PHP 8.1.3 8.0.16 7.4.28 Security Release

PHP Logo
PHP Logo

Das PHP-Entwicklerteam hat die PHP Versionen 8.1.3, 8.0.16 und 7.4.28 veröffentlicht. Dies sind Security Updates, die umgehend installiert werden sollten.

PHP 8.1.3 Release Notes

  • Core:
    • Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
    • Fixed bug #7896 (Environment vars may be mangled on Windows).
    • Fixed bug #7883 (Segfault when INI file is not readable).
  • FFI:
    • Fixed bug #7867 (FFI::cast() from pointer to array is broken).
  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints. (CVE-2021-21708)
  • FPM:
    • Fixed memory leak on invalid port.
    • Fixed bug #7842 (Invalid OpenMetrics response format returned by FPM status page.
  • MBString:
    • Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
  • MySQLnd:
    • Fixed bug #7972 (MariaDB version prefix 5.5.5- is not stripped).
  • pcntl:
    • Fixed pcntl_rfork build for DragonFlyBSD.
  • Sockets:
    • Fixed bug #7978 (sockets extension compilation errors).
  • Standard:
    • Fixed bug #7899 (Regression in unpack for negative int value).
    • Fixed bug #7875 (mails are sent even if failure to log throws exception).

PHP 8.0.16 Release Notes

  • Core:
    • Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
    • Fixed bug #7896 (Environment vars may be mangled on Windows).
  • FFI:
    • Fixed bug #7867 (FFI::cast() from pointer to array is broken).
  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints.
  • FPM:
    • Fixed memory leak on invalid port.
  • MBString:
    • Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
  • MySQLnd:
    • Fixed bug #7972 (MariaDB version prefix 5.5.5- is not stripped).
  • Sockets:
    • Fixed ext/sockets build on Haiku.
    • Fixed bug #7978 (sockets extension compilation errors).
  • Standard:
    • Fixed bug #7875 (mails are sent even if failure to log throws exception).

PHP 7.4.28 Release Notes

  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints (CVE-2021-21708)

Quelle: PHP: Hypertext Preprocessor

Ersten Kommentar schreiben

Antworten

Deine E-Mail-Adresse wird nicht veröffentlicht.


*


Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.