PHP 5.5 已经准备就绪,你呢?
尽管官方尚未正式发布,但 PHP 5.5 正式版的源码已经提交到 Github 上。详细的改进记录请看NEWS
期待官方正式宣布的消息
https://github.com/php/php-src/blob/php-5.5.0/NEWS
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
20 Jun 2013, PHP 5.5.0
- Core:
. Added Zend Opcache extension and enable building it by default.
More details here: https://wiki.php.net/rfc/optimizerplus. (Dmitry)
. Added generators and coroutines (https://wiki.php.net/rfc/generators).
(Nikita Popov)
. Added "finally" keyword (https://wiki.php.net/rfc/finally). (Laruence)
. Added simplified password hashing API
(https://wiki.php.net/rfc/password_hash). (Anthony Ferrara)
. Added support for constant array/string dereferencing. (Laruence)
. Added array_column function which returns a column in a multidimensional
array. https://wiki.php.net/rfc/array_column. (Ben Ramsey)
. Added boolval(). (Jille Timmermans)
. Added "Z" option to pack/unpack. (Gustavo)
. Added Generator::throw() method. (Nikita Popov)
. Added Class Name Resolution As Scalar Via "class" Keyword.
(Ralph Schindler, Nikita Popov, Lars)
. Added optional second argument for assert() to specify custom message. Patch
by Lonny Kapelushnik (lonny@lonnylot.com). (Lars)
. Added support for using empty() on the result of function calls and
other expressions (https://wiki.php.net/rfc/empty_isset_exprs).
(Nikita Popov)
. Added support for non-scalar Iterator keys in foreach
(https://wiki.php.net/rfc/foreach-non-scalar-keys). (Nikita Popov)
. Added support for list in foreach (https://wiki.php.net/rfc/foreachlist).
(Laruence)
. Added support for changing the process's title in CLI/CLI-Server SAPIs.
The implementation is more robust that the proctitle PECL module. More
details here: https://wiki.php.net/rfc/cli_process_title. (Keyur)
. Added ARMv7/v8 versions of various Zend arithmetic functions that are
implemented using inline assembler (Ard Biesheuvel)
. Added systemtap support by enabling systemtap compatible dtrace probes on
linux. (David Soria Parra)
. Optimized access to temporary and compiled VM variables. 8% less memory
reads. (Dmitry)
. The VM stacks for passing function arguments and syntaticaly nested calls
were merged into a single stack. The stack size needed for op_array
execution is calculated at compile time and preallocated at once. As result
all the stack push operatins don't require checks for stack overflow
any more. (Dmitry)
. Improve set_exception_handler while doing reset. (Laruence)
. Return previous handler when passing NULL to set_error_handler and
set_exception_handler. (Nikita Popov)
. Remove php_logo_guid(), php_egg_logo_guid(), php_real_logo_guid(),
zend_logo_guid(). (Adnrew Faulds)
. Drop Windows XP and 2003 support. (Pierre)
. Implemented FR #64175 (Added HTTP codes as of RFC 6585). (Jonh Wendell)
. Implemented FR #60738 (Allow 'set_error_handler' to handle NULL).
(Laruence, Nikita Popov)
. Implemented FR #60524 (specify temp dir by php.ini). (ALeX Kazik).
. Implemented FR #46487 (Dereferencing process-handles no longer waits on
those processes). (Jille Timmermans)
. Fixed bug #65051 (count() off by one inside unset()). (Nikita)
. Fixed bug #64988 (Class loading order affects E_STRICT warning). (Laruence)
. Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). (Laruence)
. Fixed bug #64960 (Segfault in gc_zval_possible_root). (Laruence)
. Fixed bug #64936 (doc comments picked up from previous scanner run). (Stas,
Jonathan Oddy)
. Fixed bug #64934 (Apache2 TS crash with get_browser()). (Anatol)
. Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode,
CVE 2013-2110). (Stas)
. Fixed bug #64853 (Use of no longer available ini directives causes crash
on TS build). (Anatol)
. Fixed bug #64821 (Custom Exceptions crash when internal properties overridden).
(Anatol)
. Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry)
. Fixed bug #64677 (execution operator `` stealing surrounding arguments).
