JARVIS
Die Entwickler der Skriptsprache PHP, haben heute Updates für die aktuellen Zweige 7.4, 7.3 und 7.2 veröffentlicht. Diese beheben Sicherheitsprobleme und entfernt diverse Fehler.
PHP 7.4.1 Release Notes
- Bcmath:
- Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046).
- Core:
- Fixed bug #78862 (link() silently truncates after a null byte on Windows). (CVE-2019-11044).
- Fixed bug #78863 (DirectoryIterator class silently truncates after a null byte). (CVE-2019-11045).
- Fixed bug #78943 (mail() may release string with refcount==1 twice). (CVE-2019-11049).
- Fixed bug #78810 (RW fetches do not throw “uninitialized property” exception).
- Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value).
- Fixed bug #78296 (is_file fails to detect file).
- Fixed bug #78883 (fgets(STDIN) fails on Windows).
- Fixed bug #78898 (call_user_func([‘parent’, …]) fails while other succeed).
- Fixed bug #78904 (Uninitialized property triggers __get()).
- Fixed bug #78926 (Segmentation fault on Symfony cache:clear).
- GD:
- EXIF:
- FPM:
- Intl:
- Implemented FR #78912 (INTL Support for accounting format).
- Mysqlnd:
- Fixed bug #78823 (ZLIB_LIBS not added to EXTRA_LIBS).
- OPcache:
- Fixed $x = (bool)$x; with opcache (should emit undeclared variable notice).
- Fixed bug #78935 (Preloading removes classes that have dependencies).
- PCRE:
- Fixed bug #78853 (preg_match() may return integer > 1).
- Reflection:
- Fixed bug #78895 (Reflection detects abstract non-static class as abstract static. IS_IMPLICIT_ABSTRACT is not longer used).
- Standard:
PHP 7.3.12 Release Notes
- Bcmath:
- Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046)
- Core:
- Fixed bug #78862 (link() silently truncates after a null byte on Windows). (CVE-2019-11044)
- Fixed bug #78863 (DirectoryIterator class silently truncates after a null byte). (CVE-2019-11045)
- Fixed bug #78943 (mail() may release string with refcount==1 twice). (CVE-2019-11049)
- Fixed bug #78787 (Segfault with trait overriding inherited private shadow property).
- Fixed bug #78868 (Calling __autoload() with incorrect EG(fake_scope) value).
- Fixed bug #78296 (is_file fails to detect file).
- EXIF:
- GD:
- Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW).
- MBString:
- Upgraded bundled Oniguruma to 6.9.4.
- OPcache:
- Fixed potential ASLR related invalid opline handler issues.
- Fixed $x = (bool)$x; with opcache (should emit undeclared variable notice).
- PCRE:
- Fixed bug #78853 (preg_match() may return integer > 1).
- Standard:
- Fixed bug #78759 (array_search in $GLOBALS).
- Fixed bug #77638 (var_export’ing certain class instances segfaults).
- Fixed bug #78840 (imploding $GLOBALS crashes).
- Fixed bug #78833 (Integer overflow in pack causes out-of-bound access).
- Fixed bug #78814 (strip_tags allows / in tag name => whitelist bypass).
PHP 7.2.26 Release Notes
- Bcmath:
- Fixed bug #78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046)
- Core:
- EXIF:
- GD:
- Fixed bug #78849 (GD build broken with -D SIGNED_COMPARE_SLOW).
- Intl:
- Fixed bug #78804 (Segmentation fault in Locale::filterMatches).
- OPcache:
- Fixed $x = (bool)$x; with opcache (should emit undeclared variable notice).
- Standard:
Quelle: https://www.php.net/
Interessiert in verschiedenste IT Themen, schreibe ich in diesem Blog über Software, Hardware, Smart Home, Games und vieles mehr. Ich berichte z.B. über die Installation und Konfiguration von Software als auch von Problemen mit dieser. News sind ebenso spannend, sodass ich auch über Updates, Releases und Neuigkeiten aus der IT berichte. Letztendlich nutze ich Taste-of-IT als eigene Dokumentation und Anlaufstelle bei wiederkehrenden Themen. Ich hoffe ich kann dich ebenso informieren und bei Problemen eine schnelle Lösung anbieten. Wer meinen Aufwand unterstützen möchte, kann gerne eine Tasse oder Pod Kaffe per PayPal spenden – vielen Dank.