixed bug #36037 (heredoc adds extra line number). (Dmitry)
Fixed bug #36016 (realpath cache memleaks). (Dmitry, Nuno)
Fixed bug #36011 (Strict errormsg wrong for call_user_func() and the likes). (Ma
rcus)
Fixed bug #36010 (Segfault when re-creating and re-executing statements with bou
nd parameters). (Tony)
Fixed bug #36006 (Problem with $this in __destruct()). (Dmitry)
Fixed bug #35999 (recursive mkdir() does not work with relative path like "foo/b
ar"). (Tony)
Fixed bug #35998 (SplFileInfo::getPathname() returns unix style filenames in win
32). (Marcus)
Fixed bug #35988 (Unknown persistent list entry type in module shutdown). (Dmitr
y)
Fixed bug #35954 (Fatal com_exception casting object). (Rob)
Fixed bug #35900 (stream_select() should warning when tv_sec is negative). (Ilia
)
Fixed bug #35785 (SimpleXML causes memory read error zend engine). (Marcus)
Fixed bug #34272 (empty array onto COM object blows up). (Rob)
Fixed bug #29476 (sqlite_fetch_column_types() locks the database forever). (Ilia
)
Version 5.1.2
12 Jan 2006
Updated libsqlite in ext/sqlite to 2.8.17. (Ilia)
Updated libsqlite in ext/pdo_sqlite to 3.2.8. (Ilia)
Updated to libxml2-2.6.22 and libxslt-1.1.15 in the win32 bundle. (Rob)
Added new extensions: (Ilia, Wez)
XMLWriter
Hash
Added PNG compression support to GD extension. (Pierre)
Added reflection constants as class constants. (Johannes)
Added --enable-gcov configure option to enable C-level code coverage. (John, Jan
i, Ilia, Marcus)
Added missing support for 'B' format identifier to date() function. (Ilia)
Changed reflection to be an extension. (Marcus)
Improved SPL extension: (Marcus)
Added class SplFileInfo as root class for DirectoryIterator and SplFileObject
Added SplTempFileObject
Improved SimpleXML extension: (Marcus)
Fixed memleaks
Fixed var_dump()
Fixed isset/empty/(bool) behavior
Fixed iterator edge cases
Added methods getNamespaces(), getDocNamespaces()
Upgraded pear to version 1.4.6. (Greg)
Added constants for libxslt and libexslt versions: LIBXSLT_VERSION, LIBXSLT_DOTT
ED_VERSION, LIBEXSLT_VERSION and LIBEXSLT_DOTTED_VERSION. (Pierre)
Added an optional parameter to parse_url() to allow retrieval of distinct URL co
mponents. (Ilia)
Fixed possible crash in apache_getenv()/apache_setenv() on invalid parameters. (
Ilia)
Changed errors to warnings in imagecolormatch(). (Pierre)
Fixed segfault/leak in imagecolormatch(). (Pierre)
Fixed small leak in mysqli_stmt_fetch() when bound variable was empty string. (A
ndrey)
Fixed prepared statement name conflict handling in PDO_PGSQL. (Thies, Ilia)
Fixed memory corruption when PDO::FETCH_LAZY mode is being used. (Ilia)
Fixed possible leaks in imagecreatefromstring() with invalid data. (Pierre)
Fixed possible memory corruption inside mb_strcut(). (Ilia)
Fixed possible header injection by limiting each header to a single line. (Ilia)
Fixed possible XSS inside error reporting functionality. (Ilia)
Fixed many bugs in OCI8. (Tony)
Fixed crash and leak in mysqli when using 4.1.x client libraries and connecting
to 5.x server. (Andrey)
Fixed bug #35916 (Duplicate calls to stream_bucket_append() lead to a crash). (I
lia)
Fixed bug #35908 (curl extension uses undefined GCRY_THREAD_OPTIONS_USER). (Ilia
)
Fixed bug #35907 (PDO_OCI uses hardcoded lib path $ORACLE_HOME/lib). (Tony)
Fixed bug #35887 (wddx_deserialize not parsing dateTime fields properly). (Deric
k)
Fixed bug #35885 (strtotime("NOW") no longer works). (Derick)
Fixed bug #35821 (array_map() segfaults when exception is throwed from the callb
ack). (Tony)
Fixed bug #35817 (unpack() does not decode odd number of hexadecimal values). (I
lia)
Fixed bug #35422 (strtotime() does not parse times with UTC as timezone). (Ilia)
Fixed bug #35414 (strtotime() no longer works with ordinal suffix). (Ilia)
Fixed bug #35410 (wddx_deserialize() doesn't handle large ints as keys properly)
. (Ilia)
Fixed bug #35409 (undefined reference to 'rl_completion_matches'). (Jani)
Fixed bug #35399 (Since fix of bug #35273 SOAP decoding of soapenc:base64binary
fails). (Dmitry)
Fixed bug #35393 (changing static protected members from outside the class, one
more reference issue). (Dmitry)
Fixed bug #35381 (ssl library is not initialized properly). (Alan)
Fixed bug #35377 (PDO_SQLITE: undefined reference to "fdatasync"). (Nuno, Jani)
Fixed bug #35373 (HP-UX "alias not allowed in this configuration"). (Dmitry)
Fixed bug #35288 (iconv() function defined as libiconv()). (Nuno)
Fixed bug #35103 (mysqli handles bad unsigned (big)int incorrectly).(Andrey)
Fixed bug #35062 (socket_read() produces warnings on non blocking sockets). (Nun
o, Ilia)
Fixed bug #35028 (SimpleXML object fails FALSE test). (Marcus)
Fixed bug #34729 (Crash in ZTS mode under Apache). (Dmitry, Zeev)
Fixed bug #34429 (Output buffering cannot be turned off with FastCGI). (Dmitry,
Ilya)
Fixed bug #34359 (Possible crash inside fopen http wrapper). (Ilia, Sara, Nuno)
Fixed bug #33789 (Many Problems with SunFuncs). (Derick)
Fixed bug #33671 (sun_rise and sun_set don't return a GMT timestamp if one passe
s an offset). (Derick)
Fixed bug #32820 (date_sunrise and date_sunset don't handle GMT offset well). (D
erick)
Fixed bug #31347 (is_dir and is_file (incorrectly) return true for any string gr
eater then 255 characters). (Nuno, Ilia)
Fixed bug #30937 (date_sunrise() & date_sunset() don't handle endless day/night
at high latitudes). (Derick)
Fixed bug #30760 (Remove MessageBox on win32 for E_CORE errors if display_startu
p_error is off). (Ilia)
Fixed bug #29955 (mb_strtoupper() / lower() broken with Turkish encoding). (Rui)
Fixed bug #28899 (mb_substr() and substr() behave differently when "mbstring.fun
c_overload" is enabled). (Rui)
Fixed bug #27678 (number_format() crashes with large numbers). (Marcus)
Version 5.1.1
28 Nov 2005
Disabled native date class to prevent pear::date conflict. (Ilia)
Improved safe_mode/open_basedir checks in cURL extension. (Ilia, Jani)
Changed reflection constants be both PHP and class constants. (Johannes)
Added an additional field $frame['object'] to the result array of debug_backtrac
e() that contains a reference to the respective object when the frame was called
from an object. (Sebastian)
Fixed bug #35423 (RecursiveDirectoryIterator doesnt appear to recurse with Recur
siveFilterIterator). (Marcus)
Fixed bug #35413 (Removed -dev flag from Zend Engine version). (Ilia)
Fixed bug #35411 (Regression with \{$ handling). (Ilia)
Fixed bug #35406 (eval hangs when evall'ed code ends with comment w/o newline).
(Marcus)
Fixed bug #35391 (pdo_mysql::exec does not return number of affected rows). (Ton
y)
Fixed bug #35382 (Comment in end of file produces fatal error). (Ilia)
Fixed bug #35360 (exceptions in interactive mode (php -a) may cause crash). (Dmi
try)
Fixed bug #35358 (Incorrect error messages for PDO class constants). (Ilia)
Fixed bug #35338 (pdo_pgsql does not handle binary bound params). (Wez)
Fixed bug #35316 (Application exception trying to create COM object). (Rob)
Fixed bug #35170 (PHP_AUTH_DIGEST differs under Apache 1.x and 2.x). (Ilia)
Version 5.1.0
24 Nov 2005
Added support for class constants and static members for internal classes. (Dmit
ry, Michael Wallner)
Added "new_link" parameter to mssql_connect() (Bug #34369). (Frank)
Added missing safe_mode checks for image* functions and cURL. (Ilia)
Added missing safe_mode/open_basedir checks for file uploads. (Ilia)
Added PDO_MYSQL_ATTR_USE_BUFFERED_QUERY parameter for pdo_mysql. (Ilia)
Added date_timezone_set() function to set the timezone that the date functions w
ill use. (Derick)
Added pg_fetch_all_columns() function to fetch all values of a column from a res
ult cursor. (Ilia)
Added support for LOCK_EX flag for file_put_contents(). (Ilia)
Added bindto socket context option. (Ilia)
Added offset parameter to the stream_copy_to_stream() function. (Ilia)
Added offset & length parameters to substr_count() function. (Ilia)
Added man pages for "phpize" and "php-config" scripts. (Jakub Vrana)
Added support for .cc files in extensions. (Brian)
Added PHP_INT_MAX and PHP_INT_SIZE as predefined constants. (Andrey)
Added user opcode API that allow overloading of opcode handlers. (Dmitry)
Added an optional remove old session parameter to session_regenerate_id(). (Ilia
)
Added array type hinting. (Dmitry)
Added the tidy_get_opt_doc() function to return documentation for configuration
options in tidy. (Patch by: nlopess@php.net)
Added support for .cc files in extensions. (Brian)
Added imageconvolution() function which can be used to apply a custom 3x3 matrix
convolution to an image. (Pierre)
Added optional first parameter to XsltProcessor::registerPHPFunctions to only al
low certain functions to be called from XSLT. (Christian)
Added the ability to override the autotools executables used by the buildconf sc
ript via the PHP_AUTOCONF and PHP_AUTOHEADER environmental variables. (Jon)
Added several new functions to support the PostgreSQL v3 protocol introduced in
PostgreSQL 7.4. (Christopher)
pg_transaction_status() - in-transaction status of a database connection.
pg_query_params() - execution of parameterized queries.
pg_prepare() - prepare named queries.
pg_execute() - execution of named prepared queries.
pg_send_query_params() - async equivalent of pg_query_params().
pg_send_prepare() - async equivalent of pg_prepare().
pg_send_execute() - async equivalent of pg_execute().
pg_result_error_field() - highly detailed error information, most importantly th
e SQLSTATE error code.
pg_set_error_verbosity() - set verbosity of errors.
Added optional fifth parameter "count" to preg_replace_callback() and preg_repla
ce() to count the number of replacements made. FR #32275. (Andrey)
Added optional third parameter "charlist" to str_word_count() which contains cha
racters to be considered as word part. FR #31560. (Andrey, Ilia)
Added interface Serializable. (Stanislav, Marcus)
Added pg_field_type_oid() PostgreSQL function. (mauroi at digbang dot com)
Added zend_declare_property_...() and zend_update_property_...() API functions f
or bool, double and binary safe strings. (Hartmut)
Added possibility to access INI variables from within .ini file. (Andrei)
Added variable $_SERVER['REQUEST_TIME'] containing request start time. (Ilia)
Added optional float parameter to gettimeofday(). (Ilia)
Added apache_reset_timeout() Apache1 function. (Rasmus)
Added sqlite_fetch_column_types() 3rd argument for arrays. (Ilia)
Added optional offset parameter to stream_get_contents() and file_get_contents()
. (Ilia)
Fixed bug #34757 (iconv_substr() gives "Unknown error" when offset > string leng
th). (Tony)
Fixed bug #34742 (ftp wrapper failures caused from segmented command transfer).
(Ilia)
Fixed bug #34725 (CLI segmentation faults during cleanup). (Dmitry)
Fixed bug #34723 (array_count_values() strips leading zeroes). (Tony)
Fixed bug #34712 (zend.ze1_compatibility_mode = on segfault). (Dmitry)
Fixed bug #34704 (Infinite recursion due to corrupt JPEG). (Marcus)
Fixed bug #34678 (__call(), is_callable() and static methods). (Dmitry)
Fixed bug #34676 (missing support for strtotime("midnight") and strtotime("noon"
)). (Derick)
Fixed bug #34645 (ctype corrupts memory when validating large numbers). (Ilia)
Fixed bug #34643 (wsdl default value has no effect). (Dmitry)
Fixed bug #34623 (Crash in pdo_mysql on longtext fields). (Ilia)
Fixed bug #34617 (zend_deactivate: objects_store used after zend_objects_store_d
estroy is called). (Dmitry)
Fixed bug #34590 (User defined PDOStatement class can't implement methods). (Mar
cus)
Fixed bug #34584 (Segfault with SPL autoload handler). (Marcus)
Fixed bug #34581 (crash with mod_rewrite). (Tony, Ilia)
Fixed bug #34565 (mb_send_mail does not fetch mail.force_extra_parameters). (Mar
co, Ilia)
Fixed bug #34557 (php -m exits with "error" 1). (Johannes)
Fixed bug #34518 (Unset doesn't separate container in CV). (Dmitry)
Fixed bug #34505 (Possible memory corruption when unmangling properties with emp
ty names). (Tony)
Fixed bug #34478 (Incorrect parsing of url's fragment (#...)). (Dmitry)
Fixed bug #34467 (foreach + __get + __set inconsistency). (Dmitry)
Fixed bug #34456 (Possible crash inside pspell extension). (Ilia)
Fixed bug #34453 (parsing http://www.w3.org/2001/xml.xsd exception). (Dmitry)
Fixed bug #34450 (Segfault when calling mysqli_close() in destructor). (Tony)
Fixed bug #34449 (ext/soap: XSD_ANYXML functionality not exposed). (Dmitry)
Fixed bug #34420 (Possible crash inside curl_multi_remove_handle()). (Ilia)
Fixed bug #34358 (Fatal error: Cannot re-assign $this). (Dmitry)
Fixed bug #34331 (php crashes when variables_order is empty). (Ilia)
Fixed bug #34321 (Possible crash in filter code). (Ilia)
Fixed bug #34311 (unserialize() crashes with chars above 191 dec). (Nuno)
Fixed bug #34310 (foreach($arr as $c->d => $x) crashes). (Dmitry)
Fixed bug #34307 (on_modify handler not called to set the default value if setti
ng from php.ini was invalid). (Andrei)
Fixed bug #34306 (wddx_serialize_value() crashes with long array keys). (Jani)
Fixed bug #34304 (date() doesn't have a modifier for ISO Week Day). (Derick)
Fixed bug #34302 (date('W') do not return leading zeros for week 1 to 9). (Deric
k)
Fixed bug #34299 (ReflectionClass::isInstantiable() returns true for abstract cl
asses). (Marcus)
Fixed bug #34284 (CLI phpinfo showing html on _SERVER["argv"]). (Jani)
Fixed bug #34277 (array_filter() crashes with references and objects). (Dmitry)
Fixed bug #34276 (setAttributeNS doesn't work with default namespace). (Rob)
Fixed bug #34260 (Segfault with callbacks (array_map) + overloading). (Dmitry)
Fixed bug #34257 (lib64 not handled correctly in ming extension). (Marcus)
Fixed bug #34221 (Compiling xmlrpc as shared fails other parts). (Jani)
Fixed bug #34216 (Segfault with autoload). (Marcus)
Fixed bug #34199 (if($obj)/if(!$obj) inconsistency because of cast handler). (Dm
itry, Alex)
Fixed bug #34191 (ob_gzhandler does not enforce trailing \0). (Ilia)
Fixed bug #34156 (memory usage remains elevated after memory limit is reached).
(Ilia)
Fixed bug #34148 (+,- and . not supported as parts of scheme). (Ilia)
Fixed bug #34137 (assigning array element by reference causes binary mess). (Dmi
try)
Fixed bug #34103 (line numbering not maintained in dom document). (Rob)
Fixed bug #34078 (Reflection API problems in methods with boolean or null defaul
t values). (Tony)
Fixed bug #34068 (Numeric string as array key not cast to integer in wddx_deseri
alize()). (Ilia)
Fixed bug #34064 (arr[] as param to function in class gives invalid opcode). (Dm
itry)
Fixed bug #34062 (Crash in catch block when many arguments are used). (Dmitry)
Fixed bug #34052 (date('U') returns %ld not unix timestamp). (Nuno)
Fixed bug #34045 (Buffer overflow with serialized object). (Dmitry)
Fixed bug #34001 (pdo_mysql truncates numeric fields at 4 chars). (Ilia)
Fixed bug #33999 (object remains object when cast to int). (Dmitry)
Fixed bug #33996 (No information given for fatal error on passing invalid value
to typed argument). (Dmitry)
Fixed bug #33989 (extract($GLOBALS,EXTR_REFS) crashes PHP). (Dmitry)
Fixed bug #33987 (php script as ErrorDocument causes crash in Apache 2). (Ilia)
Fixed bug #33967 (misuse of Exception constructor doesn't display errorfile). (J
ani)
Fixed bug #33966 (Wrong use of reflectionproperty causes a segfault). (Tony)
Fixed bug #33963 (mssql_bind() fails on input parameters). (Frank)
Fixed bug #33958 (duplicate cookies and magic_quotes=off may cause a crash). (Il
ia)
Fixed bug #33957 (gmdate('W')/date('W') sometimes returns wrong week number). (D
erick)
Fixed bug #33940 (array_map() fails to pass by reference when called recursively
). (Dmitry)
Fixed bug #33917 (number_format() output with > 1 char separators). (Jani)
Fixed bug #33904 (input array keys being escaped when magic quotes is off). (Ili
a)
Fixed bug #33903 (spl_autoload_register class method). (Marcus)
Fixed bug #33899 (CLI: setting extension_dir=some/path extension=foobar.so does
not work). (Jani)
Fixed bug #33882 (CLI was looking for php.ini in wrong path). (Hartmut)
Fixed bug #33869 (strtotime() problem with "+1days" format). (Ilia)
Fixed bug #33841 (pdo sqlite driver forgets to update affected column count on e
xecution of prepared statments). (Ilia)
Fixed bug #33837 (Informix ESQL version numbering schema changed). (Jani)
Fixed bug #33829 (mime_content_type() returns text/plain for gzip and bzip files
). (Derick)
Fixed bug #33802 (throw Exception in error handler causes crash). (Dmitry)
Fixed bug #33771 (error_reporting falls to 0 when @ was used inside try/catch bl
ock). (Tony)
Fixed bug #33760 (cURL needs to implement CRYPTO_callback functions to prevent l
ocking). (Mike, Ilia)
Fixed bug #33732 (Wrong behavior of constants in class and interface extending).
(Dmitry)
Fixed bug #33723 (php_value overrides php_admin_value). (Dmitry)
Fixed bug #33720 (mb_encode_mimeheader does not work for multibyte chars). (Rui)
Fixed bug #33710 (ArrayAccess objects does not initialize $this). (Dmitry)
Fixed bug #33690 (Crash setting some ini directives in httpd.conf). (Rasmus)
Fixed bug #33673 (Added detection for partially uploaded files). (Ilia)
Fixed bug #33605 (substr_compare() crashes with negative offset and length). (To
ny)
Fixed bug #33597 (setcookie() "expires" date format doesn't comply with RFC). (T
ony)
Fixed bug #33588 (LDAP: RootDSE query not possible). (Jani)
Fixed bug #33578 (strtotime() problem with "Oct17" format). (Derick)
Fixed bug #33578 (strtotime() doesn't understand "11 Oct" format). (Derick)
Fixed bug #33562 (date("") crashes). (Derick)
Fixed bug #33558 (warning with nested calls to functions returning by reference)
. (Dmitry)
Fixed bug #33536 (strtotime() defaults to now even on non time string). (Derick)
Fixed bug #33532 (Different output for strftime() and date()). (Derick)
Fixed bug #33523 (Memory leak in xmlrpc_encode_request()). (Ilia)
Fixed bug #33520 (crash if safe_mode is on and session.save_path is changed). (D
mitry)
Fixed bug #33512 (Add missing support for isset()/unset() overloading to complem
ent the property get/set methods). (Dmitry)
Fixed bug #33491 (crash after extending MySQLi internal class). (Tony)
Fixed bug #33475 (cURL handle is not closed on curl_close(). (Ilia)
Fixed bug #33469 (Compile error undefined reference to ifx_checkAPI). (Jani)
Fixed bug #33433 (strtoll not available on Tru64). (Jani, Derick)
Fixed bug #33427 (ext/odbc: check if unixODBC header file exists). (Jani)
Fixed bug #33415 (strtotime() related bugs). (Derick)
Fixed bug #33414 (Comprehensive list of incorrect days returned after strtotime(
) / date() tests). (Derick)
Fixed bug #33389 (double free() when exporting a ReflectionClass). (Marcus)
Fixed bug #33383 (crash when retrieving empty LOBs). (Tony)
Fixed bug #33382 (array_reverse() fails after *sort()), introduced by zend_hash_
sort() optimizations in HEAD. (Tony)
Fixed bug #33340 (CLI Crash when calling php:function from XSLT). (Rob)
Fixed bug #33326 (Cannot build extensions with phpize on Macosx). (Jani)
Fixed bug #33318 (throw 1; results in Invalid opcode 108/1/8). (Dmitry)
Fixed bug #33312 (ReflectionParameter methods do not work correctly). (Dmitry)
Fixed bug #33299 (php:function no longer handles returned dom objects). (Rob, Jo
e Orton)
Fixed bug #33286 (nested array_walk() calls and user array compare functions bro
ken; FCI cache). (Andrei, patch from m.bretz@metropolis-ag.de)
Fixed bug #33277 (private method accessed by child class). (Dmitry)
Fixed bug #33268 (iconv_strlen() works only with a parameter of < 3 in length).
(Ilia)
Fixed bug #33257 (array_splice() inconsistent when passed function instead of va
riable). (Dmitry)
Fixed bug #33243 (ze1_compatibility_mode does not work as expected). (Dmitry)
Fixed bug #33242 (Mangled error message when stream fails). (Derick)
Fixed bug #33222 (segfault when CURL handle is closed in a callback). (Tony)
Fixed bug #33214 (odbc_next_result does not signal SQL errors with 2-statement S
QL batches). (rich at kastle dot com, Tony)
Fixed bug #33212 ([GCC 4]: 'zend_error_noreturn' aliased to external symbol 'zen
d_error'). (Dmitry)
Fixed bug #33210 (relax jpeg recursive loop protection). (Ilia)
Fixed bug #33201 (Crash when fetching some data types). (Frank)
Fixed bug #33200 (preg_replace(): magic_quotes_sybase=On makes 'e' modifier misb
ehave). (Jani)
Fixed bug #33185 (--enable-session=shared does not build). (Jani)
Fixed bug #33171 (foreach enumerates private fields declared in base classes). (
Dmitry)
Fixed bug #33167 (Possible crash inside pg_fetch_array()). (Ilia)
Fixed bug #33164 (Soap extension incorrectly detects HTTP/1.1). (Ilia)
Fixed bug #33156 (cygwin version of setitimer doesn't accept ITIMER_PROF). (Nuno
)
Fixed bug #33153 (crash in mssql_next result). (Frank)
Fixed bug #33150 (shtool: insecure temporary file creation). (Jani)
Fixed bug #33136 (method offsetSet in class extended from ArrayObject crash PHP)
. (Marcus)
Fixed bug #33125 (imagecopymergegray() produces mosaic rainbow effect). (Pierre)
Fixed bug #33116 (crash when assigning class name to global variable in __autolo
ad). (Dmitry)
Fixed bug #33090 (mysqli_prepare() doesn't return an error). (Georg)
Fixed bug #33076 (str_ireplace() incorrectly counts result string length and may
cause segfault). (Tony)
Fixed bug #33072 (Add a safemode/open_basedir check for runtime "session.save_pa
th" change using session_save_path() function). (Rasmus)
Fixed bug #33070 (Improved performance of bzdecompress() by several orders of ma
gnitude). (Ilia)
Fixed bug #33059 (crash when moving xml attribute set in dtd). (Ilia)
Fixed bug #33057 (Don't send extraneous entity-headers on a 304 as per RFC 2616
section 10.3.5) (Rasmus, Choitel)
Fixed bug #33019 (socket errors cause memory leaks in php_strerror()). (jwozniak
23 at poczta dot onet dot pl, Tony).
Fixed bug #33017 ("make distclean" gives an error with VPATH build). (Jani)
Fixed bug #33013 ("next month" was handled wrong while parsing dates). (Derick)
Fixed bug #32993 (implemented Iterator function current() don't throw exception)
. (Dmitry)
Fixed bug #32981 (ReflectionMethod::getStaticVariables() causes apache2.0.54 seg
fault). (Dmitry)
Fixed bug #32956 (mysql_bind_result() doesn't support MYSQL_TYPE_NULL). (Georg)
Fixed bug #32947 (Incorrect option for mysqli default password). (Georg)
Fixed bug #32944 (Disabling session.use_cookies doesn't prevent reading session
cookies). (Jani, Tony)
Fixed bug #32941 (Sending structured SOAP fault kills a php). (Dmitry)
Fixed bug #32937 (open_basedir looses trailing / in the limiter). (Adam Conrad)
Fixed bug #32936 (http redirects URLs are not checked for control chars). (Ilia)
Fixed bug #32933 (Cannot extend class "SQLiteDatabase"). (Marcus)
Fixed bug #32932 (Oracle LDAP: ldap_get_entries(), invalid pointer). (Jani)
Fixed bug #32930 (class extending DOMDocument doesn't clone properly). (Rob)
Fixed bug #32924 (file included with "auto_prepend_file" can be included with re
quire_once() or include_once()). (Stas)
Fixed bug #32904 (pg_get_notify() ignores result_type parameter). (Tony)
Fixed bug #32852 (Crash with singleton and __destruct when zend.ze1_compatibilit
y_mode = On). (Dmitry)
Fixed bug #32833 (Invalid opcode). (Dmitry)
Fixed bug #32813 (parse_url() does not handle scheme-only urls properly). (Ilia)
Fixed bug #32810 (temporary files not using plain file wrapper). (Ilia)
Fixed bug #32809 (Missing T1LIB support on Windows). (Edin)
Fixed bug #32802 (General cookie overrides more specific cookie). (Ilia)
Fixed bugs #32800, #32830 (ext/odbc: Problems with 64bit systems). (Jani)
Fixed bug #32799 (crash: calling the corresponding global var during the destruc
t). (Dmitry)
Fixed bug #32776 (SOAP doesn't support one-way operations). (Dmitry)
Fixed bug #32773 (GMP functions break when second parameter is 0). (Stas)
Fixed bug #32759 (incorrect determination of default value (COM)). (Wez)
Fixed bug #32758 (Cannot access safearray properties in VB6 objects). (Wez)
Fixed bug #32755 (Segfault in replaceChild() when DocumentFragment has no childr
en). (Rob)
Fixed bug #32753 (Undefined constant SQLITE_NOTADB). (Ilia)
Fixed bug #32742 (segmentation fault when the stream with a wrapper is not close
d). (Tony, Dmitry)
Fixed bug #32699 (pg_affected_rows() was defined when it was not available). (De
rick)
Fixed bug #32686 (Require/include file in destructor causes segfault). (Marcus)
Fixed bug #32682 (ext/mssql: Error on module shutdown when called from activescr
ipt). (Frank)
Fixed bug #32674 (exception in iterator causes crash). (Dmitry)
Fixed bug #32660 (Assignment by reference causes crash when field access is over
loaded (__get)). (Dmitry)
Fixed bug #32647 (Using register_shutdown_function() with invalid callback can c
rash PHP). (Jani)
Fixed bug #32615 (Segfault in replaceChild() using fragment when previousSibling
is NULL). (Rob)
Fixed bug #32613 (ext/snmp: use of snmp_shutdown() causes snmpapp.conf access er
rors). (Jani, ric at arizona dot edu)
Fixed bug #32608 (html_entity_decode() converts single quotes even if ENT_NOQUOT
ES is given). (Ilia)
Fixed bug #32596 (Segfault/Memory Leak by getClass (etc) in __destruct). (Dmitry
)
Fixed bug #32591 (ext/mysql: Unsatisfied symbol: ntohs with HP-UX). (Jani)
Fixed bug #32589 (possible crash inside imap_mail_compose() function). (Ilia)
Fixed bug #32589 (Possible crash inside imap_mail_compose, with charsets). (Ilia
)
Fixed bug #32587 (Apache2: errors sent to error_log do not include timestamps).
