
Vor wenigen Tagen wurden die PHP Releases 7.4.9, 7.3.21 und 7.2.33 veröffentlicht. Dies ist ein Security Release das umgehend installiert werden sollte.
PHP 7.4.9 Release Notes
- Apache:
- Fixed bug #79030 (Upgrade apache2handler’s php_apache_sapi_get_request_time to return usec).
- COM:
- Core:
- Fixed bug #79740 (serialize() and unserialize() methods can not be called statically).
- Fixed bug #79783 (Segfault in php_str_replace_common).
- Fixed bug #79778 (Assertion failure if dumping closure with unresolved static variable).
- Fixed bug #79779 (Assertion failure when assigning property of string offset by reference).
- Fixed bug #79792 (HT iterators not removed if empty array is destroyed).
- Fixed bug #78598 (Changing array during undef index RW error segfaults).
- Fixed bug #79784 (Use after free if changing array during undef var during array write fetch).
- Fixed bug #79793 (Use after free if string used in undefined index warning is changed).
- Fixed bug #79862 (Public non-static property in child should take priority over private static).
- Fixed bug #79877 (getimagesize function silently truncates after a null byte) (cmb)
- Fileinfo:
- Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)).
- FTP:
- Fixed bug #55857 (ftp_size on large files).
- Mbstring:
- Fixed bug #79787 (mb_strimwidth does not trim string).
- Phar:
- Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile function). (CVE-2020-7068)
- Reflection:
- Standard:
PHP 7.3.21 Release Notes
- Apache:
- Fixed bug #79030 (Upgrade apache2handler’s php_apache_sapi_get_request_time to return usec).
- Core:
- COM:
- Curl:
- Fixed bug #79741 (curl_setopt CURLOPT_POSTFIELDS asserts on object with declared properties).
- Fileinfo:
- Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)).
- FTP:
- Fixed bug #55857 (ftp_size on large files).
- Mbstring:
- Fixed bug #79787 (mb_strimwidth does not trim string).
- Phar:
- Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile function). (CVE-2020-7068)
- Standard: