PHP Bugfix und Security Release – 7.2.3 – 7.1.15 – 7.0.28 – 5.6.34

Die Skriptsprache PHP erhielt vor wenigen Tagen ein Bugfix und Security Update. In den aktuell supporteten Versionen 7.2.3, 7.1.15, 7.0.28 und 5.6.34 wurde jeweils ein Sicherheitsproblem geschlossen und diverse Bugs korrigiert. Das Sicherheitsupdate betrifft in allen Versionen:

  • Fixed bug #75981 (stack-buffer-overflow while parsing HTTP response).

PHP 7.2.3 Release Notes

  • Core:
    • Fixed bug #75864 (“stream_isatty” returns wrong value on s390x).
  • Apache2Handler:
    • Fixed bug #75882 (a simple way for segfaults in threadsafe php just with configuration).
  • Date:
    • Fixed bug #75857 (Timezone gets truncated when formatted).
    • Fixed bug #75928 (Argument 2 for `DateTimeZone::listIdentifiers()` should accept `null`).
    • Fixed bug #68406 (calling var_dump on a DateTimeZone object modifies it).
  • LDAP:
    • Fixed bug #49876 (Fix LDAP path lookup on 64-bit distros).
  • libxml2:
    • Fixed bug #75871 (use pkg-config where available).
  • PGSQL:
    • Fixed bug #75838 (Memory leak in pg_escape_bytea()).
  • Phar:
    • Fixed bug #54289 (Phar::extractTo() does not accept specific directories to be extracted).
    • Fixed bug #65414 (deal with leading slash while adding files correctly).
    • Fixed bug #65414 (deal with leading slash when adding files correctly).
  • ODBC:
    • Fixed bug #73725 (Unable to retrieve value of varchar(max) type).
  • Opcache:
    • Fixed bug #75729 (opcache segfault when installing Bitrix).
    • Fixed bug #75893 (file_get_contents $http_response_header variable bugged with opcache).
    • Fixed bug #75938 (Modulus value not stored in variable).
  • SPL:
    • Fixed bug #74519 (strange behavior of AppendIterator).
  • Standard:
    • Fixed bug #75916 (DNS_CAA record results contain garbage).
    • Fixed bug #75981 (Prevent reading beyond buffer start in http wrapper).

PHP 7.1.15 Release Notes

  • Apache2Handler:
    • Fixed bug #75882 (a simple way for segfaults in threadsafe php just with configuration).
  • Date:
    • Fixed bug #75857 (Timezone gets truncated when formatted).
    • Fixed bug #75928 (Argument 2 for `DateTimeZone::listIdentifiers()` should accept `null`).
    • Fixed bug #68406 (calling var_dump on a DateTimeZone object modifies it).
  • PGSQL:
    • Fixed #75838 (Memory leak in pg_escape_bytea()).
  • ODBC:
    • Fixed bug #73725 (Unable to retrieve value of varchar(max) type).
  • LDAP:
    • Fixed bug #49876 (Fix LDAP path lookup on 64-bit distros).
  • libxml2:
    • Fixed bug #75871 (use pkg-config where available).
  • Phar:
    • Fixed bug #65414 (deal with leading slash when adding files correctly).
  • SPL:
    • Fixed bug #74519 (strange behavior of AppendIterator).
  • Standard:
    • Fixed bug #75916 (DNS_CAA record results contain garbage).
    • Fixed bug #75981 (stack-buffer-overflow while parsing HTTP response).

PHP 7.0.28 Release Notes

  • Standard:
    • Fixed bug #75981 (stack-buffer-overflow while parsing HTTP response).

PHP 5.6.34 Release Notes

  • Standard:
    • Fixed bug #75981 (stack-buffer-overflow while parsing HTTP response).

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

This site uses Akismet to reduce spam. Learn how your comment data is processed.