(Jani)
Fixed bug #32560 (configure looks for incorrect db2 library). (Tony)
Fixed bug #32553 (mmap loads only the 1st 2000000 bytes on Win32). (Ilia)
Fixed bug #32533 (proc_get_status() returns the incorrect process status). (Ilia
)
Fixed bug #32530 (chunk_split() does not append endstr if chunklen is longer the
n the original string). (Ilia)
Fixed bug #32491 (File upload error - unable to create a temporary file). (Uwe S
chindler)
Fixed bug #32455 (wrong setting property to unset value). (Dmitry)
Fixed bug #32429 (method_exists() always return TRUE if __call method exists). (
Dmitry)
Fixed bug #32428 (The @ warning error suppression operator is broken). (Dmitry)
Fixed bug #32427 (Interfaces are not allowed 'static' access modifier). (Dmitry)
Fixed bug #32405 (mysqli::fetch() returns bad data - 64bit problem). (Andrey)
Fixed bug #32296 (get_class_methods() output has changed between 5.0.2 and 5.0.3
). (Dmitry)
Fixed bug #32282 (Segfault in mysqli_fetch_array on 64-bit). (Georg)
Fixed bug #32245 (xml_parser_free() in a function assigned to the xml parser giv
es a segfault). (Rob)
Fixed bug #32179 (xmlrpc_encode() segfaults with recursive references). (Tony)
Fixed bug #32171 (Userspace stream wrapper crashes PHP). (Tony, Dmitry)
Fixed bug #32160 (copying a file into itself leads to data loss). (Ilia)
Fixed bug #32139 (SOAP client does not auto-handle base64 encoding). (Ilia)
Fixed bug #32109 ($_POST is not populated in multi-threaded environment). (Moriy
oshi)
Fixed bug #32080 (segfault when assigning object to itself with zend.ze1_compati
bility_mode=On). (Dmitry)
Fixed bug #32021 (Crash caused by range('', 'z')). (Derick)
Fixed bug #32013 (ext/mysqli bind_result causes fatal error: memory limit). (And
rey)
Fixed bug #32010 (Memory leak in mssql_fetch_batch). (fmk)
Fixed bug #32009 (crash when mssql_bind() is called more than once). (Frank)
Fixed bug #31971 (ftp_login fails on some SSL servers). (frantisek at augusztin
dot com)
Fixed bug #31887 (ISAPI: Custom 5xx error does not return correct HTTP response
message). (Jani)
Fixed bug #31828 (Crash with zend.ze1_compatibility_mode=On). (Dmitry)
Fixed bug #31668 (multi_query works exactly every other time - multi query d/e f
lag global and not per connection). (Andrey)
Fixed bug #31636 (another crash when echoing a COM object). (Wez)
Fixed bug #31583 (php_std_date() uses short day names in non-y2k_compliance mode
). (mike at php dot net)
Fixed bug #31525 (object reference being dropped. $this getting lost). (Stas, Dm
itry)
Fixed bug #31502 (Wrong deserialization from session when using WDDX serializer)
. (Dmitry)
Fixed bug #31478 (segfault with empty() / isset()). (Moriyoshi)
Fixed bug #31465 (False warning in unpack() when working with *). (Ilia)
Fixed bug #31363 (broken non-blocking flock()). (ian at snork dot net)
Fixed bug #31358 (Older GCC versions do not provide portable va_copy()). (Jani)
Fixed bug #31341 (escape on curly inconsistent). (Dmitry)
Fixed bug #31256 (PHP_EVAL_LIBLINE configure macro does not handle -pthread). (J
ani)
Fixed bug #31213 (Side effects caused by fix of bug #29493). (Dmitry)
Fixed bug #31177 (memory leaks and corruption because of incorrect refcounting).
(Dmitry)
Fixed bug #31158 (array_splice on $GLOBALS crashes). (Dmitry)
Fixed bug #31054 (safe_mode & open_basedir checks only check first include_path
value). (Ilia)
Fixed bug #31033 (php:function(string, nodeset) with xsl:key crashes PHP). (Rob)
Fixed bug #30961 (Wrong line number in ReflectionClass getStartLine()). (Dmitry)
Fixed bug #30889 (Conflict between __get/__set and ++ operator). (Dmitry)
Fixed bug #30833 (array_count_values() modifying input array). (Tony)
Fixed bug #30828 (debug_backtrace() reports incorrect class in overridden method
s). (Dmitry)
Fixed bug #30820 (static member conflict with $this->member silently ignored). (
Dmitry)
Fixed bug #30819 (Better support for LDAP SASL bind). (Jani)
Fixed bug #30791 (magic methods (__sleep/__wakeup/__toString) call __call if obj
ect is overloaded). (Dmitry)
Fixed bug #30707 (Segmentation fault on exception in method). (Stas, Dmitry)
Fixed bug #30702 (cannot initialize class variable from class constant). (Dmitry
)
Fixed bug #30578 (Output buffers flushed before calling __destruct() functions).
(Jani)
Fixed bug #30519 (Interface not existing says Class not found). (Dmitry)
Fixed bug #30407 (Strange behavior of default arguments). (Dmitry)
Fixed bug #30394 (Assignment operators yield wrong result with __get/__set). (Dm
itry)
Fixed bug #30332 (zend.ze1_compatibility_mode isn't fully compatible with array_
push()). (Dmitry)
Fixed bug #30162 (Catching exception in constructor causes lose of $this). (Dmit
ry)
Fixed bug #30140 (Problem with array in static properties). (Dmitry)
Fixed bug #30126 (Enhancement for error message for abstract classes). (Marcus)
Fixed bug #30096 (gmmktime does not return the current time). (Derick)
Fixed bug #30080 (Passing array or non array of objects). (Dmitry)
Fixed bug #30052 (Crash on shutdown after odbc_pconnect()). (Edin)
Fixed bug #29983 (PHP does not explicitly set mime type & charset). (Ilia)
Fixed bug #29975 (memory leaks when set_error_handler() is used inside error han
dler). (Tony)
Fixed bug #29971 (variables_order behavior). (Dmitry)
Fixed bug #29944 (Function defined in switch, crashes). (Dmitry)
Fixed bug #29896 (Backtrace argument list out of sync). (Dmitry)
Fixed bug #29728 (Reflection API Feature: Default parameter value). (Marcus)
Fixed bug #29689 (default value of protected member overrides default value of p
rivate and other private variable problems in inherited classes). (Stas)
Fixed bug #29683 (headers_list() returns empty array). (Tony)
Fixed bug #29583 (crash when echoing a COM object). (M.Sisolak, Wez)
Fixed bug #29522 (accessing properties without connection). (Georg)
Fixed bug #29361 (var_export() producing invalid code). (Derick)
Fixed bug #29338 (unencoded spaces get ignored after certain tags). (Ilia)
Fixed bug #29335 (fetch functions now use MYSQLI_BOTH as default). (Georg)
Fixed bug #29334 (win32 mail() provides incorrect Date: header). (Jani)
Fixed bug #29311 (calling parent constructor in mysqli). (Georg)
Fixed bug #29268 (__autoload() not called with Reflection->getClass()). (Dmitry)
Fixed bug #29256 (SOAP HTTP Error when envelop size is more than 24345 bytes). (
Dmitry, Wez)
Fixed bug #29253 (array_diff with $GLOBALS argument fails). (Dmitry)
Fixed bug #29236 (memory error when wsdl-cache is enabled). (Dmitry)
Fixed bug #29210 (Function: is_callable - no support for private and protected c
lasses). (Dmitry)
Fixed bug #29109 (SoapFault exception: [WSDL] Out of memory). (Dmitry)
Fixed bug #29104 (Function declaration in method doesn't work). (Dmitry)
Fixed bug #29061 (soap extension segfaults). (Dmitry)
Fixed bug #29015 (Incorrect behavior of member vars(non string ones)-numeric mem
vars and others). (Dmitry)
Fixed bug #28985 (__getTypes() returning nothing on complex WSDL). (Dmitry)
Fixed bug #28969 (Wrong data encoding of special characters). (Dmitry)
Fixed bug #28839 (SIGSEGV in interactive mode (php -a)). (kameshj at fastmail do
t fm)
Fixed bug #28605 (Need to use -[m]ieee option for Alpha CPUs). (Jani)
Fixed bug #28568 (SAPI::known_post_content_types is not thread safe). (Moriyoshi
)
Fixed bug #28377 (debug_backtrace is intermittently passing args). (Dmitry)
Fixed bug #28355 (glob wont error if dir is not readable). (Hartmut)
Fixed bug #28072 (static array with some constant keys will be incorrectly order
ed). (Dmitry)
Fixed bug #27908 (xml default_handlers not being called). (Rob)
Fixed bug #27598 (list() array key assignment causes HUGE memory leak). (Dmitry)
Fixed bug #27268 (Bad references accentuated by clone). (Dmitry)
Fixed bug #26456 (Wrong results from Reflection-API getDocComment() when called
via STDIN). (Dmitry)
Fixed bug #25922 (In error handler, modifying 5th arg (errcontext) may result in
seg fault). (Dmitry)
Fixed bug #25359 (array_multisort() doesn't work in a function if array is globa
l or reference). (Dmitry)
Fixed bug #22836 (returning reference to uninitialized variable). (Dmitry)
Fixed bug #21306 (ext/sesssion: catch bailouts of write handler during RSHUTDOWN
). (Jani, Xuefer at 21cn dot com)
Fixed bug #15854 (boolean ini options may be incorrectly displayed as Off when t
hey are On). (Tony)
Fixed bugs #14561, #20382, #26090, #26320, #28024, #30532, #32086, #32270, #3255
5, #32588, #33056 (strtotime() related bugs). (Derick)
Version 5.0.5
05 Sep 2005
Upgraded PCRE library to version 5.0. (Andrei)
Removed php_check_syntax() function which never worked properly. (Ilia)
Added new function mysqli_set_charset(). (Georg)
Added man pages for "phpize" and "php-config" scripts. (Jakub Vrana)
Added support for .cc files in extensions. (Brian)
Added PHP_INT_MAX and PHP_INT_SIZE as predefined constants. (Andrey)
Changed sha1_file() and md5_file() functions to use streams instead of low level
IO. (Uwe)
Changed ming to support official 0.2a and 0.3 library versions. (Marcus)
Fixed failing queries problem (FALSE returned) with mysqli_query() on 64 bit. (A
ndrey)
Fixed memory corruption in pg_copy_from() in case the as_null parameter was pass
ed. (Derick)
Fixed ext/mysqli to allocate less memory when fetching bound params of type (MED
IUM|LONG)BLOB/(MEDIUM|LONG)TEXT. (Andrey)
Fixed memory corruption in ImageTTFText() with 64bit systems. (Andrey)
Fixed memory corruption in stristr(). (Derick)
Fixed segfaults when CURL callback functions throw exception. (Tony)
Fixed various reentrancy bugs in user-sort functions, solves bugs #33286 and #33
295. (Mike Bretz)
Fixed bug #34307 (on_modify handler not called to set the default value if setti
ng from php.ini was invalid). (Andrei)
Fixed bug #34302 (date('W') do not return leading zeros for week 1 to 9). (Deric
k)
Fixed bug #34299 (ReflectionClass::isInstantiable() returns true for abstract cl
asses). (Marcus)
Fixed bug #34277 (array_filter() crashes with references and objects). (Dmitry)
Fixed bug #34260 (Segfault with callbacks (array_map) + overloading). (Dmitry)
Fixed bug #34137 (assigning array element by reference causes binary mess). (Dmi
try)
Fixed bug #34078 (Reflection API problems in methods with boolean or null defaul
t values). (Tony)
Fixed bug #34064 (arr[] as param to function is allowed only if function receive
s argument by reference). (Dmitry)
Fixed bug #34062 (Crash in catch block when many arguments are used). (Dmitry)
Fixed bug #33989 (extract($GLOBALS,EXTR_REFS) crashes PHP). (Dmitry)
Fixed bug #33940 (array_map() fails to pass by reference when called recursively
). (Dmitry)
Fixed bug #33853 (php:function call __autoload with lowercase param). (Marcus)
Fixed bug #33802 (throw Exception in error handler causes crash). (Dmitry)
Fixed bug #33723 (php_value overrides php_admin_value). (Dmitry)
Fixed bug #33710 (ArrayAccess objects doen't initialize $this). (Dmitry)
Fixed bug #33588 (LDAP: RootDSE query not possible). (Jani)
Fixed bug #33558 (warning with nested calls to functions returning by reference)
. (Dmitry)
Fixed bug #33520 (crash if safe_mode is on and session.save_path is changed). (D
mitry)
Fixed bug #33491 (crash after extending MySQLi internal class). (Tony)
Fixed bug #33340 (CLI Crash when calling php:function from XSLT). (Rob)
Fixed bug #33277 (private method accessed by child class). (Dmitry)
Fixed bug #33268 (iconv_strlen() works only with a parameter of < 3 in length).
(Ilia)
Fixed bug #33263 (mysqli_real_escape doesn't work in __construct) (Georg)
Fixed bug #33257 (array_splice() inconsistent when passed function instead of va
riable). (Dmitry)
Fixed bug #33243 (ze1_compatibility_mode does not work as expected). (Dmitry)
Fixed bug #33242 (Mangled error message when stream fails). (Derick)
Fixed bug #33222 (segfault when CURL handle is closed in a callback). (Tony)
Fixed bug #33214 (odbc_next_result does not signal SQL errors with 2-statement S
QL batches). (rich at kastle dot com, Tony)
Fixed bug #33210 (relax jpeg recursive loop protection). (Ilia)
Fixed bug #33200 (preg_replace(): magic_quotes_sybase=On makes 'e' modifier misb
ehave). (Jani)
Fixed bug #33185 (--enable-session=shared does not build). (Jani)
Fixed bug #33171 (foreach enumerates private fields declared in base classes). (
Dmitry)
Fixed bug #33164 (Soap extension incorrectly detects HTTP/1.1). (Ilia)
Fixed bug #33156 (cygwin version of setitimer doesn't accept ITIMER_PROF). (Nuno
)
Fixed bug #33116 (crash when assigning class name to global variable in __autolo
ad). (Dmitry)
Fixed bug #33090 (mysqli_prepare() doesn't return an error). (Georg)
Fixed bug #33076 (str_ireplace() incorrectly counts result string length and may
cause segfault). (Tony)
Fixed bug #33072 (Add a safemode/open_basedir check for runtime "session.save_pa
th" change using session_save_path() function). (Rasmus)
Fixed bug #33070 (Improved performance of bzdecompress() by several orders of ma
gnitude). (Ilia)
Fixed bug #33059 (crash when moving xml attribute set in dtd). (Ilia)
Fixed bug #33057 (Don't send extraneous entity-headers on a 304 as per RFC 2616
Fixed bug #32533 (proc_get_status() returns the incorrect process status). (Ilia
)
Fixed bug #32530 (chunk_split() does not append endstr if chunklen is longer the
n the original string). (Ilia)
Fixed bug #32491 (File upload error - unable to create a temporary file). (Uwe S
chindler)
Fixed bug #32405 (mysqli::fetch() returns bad data - 64bit problem). (Andrey)
Fixed bug #32282 (Segfault in mysqli_fetch_array on 64-bit). (Georg)
Fixed bug #32296 (get_class_methods() output has changed between 5.0.2 and 5.0.3
). (Dmitry)
Fixed bug #32245 (xml_parser_free() in a function assigned to the xml parser giv
es a segfault). (Rob)
Fixed bug #32171 (Userspace stream wrapper crashes PHP). (Tony, Dmitry)
Fixed bug #32080 (segfault when assigning object to itself with zend.ze1_compati
bility_mode=On). (Dmitry)
Fixed bug #32013 (ext/mysqli bind_result causes fatal error: memory limit). (And
rey)
Fixed bug #31887 (ISAPI: Custom 5xx error does not return correct HTTP response
message). (Jani)
Fixed bug #31828 (Crash with zend.ze1_compatibility_mode=On). (Dmitry)
Fixed bug #31668 (multi_query works exactly every other time - multi query d/e f
lag global and not per connection). (Andrey)
Fixed bug #31636 (another crash when echoing a COM object). (Wez)
Fixed bug #31583 (php_std_date() uses short day names in non-y2k_compliance mode
). (mike at php dot net)
Fixed bug #31525 (object reference being dropped. $this getting lost). (Stas, Dm
itry)
Fixed bug #31502 (Wrong deserialization from session when using WDDX serializer)
. (Dmitry)
Fixed bug #31465 (False warning in unpack() when working with *). (Ilia)
Fixed bug #31363 (broken non-blocking flock()). ian at snork dot net
Fixed bug #31213 (Sideeffects caused by fix of bug #29493. (Dmitry)
Fixed bug #31158 (array_splice on $GLOBALS crashes). (Dmitry)
Fixed bug #30961 (Wrong linenumber in ReflectionClass getStartLine()). (Dmitry)
Fixed bug #30889 (Conflict between __get/__set and ++ operator). (Dmitry)
Fixed bug #30833 (array_count_values() modifying input array). (Tony)
Fixed bug #30828 (debug_backtrace() reports incorrect class in overridden method
s). (Dmitry)
Fixed bug #30820 (static member conflict with $this->member silently ignored). (
Dmitry)
Fixed bug #30819 (Better support for LDAP SASL bind). (Jani)
Fixed bug #30791 (magic methods (__sleep/__wakeup/__toString) call __call if obj
ect is overloaded). (Dmitry)
Fixed bug #30707 (Segmentation fault on exception in method). (Stas, Dmitry)
Fixed bug #30702 (cannot initialize class variable from class constant). (Dmitry
)
Fixed bug #30519 (Interface not existing says Class not found). (Dmitry)
Fixed bug #30394 (Assignment operators yield wrong result with __get/__set). (Dm
itry)
Fixed bug #30332 (zend.ze1_compatibility_mode isnt fully compatable with array_p
ush()). (Dmitry)
Fixed bug #30162 (Catching exception in constructor causes lose of $this). (Dmit
ry)
Fixed bug #30140 (Problem with array in static properties). (Dmitry)
Fixed bug #30126 (Enhancement for error message for abstract classes). (Marcus)
Fixed bug #30080 (Passing array or non array of objects). (Dmitry)
Fixed bug #29975 (memory leaks when set_error_handler() is used inside error han
dler). (Tony)
Fixed bug #29971 (variables_order behaviour). (Dmitry)
Fixed bug #29944 (Function defined in switch, crashes). (Dmitry)
lass). (Marcus)
Fixed bug #32238 (spl_array.c: void function cannot return value). (Johannes)
Fixed bug #32210 (proc_get_status() sets "running" always to true). (Ilia)
Fixed bug #32200 (Prevent using both --with-apxs2 and --with-apxs2filter). (Jani
)
Fixed bug #32134 (Overloading offsetGet/offsetSet). (Marcus)
Fixed bug #32130 (ArrayIterator::seek() does not throw an Exception on invalid i
ndex). (Marcus)
Fixed bug #32115 (dateTime SOAP encoding of timezone incorrect). (Dmitry)
Fixed bug #32081 (in mysqli default socket value is not being used). (Ilia)
Fixed bug #32021 (Crash caused by range('', 'z')). (Derick)
Fixed bug #32011 (Fragments which replaced Nodes are not globaly useable). (Rob)
Fixed bug #32001 (xml_parse_into_struct() function exceeds maximum execution tim
e). (Rob, Moriyoshi)
Fixed bug #31980 (Unicode exif data not available on Windows). (Edin)
Fixed bug #31792 (getrusage() does not provide ru_nswap value). (Ilia)
Fixed bug #31960 (msql_fetch_row() and msql_fetch_array() dropping columns with
NULL values). (Daniel Convissor)
Fixed bug #31878 (Segmentation fault using clone keyword on nodes). (Rob)
Fixed bug #31858 (--disable-cli does not force --without-pear). (Jani)
Fixed bug #31842 (*date('r') does not return RFC2822 conforming date string). (J
ani)
Fixed bug #31832 (SOAP encoding problem with complex types in WSDL mode with mul
tiple parts). (Dmitry)
Fixed bug #31797 (exif_read_data() uses too low nesting limit). (Ilia)
Fixed bug #31796 (readline completion handler does not handle empty return value
s). (Ilia)
Fixed bug #31755 (Cannot create SOAP header in no namespace). (Dmitry)
Fixed bug #31754 (dbase_open() fails for mode = 1). (Mehdi, Derick)
Fixed bug #31751 (pg_parameter_status() missing on Windows). (Edin)
Fixed bug #31747 (SOAP Digest Authentication doesn't work with "HTTP/1.1 100 Con
tinue" response). (Dmitry)
Fixed bug #31732 (mb_get_info() causes segfault when no parameters specified). (
Tony)
Fixed bug #31710 (Wrong return values for mysqli_autocommit/commit/rollback). (G
eorg)
Fixed bug #31705 (parse_url() does not recognize http://foo.com#bar). (Ilia)
Fixed bug #31695 (Cannot redefine endpoint when using WSDL). (Dmitry)
Fixed bug #31684 (dio_tcsetattr(): misconfigured termios settings). (elod at itf
ais dot com)
Fixed bug #31683 (changes to $name in __get($name) override future parameters).
(Dmitry)
Fixed bug #31699 (unserialize() float problem on non-English locales). (Ilia)
Fixed bug #31562 (__autoload() problem with static variables). (Marcus)
Fixed bug #31651 (ReflectionClass::getDefaultProperties segfaults with arrays).
(Marcus)
Fixed bug #31623 (OCILogin does not support password grace period). (daniel dot
beet at accuratesoftware dot com, Tony)
Fixed bug #31527 (crash in msg_send() when non-string is stored without being se
rialized). (Ilia)
Fixed bug #31515 (Improve performance of scandir() by factor of 10 or so). (Ilia
)
Fixed bug #31514 (open_basedir uses path_translated rather then cwd for . transl
ation). (Ilia)
Fixed bug #31480 (Possible infinite loop in imap_mail_compose()). (Ilia)
Fixed bug #31479 (Fixed crash in chunk_split(), when chunklen > strlen). (Ilia)
Fixed bug #31465 (False warning in unpack() when working with *). (Ilia)
Fixed bug #31454 (session_set_save_handler crashes PHP when supplied non-existen
t object ref). (Tony)
Fixed bug #31444 (Memory leak in zend_language_scanner.c). (hexer at studentcent
er dot org)
Fixed bug #31442 (unserialize broken on 64-bit systems). (Marcus)
Fixed bug #31440 ($GLOBALS can be overwritten via GPC when register_globals is e
nabled). (Ilia)
Fixed bug #31422 (No Error-Logging on SoapServer-Side). (Dmitry)
Fixed bug #31413 (curl POSTFIELDS crashes on 64-bit platforms). (Joe)
Fixed bug #31396 (compile fails with gd 2.0.33 without freetype). (Jani)
Fixed bug #31371 (highlight_file() trims new line after heredoc). (Ilia)
Fixed bug #31361 (simplexml/domxml segfault when adding node twice). (Rob)
Fixed bug #31348 (CachingIterator::rewind() leaks). (Marcus)
Fixed bug #31346 (ArrayIterator::next segfaults). (Marcus)
Fixed bug #31190 (Unexpected warning then exception is thrown from call_user_fun
c_array()). (phpbugs at domain51 dot net, Dmitry)
Fixed bug #31142 (imap_mail_compose() fails to generate correct output). (Ilia)
Fixed bug #31139 (XML Parser Functions seem to drop & when parsing). (Rob)
Fixed bug #31398 (When magic_guotes_gpc are enabled filenames with ' get cutoff)
. (Ilia)
Fixed bug #31288 (Possible crash in mysql_fetch_field(), if mysql_list_fields()
was not called previously). (Ilia)
Fixed bug #31107, Fixed bug #31110, Fixed bug #31111, Fixed bug #31249 (Compile
failure of zend_strtod.c). (Jani)
Fixed bug #31110 (PHP 4.3.10 does not compile on Tru64 UNIX 5.1B). (Derick)
Fixed bug #31107 (Compile failure on Solaris 9 (Intel) and gcc 3.4.3). (Derick)
Fixed bug #31103 (Better error message when c-client cannot be found). (Ilia)
Fixed bug #31101 (missing kerberos header file path with --with-openssl). (Jani)
Fixed bug #31098 (isset() / empty() incorrectly return true in dereference of a
string type). (Moriyoshi)
Fixed bug #31087 (broken php_url_encode_hash macro). (Ilia)
Fixed bug #31072 (var_export() does not output an array element with an empty st
ring key). (Derick)
Fixed bug #31060 (imageftbbox() does not use linespacing parameter). (Jani)
Fixed bug #31056 (php_std_date() returns invalid formatted date if y2k_complianc
e is On). (Ilia)
Fixed bug #31055 (apache2filter: per request leak proportional to the full path
of the request URI). (kameshj at fastmail dot fm)
Fixed bug #30901 (can't send cookies with soap envelop). (Dmitry)
Fixed bug #30871 (Misleading warning message for array_combine()). (Andrey)
Fixed bug #30868 (evaluated pointer comparison in mbregex causes compile failure
). (Moriyoshi)
Fixed bug #30862 (Static array with boolean indexes). (Marcus)
Fixed bug #30726 (-.1 like numbers are not being handled correctly). (Ilia)
Fixed bug #30725 (PHP segfaults when an exception is thrown in getIterator() wit
hin foreach). (Marcus)
Fixed bug #30609 (cURL functions bypass open_basedir). (Jani)
Fixed bug #30446 (apache2handler: virtual() includes files out of sequence)
Fixed bug #30430 (odbc_next_result() doesn't bind values and that results in seg
fault). (pdan-php at esync dot org, Tony)
Fixed bug #30266 (Invalid opcode 137/1/8). (Marcus)
Fixed bug #30120 (imagettftext() and imagettfbbox() accept too many parameters).
(Jani)
Fixed bug #30106 (SOAP cannot not parse 'ref' element. Causes Uncaught SoapFault
exception). (Dmitry)
Fixed bug #29989 (type re_registers redefined in oniguruma.h). (Moriyoshi)
Fixed bug #28803 (enabled debug causes bailout errors with CLI on AIX because of
fflush() called on already closed filedescriptor). (Tony)
Fixed bug #29767 (Weird behaviour of __set($name, $value)). (Dmitry)
Fixed bug #29733 (printf() handles repeated placeholders wrong). (bugs dot php d
ot net at bluetwanger dot de, Ilia)
Fixed bug #29424 (width and height inverted for JPEG2000 files). (Ilia)
Fixed bug #29329 (configure for mysqli with shared doesn't work). (Georg)
Fixed bug #30587 (array_multisort doesn't separate zvals before changing them).
(Tony)
Fixed bug #30572 (crash when comparing SimpleXML attribute to a boolean). (Andi)
Fixed bug #30566 (attribute namespace URIs are inconsistent when parsing). (Rob)
Fixed bug #30490 (PEAR installation fails). (Antony)
Fixed bug #30475 (curl_getinfo() may crash in some situations). (Ilia)
Fixed bug #30442 (segfault when parsing ?getvariable[][ ). (Tony)
Fixed bug #30388 (rename across filesystems loses ownership and permission info)
. (Tony)
Fixed bug #30387 (stream_socket_client async connect was broken). (vnegrier at e
sds dot com, Wez).
Fixed bug #30381 (Strange results with get_class_vars()). (Marcus)
Fixed bug #30375 (cal_info() does not work without a parameter). (Ilia)
Fixed bug #30362 (stream_get_line() not handling end string correctly). (Ilia)
Fixed bug #30359 (SOAP client requests have no port in "Host" field). (Dmitry)
Fixed bug #30356 (str_ireplace() does not work on all strings). (Ilia)
Fixed bug #30344 (Reflection::getModifierNames() returns too long strings). (Mar
cus)
Fixed bug #30329 (Error Fetching http body, No Content-Length, connection closed
or chunked data). (Dmitry)
Fixed bug #30282 (segfault when using unknown/unsupported session.save_handler a
nd/or session.serialize_handler). (Tony)
Fixed bug #30281 (Prevent non-wbmp images from being detected as such). (Ilia)
Fixed bug #30276 (Possible crash in ctype_digit on large numbers). (Ilia)
Fixed bug #30230 (exception handler not working with objects). (Marcus)
Fixed bug #30224 (Sybase date strings are sometimes not null terminated). (Ilia)
Fixed bug #30175 (SOAP results aren't parsed correctly). (Dmitry)
Fixed bug #30147 (OO sqlite_fetch_object did not reset error handler). (Wez)
Fixed bug #30133 (get_current_user() crashes on Windows). (Edin)
Fixed bug #30061 (xml_set_start_namespace_decl_handler not called). (Rob)
Fixed bug #30057 (did not detect IPV6 on FreeBSD 4.1). (Wez)
Fixed bug #30042 (strtotime does not use second param). (Derick)
Fixed bug #30027 (Possible crash inside ftp_get()). (cfield at affinitysolutions
dot com)
Fixed bug #29954 (array_reduce segfaults when initial value is array). (Tony)
Fixed bug #29883 (isset gives invalid values on strings). (Tony, Dmitry)
Fixed bug #29801 (Set limit on the size of mmapable data). (Ilia)
Fixed bug #29557 (strtotime error). (Derick)
Fixed bug #29418 (double free when openssl_csr_new fails). (Kamesh Jayachandran)
.
Fixed bug #29385 (Soapserver always uses std class). (David, Dmitry)
Fixed bug #29211 (SoapClient doesn't request wsdl through proxy). (Rob)
Fixed bug #28817 (Var problem when extending domDocument). (Georg)
Fixed bug #28599 (strtotime fails with zero base time). (Derick)
Fixed bug #28598 (Lost support for MS Symbol fonts). (Pierre)
Fixed bug #28220 (mb_strwidth() returns wrong width values for some hangul chara
cters). (Moriyoshi)
Fixed bug #28228 (NULL decimal separator is not being handled correctly). (Ilia)
Fixed bug #28209 (strtotime("now")). (Derick)
Fixed bug #27798 (private / protected variables not exposed by get_object_vars()
inside class). (Marcus)
Fixed bug #27728 (Can't return within a zend_try {} block or the previous bailou
t state isn't restored. (Andi)
Fixed bug #27183 (Userland stream wrapper segfaults on stream_write). (Christian
)
Version 5.0.2
23 Sep 2004
Added new boolean (fourth) parameter to array_slice() that turns on the preserva
tion of keys in the returned array. (Derick)
Added the sorting flag SORT_LOCALE_STRING to the sort() functions which makes th
em sort based on the current locale. (Derick)
Added interface_exists() and make class_exists() only return true for real class
es. (Andrey)
Added PHP_EOL constant that contains the OS way of representing newlines. (Paul
Hudson, Derick)
Implemented periodic PCRE compiled regexp cache cleanup, to avoid memory exhaust
ion. (Andrei)
Renamed SoapClient->__call() to SoapClinet->__soapCall(). (Dmitry)
Fixed bug with raw_post_data not getting set (Brian)
Fixed a file-descriptor leak with phpinfo() and other 'special' URLs (Zeev)
Fixed bug #30209 (ReflectionClass::getMethod() lowercases attribute). (Marcus)
Fixed bug #30182 (SOAP module processing WSDL file dumps core). (Dmitry)
Fixed bug #30045 (Cannot pass big integers (> 2147483647) in SOAP requests). (Dm
itry)
Fixed bug #29985 (unserialize()/ __PHP_Incomplete_class does not report correctl
y class name). (Marcus, Tony)
Fixed bug #29945 (simplexml_load_file URL limitation 255 char). (Rob)
Fixed bug #29873 (No defines around pcntl_*priority definitions). (Derick)
Fixed bug #29844 (SOAP doesn't return the result of a valid SOAP request). (Dmit
ry)
Fixed bug #29842 (soapclient return null value). (Dmitry)
Fixed bug #29839 (incorrect convert (xml:lang to lang)). (Dmitry)
Fixed bug #29830 (SoapServer::setClass() should not export non-public methods).
(Dmitry)
Fixed bug #29828 (Interfaces no longer work). (Marcus)
Fixed bug #29821 (Fixed possible crashes in convert_uudecode() on invalid data).
