28 Nov 2013, PHP 5.4.23
- Core:
. Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a
string). (Laruence)
. Fixed bug #65947 (basename is no more working after fgetcsv in certain
situation). (Laruence)
- JSON
. Fixed whitespace part of bug #64874 ("json_decode handles whitespace and
case-sensitivity incorrectly"). (Andrea Faulds)
- MySQLi:
. Fixed bug #66043 (Segfault calling bind_param() on mysqli). (Laruence)
- mysqlnd:
. Fixed bug #66124 (mysqli under mysqlnd loses precision when bind_param
with 'i'). (Andrey)
. Fixed bug #66141 (mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES
after failed query). (Andrey)
- OpenSSL:
. Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420).
(Stefan Esser).
- PDO
. Fixed bug 65946 (sql_parser permanently converts values bound to strings)
Version 5.4.22
14-Nov-2013
* Core:
- Fixed bug #65911 (scope resolution operator - strange behavior with
$this).
CLI server:
- Fixed bug #65818 (Segfault with built-in webserver and chunked transfer
encoding).
* Exif:
- Fixed crash on unknown encoding.
* FTP:
- Fixed bug #65667 (ftp_nb_continue produces segfault).
* ODBC:
- Fixed bug #65950 (Field name truncation if the field name is bigger than
32 characters).
* Sockets:
- Fixed bug #65808 (the socket_connect() won't work with IPv6 address).
* Standard:
- Fixed bug #64760 (var_export() does not use full precision for
floating-point numbers).
* XMLReader:
- Fixed bug #51936 (Crash with clone XMLReader).
- Fixed bug #64230 (XMLReader does not suppress errors).
22 Aug 2013, PHP 5.4.19
- Core:
. Fixed bug #64503 (Compilation fails with error: conflicting types for
'zendparse'). (Laruence)
- Openssl:
. Fixed UMR in fix for CVE-2013-4248.
* Define PHP's version at one place.
* Remove obsolete description in comments.
* Add "used by www/php-fpm/Makefile" in php5[34]/Makefile.php.
* Remove commented out support for suhosin extension from php54.
* Add PHP_CHECK_INSTALLED and PHP_EXTENSION_DIR to php/phpversion.mk.
No functional should be made.
are replaced with .include "../../devel/readline/buildlink3.mk", and
USE_GNU_READLINE are removed,
* .include "../../devel/readline/buildlink3.mk" without USE_GNU_READLINE
are replaced with .include "../../mk/readline.buildlink3.mk".
06 Jun 2013, PHP 5.4.16
- Core:
. Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode,
CVE 2013-2110). (Stas)
. Fixed bug #64853 (Use of no longer available ini directives causes crash on
TS build). (Anatol)
. Fixed bug #64729 (compilation failure on x32). (Gustavo)
. Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry)
. Fixed bug #64660 (Segfault on memory exhaustion within function definition).
(Stas, reported by Juha Kylm«£nen)
- Calendar:
. Fixed bug #64895 (Integer overflow in SndToJewish). (Remi)
- Fileinfo:
. Fixed bug #64830 (mimetype detection segfaults on mp3 file). (Anatol)
- FPM:
. Ignore QUERY_STRING when sent in SCRIPT_FILENAME. (Remi)
. Fixed some possible memory or resource leaks and possible null dereference
detected by code coverity scan. (Remi)
. Log a warning when a syscall fails. (Remi)
. Add --with-fpm-systemd option to report health to systemd, and
systemd_interval option to configure this. The service can now use
Type=notify in the systemd unit file. (Remi)
- MySQLi
. Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB
pointer has closed). (Laruence)
- Phar
. Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, SMB or
with non std tmp dir). (Pierre)
- SNMP:
. Fixed bug #64765 (Some IPv6 addresses get interpreted wrong).
(Boris Lytochkin)
. Fixed bug #64159 (Truncated snmpget). (Boris Lytochkin)
- Streams:
. Fixed bug #64770 (stream_select() fails with pipes returned by proc_open()
on Windows x64). (Anatol)
- Zend Engine:
. Fixed bug #64821 (Custom Exceptions crash when internal properties
overridden). (Anatol)
09 May 2013, PHP 5.4.15
- Core:
. Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap:
segfault). (Laruence)
. Fixed bug #64458 (dns_get_record result with string of length -1). (Stas)
. Fixed bug #64433 (follow_location parameter of context is ignored for most
response codes). (Sergey Akbarov)
. Fixed bugs #47675 and #64577 (fd leak on Solaris)
- Fileinfo:
. Upgraded libmagic to 5.14. (Anatol)
- Zip:
. Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).
(Anatol)
- Streams:
. Fixed Windows x64 version of stream_socket_pair() and improved error
handling (Anatol Belski)
13 Sep 2012, PHP 5.4.7
- Core:
. Fixed bug (segfault while build with zts and GOTO vm-kind). (Laruence)
. Fixed bug #62955 (Only one directive is loaded from "Per Directory Values"
Windows registry). (Felipe)
. Fixed bug #62844 (parse_url() does not recognize //). (Andrew Faulds).
. Fixed bug #62829 (stdint.h included on platform where HAVE_STDINT_H is not
set). (Felipe)
. Fixed bug #62763 (register_shutdown_function and extending class).
(Laruence)
. Fixed bug #62725 (Calling exit() in a shutdown function does not return
the exit value). (Laruence)
. Fixed bug #62744 (dangling pointers made by zend_disable_class). (Laruence)
. Fixed bug #62716 (munmap() is called with the incorrect length).
(slangley@google.com)
. Fixed bug #62358 (Segfault when using traits a lot). (Laruence)
. Fixed bug #62328 (implementing __toString and a cast to string fails)
(Laruence)
. Fixed bug #51363 (Fatal error raised by var_export() not caught by error
handler). (Lonny Kapelushnik)
. Fixed bug #40459 (Stat and Dir stream wrapper methods do not call
constructor). (Stas)
- CURL:
. Fixed bug #62912 (CURLINFO_PRIMARY_* AND CURLINFO_LOCAL_* not exposed).
(Pierrick)
. Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE). (Pierrick)
- DateTime:
. Fixed bug #62852 (Unserialize invalid DateTime causes crash).
(reeze.xia@gmail.com)
- Intl:
. Fixed Spoofchecker not being registered on ICU 49.1. (Gustavo)
. Fix bug #62933 (ext/intl compilation error on icu 3.4.1). (Gustavo)
. Fix bug #62915 (defective cloning in several intl classes). (Gustavo)
- Installation:
. Fixed bug #62460 (php binaries installed as binary.dSYM). (Reeze Xia)
- PCRE:
. Fixed bug #55856 (preg_replace should fail on trailing garbage).
(reg dot php at alf dot nu)
- PDO:
. Fixed bug #62685 (Wrong return datatype in PDO::inTransaction()). (Laruence)
- Reflection:
. Fixed bug #62892 (ReflectionClass::getTraitAliases crashes on importing
trait methods as private). (Felipe)
. Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong
result). (Laruence)
- Session:
. Fixed bug (segfault due to retval is not initialized). (Laruence)
. Fixed bug (segfault due to PS(mod_user_implemented) not be reseted
when close handler call exit). (Laruence)
- SPL:
. Fixed bug #62904 (Crash when cloning an object which inherits SplFixedArray)
(Laruence)
. Implemented FR #62840 (Add sort flag to ArrayObject::ksort). (Laruence)
- Standard:
. Fixed bug #62836 (Seg fault or broken object references on unserialize()).
(Laruence)
- FPM:
. Merged PR 121 by minitux to add support for slow request counting on PHP
FPM status page. (Lars)
19-July-2012
o Core
* Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)
* Fixed bug #62432 (ReflectionMethod random corrupt memory on high
concurrent)
* Fixed bug #62373 (serialize() generates wrong reference to the
object).
* Fixed bug #62357 (compile failure: (S) Arguments missing for
built-in function __memcmp)
* Fixed bug #61998 (Using traits with method aliases appears to result
in crash during execution)
* Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value
that includes a semi-colon)
* Fixed potential overflow in _php_stream_scandir (CVE-2012-2688)
o EXIF
* Fixed information leak in ext exi
o FPM
* Fixed bug #62205 (php-fpm segfaults (null passed to strstr)
* Fixed bug #62160 (Add process.priority to set nice(2) priorities)
* Fixed bug #62153 (when using unix sockets, multiples FPM instances)
* Fixed bug #62033 (php-fpm exits with status 0 on some failures to
start)
* Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm)
* Fixed bug #61835 (php-fpm is not allowed to run as root)
* Fixed bug #61295 (php-fpm should not fail with commented 'user'
* Fixed bug #61218 (FPM drops connection while receiving some binary
values in FastCGI requests)
* Fixed bug #61045 (fpm don't send error log to fastcgi clients).
(fat) for non-root start)
* Fixed bug #61026 (FPM pools can listen on the same address).
(fat) can be launched without errors)
o Iconv
* Fixed bug #55042 (Erealloc in iconv.c unsafe)
o Intl
* Fixed bug #62083 (grapheme_extract() memory leaks)
* Fixed bug #62081 (IntlDateFormatter constructor leaks memory when
called twice)
* Fixed bug #62070 (Collator::getSortKey() returns garbage)
* Fixed bug #62017 (datefmt_create with incorrectly encoded timezone
leaks pattern)
* Fixed bug #60785 (memory leak in IntlDateFormatter constructor)
* ResourceBundle constructor now accepts NULL for the first two arguments
o JSON
* Fixed bug #61359 (json_encode() calls too many reallocs)
o libxml
* Fixed bug #62266 (Custom extension segfaults during xmlParseFile
with FPM SAPI)
o Phar
* Fixed bug #62227 (Invalid phar stream path causes crash)
o Readline
* Fixed bug #62186 (readline fails to compile - void function should
not return a value)
o Reflection
* Fixed bug #62384 (Attempting to invoke a Closure more than once
causes segfault)
* Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory
leaks with constant)
o Sockets
* Fixed bug #62025 (__ss_family was changed on AIX 5.3)
o SPL
* Fixed bug #62433 (Inconsistent behavior of
RecursiveDirectoryIterator to dot files)
* Fixed bug #62262 (RecursiveArrayIterator does not implement
Countable)
o XML Writer
* Fixed bug #62064 (memory leak in the XML Writer module)
o Zip
* Upgraded libzip to 0.10.
{
