Die Entwickler von PHP haben die Sicherheits und Bugfix Releases 8.0.13, 7.4.26 und 7.3.33 veröffentlicht. PHP 8.0.13 behebt 8, PHP 7.4.26 behebt 7 und PHP 7.3.33 behebt 1 Fehler.
PHP 8.0.13 Release Notes
- Core:
- Fixed bug #81518 (Header injection via default_mimetype / default_charset).
- Date:
- Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2).
- DBA:
- Fixed bug #81588 (TokyoCabinet driver leaks memory).
- MBString:
- Fixed bug #76167 (mbstring may use pointer from some previous request).
- Opcache:
- Fixed bug #81512 (Unexpected behavior with arrays and JIT).
- PCRE:
- Fixed bug #81424 (PCRE2 10.35 JIT performance regression).
- XML:
- Fixed bug #79971 (special character is breaking the path in xml function). (CVE-2021-21707)
- XMLReader:
- Fixed bug #81521 (XMLReader::getParserProperty may throw with a valid property).
PHP 7.4.26 Release Notes
- Core:
- Fixed bug #81518 (Header injection via default_mimetype / default_charset).
- Date:
- Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2).
- MBString:
- Fixed bug #76167 (mbstring may use pointer from some previous request).
- MySQLi:
- Fixed bug #81494 (Stopped unbuffered query does not throw error).
- PCRE:
- Fixed bug #81424 (PCRE2 10.35 JIT performance regression).
- Streams:
- Fixed bug #54340 (Memory corruption with user_filter).
- XML:
- Fixed bug #79971 (special character is breaking the path in xml function). (CVE-2021-21707)
PHP 7.3.33 Release Notes
- XML:
- Fixed bug #79971 (special character is breaking the path in xml function). (CVE-2021-21707)
Quelle: PHP: Hypertext Preprocessor
Antworten