(Ilia)
Fixed bug #29808 (array_count_values() breaks with numeric strings). (Ilia)
Fixed bug #29805 (HTTP Authentication Issues). (Uwe Schindler)
Fixed bug #29795 (SegFault with Soap and Amazon's Web Services). (Dmitry)
Fixed bug #29737 (ip2long should return -1 if IP is 255.255.255.255 and FALSE on
error). (Tony)
Fixed bug #29711 (Changed ext/xml to default to UTF-8 output). (Rob)
Fixed bug #29678 (opendir() with ftp:// wrapper segfaults if path does not have
trailing slash). (Ilia)
Fixed bug #29657 (xml_* functions throw non descriptive error). (Christian, Rob)
Fixed bug #29656 (segfault on result and statement properties). (Georg)
Fixed bug #29566 (foreach/string handling strangeness (crash)). (Dmitry)
Fixed bug #29447 (Reflection API issues). (Marcus)
Fixed bug #29296 (Added sslv2 and sslv3 transports). (Wez)
Fixed bug #29283 (Invalid statement handle in mysqli on execute). (Georg)
Fixed bug #29913 (parse_url() is now binary safe). (Ilia)
Fixed bug #27994 (segfault with Soapserver when WSDL-Cache is enabled). (Dmitry)
Fixed bug #27791 (Apache 2.0 SAPI build against Apache 2 HEAD). (Joe Orton, Deri
ck)
Fixed bug #26737 (private/protected properties not serialized when user declared
method __sleep() exists). E_NOTICE thrown when __sleep() returns name of non-ex
isting member. (Andrey, Curt)
Version 5.0.1
12 Aug 2004
Changed destructor mechanism so that destructors are called prior to request shu
tdown. (Marcus)
Rewritten UNIX and Windows install help files. (Documentation Team)
Updated several libraries bundled with the windows release which now includes li
bxml2-2.6.11, libxslt-1.1.7 and iconv-1.9.1. (Rob, Edin)
Improved and moved ActiveScript SAPI to PECL. (Wez)
Fixed unloading of dynamically loaded extensions. (Marcus, kameshj at fastmail d
ot fm)
Added support for PHP 4 style object conversion to long, double, and boolean val
ues which is enabled in ze1_compatibility_mode. (Andi, Stas)
Allow object oriented extensions to overload comparison functions and other oper
ations. Solves problems using SimpleXML values. (Andi, Zeev)
Fixed crash when accessing a class constant with a value which in turn is also a
constant. (Dmitry)
Fixed object's truth value conversion. It is always true unless ze1_compatibilit
y_mode is on in which it behaves like in PHP 4. (Stas)
Improved out of memory handling in new memory manager. (Stas)
Fixed crash when an object references itself during destructor call. (Andi)
Fixed crash in foreach() when iterating over object properties or a method's ret
urn values. (Andi)
Fixed crash when an exception is thrown in a destructor. Such exceptions are now
ignored as destruction happens out of context at no definite time. (Andi)
Fixed crashes in exception handling. (Dmitry, Andi)
Changed prototype checks so that they aren't done on constructors. (Andi)
Changed prototype checks to output an E_STRICT message instead of an E_COMPILE_E
RROR. (Andi)
Changed Iterator::has_more() to Iterator::valid(). (Marcus)
Upgraded bundled oniguruma library to version 2.2.2. (Rui, Moriyoshi)
Added mb_list_encoding() to return an array with all mbstring supported encoding
s. (Derick)
Added support for more ISO8601 datetime formats in strtotime(). (Moriyoshi)
Timezone specifier (ex. "20040301T02:00:00+19:00")
Week specifier (ex. "1997W021")
Renamed php.ini option "zend2.implicit_clone" to "zend.ze1_compatibility_mode" a
s it doesn't only affect implicit cloning. (Andi, Zeev)
Methods that override parent methods are now subject to prototype checking, and
have to be compatible with the method they're overriding - this check is disable
d in compatibility mode. (Andi, Zeev)
Fixed crash in php_ini_scanned_files() when no additional INI files were actuall
y parsed. (Jon)
Fixed bug in gdImageFilledRectangle in the bundled GD library, that required x1
< x2 and y1 < y2 for coordinates. (Derick)
Fixed crash with foreach() and temporary objects($obj->method()->a ...) where me
thod returns a non-referenced object. (Andi, Zeev)
Fixed problem preventing startup errors from being displayed. (Marcus)
Fixed start-up problem if both SPL and SimpleXML were enabled. The double initia
lization of apache 1.3 was causing problems here. (Marcus, Derick)
Fixed bug #27606 (Expression must be a modifiable lvalue compiler error). (Deric
k)
Fixed bug #27597 (pg_fetch_array not returning false). (Marcus)
Fixed bug #27586 (ArrayObject::getIterator crashes with [] assignment). (Marcus)
Fixed bug #27537 (Objects pointing to each other segfaults). (Dmitry)
Fixed bug #27535 (Problem with object freeing mechanism). (Dmitry)
Fixed bug #27504 (Visibility bugs in call_user_function()). (Dmitry)
Fixed bug #27457 (handling of numeric indexes in strtr()). (Dmitry)
Fixed bug #27338 (memory leak inside tsrm_virtual_cwd.c on win32). (Ilia)
Fixed bug #27291 (get_browser matches browscap.ini patterns incorrectly). (Jay)
Fixed bug #27287 (wddx segfaults during deserialization). (Moriyoshi)
Fixed bug #27263 (session extension crashes when unserializing referenced values
/ objects). (Moriyoshi)
Fixed bug #27237 (Working with simplexml crashes apache2). (Rob)
Fixed bug #27227 (Mixed case class names causes Fatal Error in Constructor call)
. (Marcus)
Fixed bug #27125 (strval() doesn't work for objects with __toString()). (Marcus)
Fixed bug #27123 (Fix crash caused by bug in get_object_vars()). (Andi)
Fixed bug #26677 (mbstring compile errors with IRIX compiler). (K.Kosako <kosako
at sofnec dot co dot jp>, Rui, Moriyoshi)
Fixed bug #26206 (register_long_arrays breaks superglobals). (Zeev)
Added ibase_wait_event()
Added ibase_set_event_handler() and ibase_free_event_handler()
Added new COM extension with integrated .Net support. (Wez)
Added new functions:
setrawcookie(). (Brian)
pg_version(). (Marcus)
dbase_get_header_info(). (Zak)
snmp_read_mib(). (Jani)
http_build_query(). (Sara)
ftp_alloc(). (Sara)
array_udiff(). (Andrey)
array_udiff_assoc(). (Andrey)
array_udiff_uassoc(). (Andrey)
array_diff_uassoc(). (Andrey)
convert_uuencode(). (Ilia)
convert_uudecode(). (Ilia)
substr_compare(). (Ilia)
pcntl_wait(). (GeorgeS)
Added "resume_pos" context option to "ftp://" wrapper. (Sara)
Added optional parameter to OCIWriteTemporaryLob() to specify the type of LOB (P
atch by Novicky Marek <novicky@aarongroup.cz>). (Thies)
Added reflection API. (Andrei, George, Timm)
Changed length parameter in fgetcsv() to be optional. (Moriyoshi)
Fixed IPv6 support in MacOSX Panther. (Dan, Marko)
Fixed fgetcsv() to correctly handle international (non-ascii) characters. (Moriy
oshi)
Fixed support for <![CDATA[]]> fields within XML documents in ext/xml. (Sterling
)
Fixed visibility of __construct and __clone. (Marcus)
Fixed bug #26003 (fgetcsv() not binary-safe on null bytes). (Moriyoshi)
Fixed bug #25756 (SimpleXML's validate_schema_file() broken). (Moriyoshi)
Fixed bug #25581 (getimagesize() returns incorrect values on bitmap (os2) files)
. (Marcus)
Fixed bug #25494 (array_merge*() allows non-arrays as argument). (Jay)
Fixed bug #24766 (strange result array from unpack()). (Moriyoshi)
Fixed bug #24729 ($obj = new $className; causes crash when $className is not set
). (Marcus)
Fixed bug #24565 (cannot read array elements received via $_REQUEST). (Zeev)
Fixed bug #24445 (get_parent_class() returns different values). (Sterling, Stani
slav)
Fixed bug #24403 (preg_replace() problem: Using $this when not in object context
). (Zeev)
Fixed bug #24399 (PEAR DB isError crash [instanceof_function fault?]). (Sterling
, Marcus)
Fixed bug #24396 (foreach ($k=>$v), the key $k is missing). (Zeev)
Fixed bug #24279 (__get() crash when no value is returned). (Ilia)
Fixed bug #22367 (undefined variable has a value). (Zeev)
Fixed bug #19859 (allow fast_call_user_function to support __call). (Stanislav)
Fixed bug #17997 (Warning when switch() and reference are combined). (Zeev)
Fixed bug #17988 (strtotime failed to parse postgresql timestamp). (Derick)
Version 5.0.0 Beta 1
29 Jun 2003
Switch to using Zend Engine 2, which includes numerous engine level improvements
. A full overview may be downloaded from http://www.zend.com/engine2/ZendEngine2.0.pdf (PDF).
The SQLite (http://www.hwaci.com/sw/sqlite/) extension is now bundled and enable
d by default. (Wez, Marcus, Tal)
Improved the speed of internal functions that use callbacks by 40% due to a new
internal fast_call_user_function() function. (Sterling)
get_headers() - Returns headers sent by the server of the specified URL. (Ilia)
str_split() - Breaks down a string into an array of elements based on length. (I
lia)
array_walk_recursive(). (Ilia)
array_combine(). (Andrey)
Added optional parameter to get_browser() to make it return an array. (Jay)
Added optional parameter to openssl_sign() to specify the hashing algorithm.(sco
tt@planetscott.ca, Derick)
Added optional parameter to sha1(), sha1_file(), md5() and md5_file() which make
s them return the digest as binary data. (Michael Bretterklieber, Derick)
Added optional parameter to mkdir() to make directory creation recursive. (Ilia)
Added optional parameter to file() which makes the result array not contain the
line endings and to skip empty lines. (Ilia)
Added new range() functionality:
Support for float modifier. (Ilia)
Detection of numeric values inside strings passed as high & low. (Ilia)
Proper handle the situations where high == low. (Ilia)
Added an optional step parameter. (Jon)
Added encoding detection feature for expat XML parser. (Adam Dickmeiss, Moriyosh
i)
Added missing multibyte (unicode) support and numeric entity support to html_ent
ity_decode(). (Moriyoshi)
Added IPv6 support to ext/sockets. (Sara)
Added input filter support. See README.input_filter for more info. (Rasmus)
Added a replace count for str_[i]replace(), see #8218. (Sara)
Fixed is_executable() to be available also on Windows. (Shane)
Fixed dirname() and strip_tags() to be binary-safe. (Moriyoshi)
Fixed bug #24098 (crash in pathinfo()). (Ilia)
Fixed bug #21985 and #22064 (various mb_send_mail() issues). (Moriyoshi)
Fixed bug #21600 (Assign by reference function call changes variable contents).
(Zeev)
Copyright 2001-2016 The PHP Group My PHP.net Contact Other PHP.net sites Mirror
sites Privacy policy