PHP Securiy Release 7.4.28 – 8.0.16 – 8.1.3 – 8.0.17 – 8.1.4

PHP Logo

Das Entwicklerteam von PHP, hat Update für die Hauptzweige7.4, 8.0 und 8.1 veröffentlicht. Alle Updates sind Security Releases und sollten umgehend installiert werden.

PHP 8.1.4 Release Notes

  • Core:
    • Fixed Haiku ZTS build.
    • Fixed bug #8059 arginfo not regenerated for extension.
    • Fixed bug #8083 Segfault when dumping uncalled fake closure with static variables.
    • Fixed bug #7958 (Nested CallbackFilterIterator is leaking memory).
    • Fixed bug #8074 (Wrong type inference of range() result).
    • Fixed bug #8140 (Wrong first class callable by name optimization).
    • Fixed bug #8082 (op_arrays with temporary run_time_cache leak memory when observed).
  • GD:
    • Fixed libpng warning when loading interlaced images.
  • FPM:
    • Fixed bug #76109 (Unsafe access to fpm scoreboard).
  • Iconv:
    • Fixed bug #7953 (ob_clean() only does not set Content-Encoding).
    • Fixed bug #7980 (Unexpected result for iconv_mime_decode).
  • MBString:
    • Fixed bug #8128 (mb_check_encoding wrong result for 7bit).
  • MySQLnd:
    • Fixed bug #8058 (NULL pointer dereference in mysqlnd package).
  • Reflection:
    • Fixed bug #8080 (ReflectionClass::getConstants() depends on def. order).
  • Zlib:
    • Fixed bug #7953 (ob_clean() only does not set Content-Encoding).

PHP 8.1.3 Release Notes

  • Core:
    • Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
    • Fixed bug #7896 (Environment vars may be mangled on Windows).
    • Fixed bug #7883 (Segfault when INI file is not readable).
  • FFI:
    • Fixed bug #7867 (FFI::cast() from pointer to array is broken).
  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints. (CVE-2021-21708)
  • FPM:
    • Fixed memory leak on invalid port.
    • Fixed bug #7842 (Invalid OpenMetrics response format returned by FPM status page.
  • MBString:
    • Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
  • MySQLnd:
    • Fixed bug #7972 (MariaDB version prefix 5.5.5- is not stripped).
  • pcntl:
    • Fixed pcntl_rfork build for DragonFlyBSD.
  • Sockets:
    • Fixed bug #7978 (sockets extension compilation errors).
  • Standard:
    • Fixed bug #7899 (Regression in unpack for negative int value).
    • Fixed bug #7875 (mails are sent even if failure to log throws exception).

PHP 8.0.17 Release Notes

  • Core:
    • Fixed Haiku ZTS build.
  • GD:
    • Fixed libpng warning when loading interlaced images.
  • FPM:
    • Fixed bug #76109 (Unsafe access to fpm scoreboard).
  • Iconv:
    • Fixed bug #7953 (ob_clean() only does not set Content-Encoding).
    • Fixed bug #7980 (Unexpected result for iconv_mime_decode).
  • MySQLnd:
    • Fixed bug #8058 (NULL pointer dereference in mysqlnd package).
  • OPcache:
    • Fixed bug #8074 (Wrong type inference of range() result).
  • Reflection:
    • Fixed bug #8080 (ReflectionClass::getConstants() depends on def. order).
  • Zlib:
    • Fixed bug #7953 (ob_clean() only does not set Content-Encoding).

PHP 8.0.16 Release Notes

  • Core:
    • Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
    • Fixed bug #7896 (Environment vars may be mangled on Windows).
  • FFI:
    • Fixed bug #7867 (FFI::cast() from pointer to array is broken).
  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints.
  • FPM:
    • Fixed memory leak on invalid port.
  • MBString:
    • Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
  • MySQLnd:
    • Fixed bug #7972 (MariaDB version prefix 5.5.5- is not stripped).
  • Sockets:
    • Fixed ext/sockets build on Haiku.
    • Fixed bug #7978 (sockets extension compilation errors).
  • Standard:
    • Fixed bug #7875 (mails are sent even if failure to log throws exception).

PHP 7.4.28 Release Notes

  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints (CVE-2021-21708)

Quelle: https://www.php.net/

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht.