Menü Schließen

PHP 7.4.32 – 8.0.24 – 8.1.11 Security und Bugfix Release

PHP Logo

Die Entwickler von PHP, haben vor wenigen Tagen die Security und Bugfix Release der PHP Versionen 8.1.11, 8.0.24 und 7.4.32 veröffentlicht.

PHP 8.1.11 Release Notes

  • Core:
    • Fixed bug #81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628)
    • Fixed bug #81727: Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629)
    • Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling)
    • Fixed bug GH-9361 (Segmentation fault on script exit #9379).
    • Fixed bug GH-9447 (Invalid class FQN emitted by AST dump for new and class constants in constant expressions).
  • DOM:
    • Fixed bug #79451 (DOMDocument->replaceChild on doctype causes double free).
  • FPM:
    • Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to error_log after daemon reload).
    • Fixed bug #77780 („Headers already sent…“ when previous connection was aborted).
  • GMP:
    • Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()).
  • Intl:
    • Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter).
  • PCRE:
    • Fixed pcre.jit on Apple Silicon.
  • PDO_PGSQL:
    • Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed).
  • Reflection:
    • Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure).
  • Streams:
    • Fixed bug GH-9316 ($http_response_header is wrong for long status line).

Quelle: PHP: PHP 8 ChangeLog

PHP 8.0.24 Release Notes

  • Core:
    • Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling)
    • Fixed bug GH-9361 (Segmentation fault on script exit #9379).
    • Fixed bug GH-9407 (LSP error in eval’d code refers to wrong class for static type).
    • Fixed bug #81727: Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629)
  • DOM:
    • Fixed bug #79451 (DOMDocument->replaceChild on doctype causes double free).
  • FPM:
    • Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to error_log after daemon reload).
    • Fixed bug #77780 („Headers already sent…“ when previous connection was aborted).
  • GMP:
    • Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()).
  • Intl:
    • Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter).
  • Phar:
    • Fixed bug #81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628)
  • PDO_PGSQL:
    • Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed).
  • Reflection:
    • Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure).
    • Fixed bug GH-9409 (Private method is incorrectly dumped as „overwrites“).
  • Streams:
    • Fixed bug GH-9316 ($http_response_header is wrong for long status line).

Quelle: PHP: PHP 8 ChangeLog

PHP 7.4.32 Release Notes

  • Core:
    • Fixed bug #81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628)
    • Fixed bug #81727: Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629)

Quelle: PHP: PHP 7 ChangeLog

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert