PHP Securiy Release 7.4.28 – 8.0.16 – 8.1.3 – 8.0.17 – 8.1.4

PHP Logo
PHP Logo

Das Entwicklerteam von PHP, hat Update für die Hauptzweige7.4, 8.0 und 8.1 veröffentlicht. Alle Updates sind Security Releases und sollten umgehend installiert werden.

PHP 8.1.4 Release Notes

  • Core:
    • Fixed Haiku ZTS build.
    • Fixed bug #8059 arginfo not regenerated for extension.
    • Fixed bug #8083 Segfault when dumping uncalled fake closure with static variables.
    • Fixed bug #7958 (Nested CallbackFilterIterator is leaking memory).
    • Fixed bug #8074 (Wrong type inference of range() result).
    • Fixed bug #8140 (Wrong first class callable by name optimization).
    • Fixed bug #8082 (op_arrays with temporary run_time_cache leak memory when observed).
  • GD:
    • Fixed libpng warning when loading interlaced images.
  • FPM:
    • Fixed bug #76109 (Unsafe access to fpm scoreboard).
  • Iconv:
    • Fixed bug #7953 (ob_clean() only does not set Content-Encoding).
    • Fixed bug #7980 (Unexpected result for iconv_mime_decode).
  • MBString:
    • Fixed bug #8128 (mb_check_encoding wrong result for 7bit).
  • MySQLnd:
    • Fixed bug #8058 (NULL pointer dereference in mysqlnd package).
  • Reflection:
    • Fixed bug #8080 (ReflectionClass::getConstants() depends on def. order).
  • Zlib:
    • Fixed bug #7953 (ob_clean() only does not set Content-Encoding).

PHP 8.1.3 Release Notes

  • Core:
    • Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
    • Fixed bug #7896 (Environment vars may be mangled on Windows).
    • Fixed bug #7883 (Segfault when INI file is not readable).
  • FFI:
    • Fixed bug #7867 (FFI::cast() from pointer to array is broken).
  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints. (CVE-2021-21708)
  • FPM:
    • Fixed memory leak on invalid port.
    • Fixed bug #7842 (Invalid OpenMetrics response format returned by FPM status page.
  • MBString:
    • Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
  • MySQLnd:
    • Fixed bug #7972 (MariaDB version prefix 5.5.5- is not stripped).
  • pcntl:
    • Fixed pcntl_rfork build for DragonFlyBSD.
  • Sockets:
    • Fixed bug #7978 (sockets extension compilation errors).
  • Standard:
    • Fixed bug #7899 (Regression in unpack for negative int value).
    • Fixed bug #7875 (mails are sent even if failure to log throws exception).

PHP 8.0.17 Release Notes

  • Core:
    • Fixed Haiku ZTS build.
  • GD:
    • Fixed libpng warning when loading interlaced images.
  • FPM:
    • Fixed bug #76109 (Unsafe access to fpm scoreboard).
  • Iconv:
    • Fixed bug #7953 (ob_clean() only does not set Content-Encoding).
    • Fixed bug #7980 (Unexpected result for iconv_mime_decode).
  • MySQLnd:
    • Fixed bug #8058 (NULL pointer dereference in mysqlnd package).
  • OPcache:
    • Fixed bug #8074 (Wrong type inference of range() result).
  • Reflection:
    • Fixed bug #8080 (ReflectionClass::getConstants() depends on def. order).
  • Zlib:
    • Fixed bug #7953 (ob_clean() only does not set Content-Encoding).

PHP 8.0.16 Release Notes

  • Core:
    • Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
    • Fixed bug #7896 (Environment vars may be mangled on Windows).
  • FFI:
    • Fixed bug #7867 (FFI::cast() from pointer to array is broken).
  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints.
  • FPM:
    • Fixed memory leak on invalid port.
  • MBString:
    • Fixed bug #7902 (mb_send_mail may delimit headers with LF only).
  • MySQLnd:
    • Fixed bug #7972 (MariaDB version prefix 5.5.5- is not stripped).
  • Sockets:
    • Fixed ext/sockets build on Haiku.
    • Fixed bug #7978 (sockets extension compilation errors).
  • Standard:
    • Fixed bug #7875 (mails are sent even if failure to log throws exception).

PHP 7.4.28 Release Notes

  • Filter:
    • Fix #81708: UAF due to php_filter_float() failing for ints (CVE-2021-21708)

Quelle: https://www.php.net/

Ersten Kommentar schreiben

Antworten

Deine E-Mail-Adresse wird nicht veröffentlicht.


*


Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.