PHP 7.3.31 7.4.24 und 8.0.11 Security Release

Vor wenigen Tagen wurde das Security und Bugfix Update für PHP 7.3.31, 7.4.24 und 8.0.11 veröffentlicht.

PHP 8.0.11 Release Notes

  • Core:
    • Fixed bug #81302 (Stream position after stream filter removed).
    • Fixed bug #81346 (Non-seekable streams don’t update position after write).
    • Fixed bug #73122 (Integer Overflow when concatenating strings).
  • GD:
    • Fixed bug #53580 (During resize gdImageCopyResampled cause colors change).
  • Opcache:
    • Fixed bug #81353 (segfault with preloading and statically bound closure).
  • Shmop:
    • Fixed bug #81407 (shmop_open won’t attach and causes php to crash).
  • Standard:
    • Fixed bug #71542 (disk_total_space does not work with relative paths).
    • Fixed bug #81400 (Unterminated string in dns_get_record() results).
  • SysVMsg:
    • Fixed bug #78819 (Heap Overflow in msg_send).
  • XML:
    • Fixed bug #81351 (xml_parse may fail, but has no error code).
  • Zip:
    • Fixed bug #80833 (ZipArchive::getStream doesn’t use setPassword).
    • Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination).

PHP 7.4.24 Release Notes

  • Core:
    • Fixed bug #81302 (Stream position after stream filter removed).
    • Fixed bug #81346 (Non-seekable streams don’t update position after write).
    • Fixed bug #73122 (Integer Overflow when concatenating strings).
  • GD:
    • Fixed bug #53580 (During resize gdImageCopyResampled cause colors change).
  • Opcache:
    • Fixed bug #81353 (segfault with preloading and statically bound closure).
  • Shmop:
    • Fixed bug #81407 (shmop_open won’t attach and causes php to crash).
  • Standard:
    • Fixed bug #71542 (disk_total_space does not work with relative paths).
    • Fixed bug #81400 (Unterminated string in dns_get_record() results).
  • SysVMsg:
    • Fixed bug #78819 (Heap Overflow in msg_send).
  • XML:
    • Fixed bug #81351 (xml_parse may fail, but has no error code).
  • Zip:
    • Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination). (CVE-2021-21706)

PHP 7.3.31 Release Notes

  • Zip:
    • Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination). (CVE-2021-21706)

Quelle: PHP: Hypertext Preprocessor

Schreibe einen Kommentar

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.