Menü Schließen

PHP 5.6.39 -7.0.33 – 7.1.25 und 7.2.13 als Security Release veröffentlicht

JARVIS 0 Kommentare
PHP Logo

Die Scriptsprache PHP wurde vor ein paar Tagen aktualisiert. Die Zweige 5.6, 7.0, 7.1 und 7.2 erhielten ein Sicherheitsupdate. Nachfolgend die Änderungen.

PHP 7.2.13 Release Notes

  • ftp:
    • Fixed bug #77151 (ftp_close(): SSL_read on shutdown).
  • CLI:
    • Fixed bug #77111 (php-win.exe corrupts unicode symbols from cli parameters).
  • Fileinfo:
    • Fixed bug #77095 (slowness regression in 7.2/7.3 (compared to 7.1)).
  • iconv:
    • Fixed bug #77147 (Fixing 60494 ignored ICONV_MIME_DECODE_CONTINUE_ON_ERROR).
  • Core:
    • Fixed bug #77231 (Segfault when using convert.quoted-printable-encode filter).
  • IMAP:
    • Fixed bug #77153 (imap_open allows to run arbitrary shell commands via mailbox parameter).
  • ODBC:
    • Fixed bug #77079 (odbc_fetch_object has incorrect type signature).
  • Opcache:
    • Fixed bug #77058 (Type inference in opcache causes side effects).
    • Fixed bug #77092 (array_diff_key() – segmentation fault).
  • Phar:
    • Fixed bug #77022 (PharData always creates new files with mode 0666).
    • Fixed bug #77143 (Heap Buffer Overflow (READ: 4) in phar_parse_pharfile).
  • PGSQL:
    • Fixed bug #77047 (pg_convert has a broken regex for the ‘TIME WITHOUT TIMEZONE’ data type).
  • SOAP:
    • Fixed bug #50675 (SoapClient can’t handle object references correctly).
    • Fixed bug #76348 (WSDL_CACHE_MEMORY causes Segmentation fault).
    • Fixed bug #77141 (Signedness issue in SOAP when precision=-1).
  • Sockets:
    • Fixed bug #67619 (Validate length on socket_write).

PHP 7.1.25 Release Notes

  • Core:
    • Fixed bug #71041 (zend_signal_startup() needs ZEND_API).
    • Fixed bug #77231 (Segfault when using convert.quoted-printable-encode filter).
  • ftp:
    • Fixed bug #77151 (ftp_close(): SSL_read on shutdown).
  • iconv:
    • Fixed bug #77147 (Fixing 60494 ignored ICONV_MIME_DECODE_CONTINUE_ON_ERROR).
  • IMAP:
    • Fixed bug #77153 (imap_open allows to run arbitrary shell commands via mailbox parameter).
  • ODBC:
    • Fixed bug #77079 (odbc_fetch_object has incorrect type signature).
  • Opcache:
    • Fixed bug #77058 (Type inference in opcache causes side effects).
  • Phar:
    • Fixed bug #77022 (PharData always creates new files with mode 0666).
    • Fixed bug #77143 (Heap Buffer Overflow (READ: 4) in phar_parse_pharfile).
  • PGSQL:
    • Fixed bug #77047 (pg_convert has a broken regex for the ‘TIME WITHOUT TIMEZONE’ data type).
  • SOAP:
    • Fixed bug #76348 (WSDL_CACHE_MEMORY causes Segmentation fault).
    • Fixed bug #77141 (Signedness issue in SOAP when precision=-1).
  • Sockets:
    • Fixed bug #67619 (Validate length on socket_write).

PHP 7.0.33 Release Notes

  • Core:
    • Fixed bug #77231 (Segfault when using convert.quoted-printable-encode filter).
  • IMAP:
    • Fixed bug #77020 (null pointer dereference in imap_mail).
    • Fixed bug #77153 (imap_open allows to run arbitrary shell commands via mailbox parameter).
  • Phar:
    • Fixed bug #77022 (PharData always creates new files with mode 0666).
    • Fixed bug #77143 (Heap Buffer Overflow (READ: 4) in phar_parse_pharfile).

PHP 5.6.39 Release Notes

  • Core:
    • Fixed bug #77231 (Segfault when using convert.quoted-printable-encode filter).
  • IMAP:
    • Fixed bug #77020 (null pointer dereference in imap_mail).
    • Fixed bug #77153 (imap_open allows to run arbitrary shell commands via mailbox parameter).
  • Phar:
    • Fixed bug #77022 (PharData always creates new files with mode 0666).
    • Fixed bug #77143 (Heap Buffer Overflow (READ: 4) in phar_parse_pharfile).


Verschlagwortet , , , , , , , ,

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert