JARVIS
Die Entwickler der Skriptsprache PHP haben für alle die aktuellen Zweige 5.6.x, 7.0.x, 7.1.x und 7.2.x Updates bereit gestellt. Hintergrund sind mehere Sicherheitslücken, die mit diesen Patchen geschlossen werden.
PHP 5.6.33 Release Notes
- GD:
- Fixed bug #75571 (Potential infinite loop in gdImageCreateFromGifCtx).
- Phar:
- Fixed bug #74782 (Reflected XSS in .phar 404 page).
PHP 7.0.27 Release Notes
- CLI Server:
- Fixed bug #60471 (Random “Invalid request (unexpected EOF)” using a router script).
- Core:
- FPM:
- Fixed bug #64938 (libxml_disable_entity_loader setting is shared between requests).
- GD:
- Fixed bug #75571 (Potential infinite loop in gdImageCreateFromGifCtx).
- Opcache:
- Fixed bug #75579 (Interned strings buffer overflow may cause crash).
- PCRE:
- Fixed bug #74183 (preg_last_error not returning error code after error).
- Phar:
- Fixed bug #74782 (Reflected XSS in .phar 404 page).
- Standard:
- Zip:
- Fixed bug #75540 (Segfault with libzip 1.3.1).
PHP 7.1.13 Release Notes
- Core:
- CLI Server:
- FPM:
- Fixed bug #64938 (libxml_disable_entity_loader setting is shared between requests).
- GD:
- Fixed bug #75571 (Potential infinite loop in gdImageCreateFromGifCtx).
- Opcache:
- PCRE:
- Fixed bug #74183 (preg_last_error not returning error code after error).
- Phar:
- Fixed bug #74782 (remove file name from output to avoid XSS).
- Standard:
- Fixed bug #75511 (fread not free unused buffer).
- Fixed bug #75514 (mt_rand returns value outside [$min,$max]+ on 32-bit) (Remi)
- Fixed bug #75535 (Inappropriately parsing HTTP response leads to PHP segment fault).
- Fixed bug #75409 (accept EFAULT in addition to ENOSYS as indicator that getrandom() is missing).
- Fixed bug #73124 (php_ini_scanned_files() not reporting correctly).
- Fixed bug #75574 (putenv does not work properly if parameter contains non-ASCII unicode character).
- Zip:
- Fixed bug #75540 (Segfault with libzip 1.3.1).
PHP 7.2.1 Release Notes
- Core:
- Fixed bug #75573 (Segmentation fault in 7.1.12 and 7.0.26).
- Fixed bug #75384 (PHP seems incompatible with OneDrive files on demand).
- Fixed bug #75525 (Access Violation in vcruntime140.dll).
- Fixed bug #74862 (Unable to clone instance when private __clone defined).
- Fixed bug #75074 (php-process crash when is_file() is used with strings longer 260 chars).
- CLI server:
- Fixed bug #73830 (Directory does not exist).
- FPM:
- Fixed bug #64938 (libxml_disable_entity_loader setting is shared between requests).
- GD:
- Fixed bug #75571 (Potential infinite loop in gdImageCreateFromGifCtx).
- Opcache:
- PCRE:
- Fixed bug #74183 (preg_last_error not returning error code after error).
- Phar:
- Fixed bug #74782 (remove file name from output to avoid XSS).
- Standard:
- Fixed bug #75511 (fread not free unused buffer).
- Fixed bug #75514 (mt_rand returns value outside [$min,$max]+ on 32-bit) (Remi)
- Fixed bug #75535 (Inappropriately parsing HTTP response leads to PHP segment fault).
- Fixed bug #75409 (accept EFAULT in addition to ENOSYS as indicator that getrandom() is missing).
- Fixed bug #73124 (php_ini_scanned_files() not reporting correctly).
- Fixed bug #75574 (putenv does not work properly if parameter contains non-ASCII unicode character).
- Zip:
- Fixed bug #75540 (Segfault with libzip 1.3.1).
Interessiert in verschiedenste IT Themen, schreibe ich in diesem Blog über Software, Hardware, Smart Home, Games und vieles mehr. Ich berichte z.B. über die Installation und Konfiguration von Software als auch von Problemen mit dieser. News sind ebenso spannend, sodass ich auch über Updates, Releases und Neuigkeiten aus der IT berichte. Letztendlich nutze ich Taste-of-IT als eigene Dokumentation und Anlaufstelle bei wiederkehrenden Themen. Ich hoffe ich kann dich ebenso informieren und bei Problemen eine schnelle Lösung anbieten. Wer meinen Aufwand unterstützen möchte, kann gerne eine Tasse oder Pod Kaffe per PayPal spenden – vielen Dank.