PHP Logo

PHP – Version 7.0.12 veröffentlicht

von

Die Entwickler der Open-Source Skriptsprache PHP, haben die neuste Version 7.0.12 am 13.10.2016 veröffentlicht. Diese behebt ca. 52 Fehler und steht ab sofort zur Installation bereit.

PHP Version 7.0.12 Release Notes

  • Core:
    • Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c).
    • Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by password_verify).
    • Fixed bug #73058 (crypt broken when salt is ‘too’ long).
    • Fixed bug #69579 (Invalid free in extension trait).
    • Fixed bug #73156 (segfault on undefined function).
    • Fixed bug #73163 (PHP hangs if error handler throws while accessing undef const in default value).
    • Fixed bug #73172 (parse error: Invalid numeric literal).
    • Fixed bug #73240 (Write out of bounds at number_format).
    • Fixed bug #73147 (Use After Free in PHP7 unserialize()).
    • Fixed bug #73189 (Memcpy negative size parameter php_resolve_path).
  • BCmath:
    • Fixed bug #73190 (memcpy negative parameter _bc_new_num_ex).
  • COM:
    • Fixed bug #73126 (Cannot pass parameter 1 by reference).
  • Date:
    • Fixed bug #73091 (Unserializing DateInterval object may lead to __toString invocation).
  • DOM:
    • Fixed bug #73150 (missing NULL check in dom_document_save_html).
  • Filter:
    • Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and FILTER_FLAG_NO_PRIV_RANGE).
    • Fixed bug #73054 (default option ignored when object passed to int filter).
  • GD:
    • Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
    • Fixed bug #50194 (imagettftext broken on transparent background w/o alphablending).
    • Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c).
    • Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
    • Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given).
    • Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries).
    • Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted files).
    • Fixed bug #73161 (imagecreatefromgd2() may leak memory).
  • Intl:
    • Fixed bug #73218 (add mitigation for ICU int overflow).
  • Mbstring:
    • Fixed bug #66797 (mb_substr only takes 32-bit signed integer).
    • Fixed bug #66964 (mb_convert_variables() cannot detect recursion).
    • Fixed bug #72992 (mbstring.internal_encoding doesn’t inherit default_charset).
  • Mysqlnd:
    • Fixed bug #72489 (PHP Crashes When Modifying Array Containing MySQLi Result Data).
  • Opcache:
    • Fixed bug #72982 (Memory leak in zend_accel_blacklist_update_regexp() function).
  • OpenSSL:
    • Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
    • Fixed bug #73276 (crash in openssl_random_pseudo_bytes function).
    • Fixed bug #73275 (crash in openssl_encrypt function).
  • PCRE:
    • Fixed bug #73121 (Bundled PCRE doesn’t compile because JIT isn’t supported on s390).
    • Fixed bug #73174 (heap overflow in php_pcre_replace_impl).
  • PDO_DBlib:
    • Fixed bug #72414 (Never quote values as raw binary data).
    • Allow \PDO::setAttribute() to set query timeouts.
    • Handle SQLDECIMAL/SQLNUMERIC types, which are used by later TDS versions.
    • Add common PDO test suite.
    • Free error and message strings when cleaning up PDO instances.
    • Fixed bug #67130 (\PDOStatement::nextRowset() should succeed when all rows in current rowset haven’t been fetched).
    • Ignore potentially misleading dberr values.
  • phpdbg:
    • Fixed bug #72996 (phpdbg_prompt.c undefined reference to DL_LOAD).
    • Fixed next command not stopping when leaving function.
  • Session:
    • Fixed bug #68015 (Session does not report invalid uid for files save handler).
    • Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
  • SimpleXML:
    • Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()).
  • SOAP:
    • Fixed bug #71711 (Soap Server Member variables reference bug).
    • Fixed bug #71996 (Using references in arrays doesn’t work like expected).
  • SPL:
    • Fixed bug #73257, Fixed bug #73258 (SplObjectStorage unserialize allows use of non-object as key).
  • SQLite3:
    • Updated bundled SQLite3 to 3.14.2.
  • Zip:
    • Fixed bug #70752 (Depacking with wrong password leaves 0 length files).

Quelle: https://secure.php.net/ChangeLog-7.php#7.0.12

Schreibe einen Kommentar

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.