. Fixed bug #64660 (Segfault on memory exhaustion within function definition).
(Stas, reported by Juha Kylmänen)
. Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap:
segfault). (Laruence)
. Fixed bug #64565 (copy doesn't report failure on partial copy). (Remi)
. Fixed bug #64555 (foreach no longer copies keys if they are interned).
(Nikita Popov)
. Fixed bugs #47675 and #64577 (fd leak on Solaris)
. Fixed bug #64544 (Valgrind warnings after using putenv). (Laruence)
. Fixed bug #64515 (Memoryleak when using the same variablename 2times in
function declaration). (Laruence)
. Fixed bug #64503 (Compilation fails with error: conflicting types for
'zendparse'). (Laruence)
. Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or 5.4.11).
(Dmitry, Laruence)
. Fixed bug #64523, allow XOR in php.ini. (Dejan Marjanovic, Lars)
. Fixed bug #64354 (Unserialize array of objects whose class can't
be autoloaded fail). (Laruence)
. Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']).
(Anatol)
. Fixed bug #64166 (quoted-printable-encode stream filter incorrectly
discarding whitespace). (Michael M Slusarz)
(Laruence)
. Fixed bug #64142 (dval to lval different behavior on ppc64). (Remi)
. Fixed bug #64135 (Exceptions from set_error_handler are not always
propagated). (Laruence)
. Fixed bug #63980 (object members get trimmed by zero bytes). (Laruence)
. Fixed bug #63874 (Segfault if php_strip_whitespace has heredoc). (Pierrick)
. Fixed bug #63830 (Segfault on undefined function call in nested generator).
(Nikita Popov)
. Fixed bug #63822 (Crash when using closures with ArrayAccess).
(Nikita Popov)
. Fixed bug #61681 (Malformed grammar). (Nikita Popov, Etienne, Laruence)
. Fixed bug #61038 (unpack("a5", "str\0\0") does not work as expected).
(srgoogleguy, Gustavo)
. Fixed bug #61025 (__invoke() visibility not honored). (Laruence)
. Fixed bug #60833 (self, parent, static behave inconsistently
case-sensitive). (Stas, mario at include-once dot org)
. Fixed Bug #52126: timestamp for mail.log (Martin Jansen, Lars)
. Fixed bug #49348 (Uninitialized ++$foo->bar; does not cause a notice).
(Stas)
. Fixed Bug #23955: allow specifying Max-Age attribute in setcookie() (narfbg, Lars)
. Fixed bug #18556 (Engine uses locale rules to handle class names). (Stas)
. Fix undefined behavior when converting double variables to integers.
The double is now always rounded towards zero, the remainder of its division
by 2^32 or 2^64 (depending on sizeof(long)) is calculated and it's made
signed assuming a two's complement representation. (Gustavo)
. Drop support for bison < 2.4 when building PHP from GIT source.
(Laruence)
- Apache2 Handler SAPI:
. Enabled Apache 2.4 configure option for Windows (Pierre, Anatoliy)
- Calendar:
. Fixed bug #64895 (Integer overflow in SndToJewish). (Remi)
. Fixed bug #54254 (cal_from_jd returns month = 6 when there is only one Adar)
(Stas, Eitan Mosenkis)
- CLI server:
. Fixed bug #64128 (buit-in web server is broken on ppc64). (Remi)
- CURL:
. Remove curl stream wrappers. (Pierrick)
. Implemented FR #46439 - added CURLFile for safer file uploads.
(Stas)
. Added support for CURLOPT_FTP_RESPONSE_TIMEOUT, CURLOPT_APPEND,
CURLOPT_DIRLISTONLY, CURLOPT_NEW_DIRECTORY_PERMS, CURLOPT_NEW_FILE_PERMS,
CURLOPT_NETRC_FILE, CURLOPT_PREQUOTE, CURLOPT_KRBLEVEL, CURLOPT_MAXFILESIZE,
CURLOPT_FTP_ACCOUNT, CURLOPT_COOKIELIST, CURLOPT_IGNORE_CONTENT_LENGTH,
CURLOPT_CONNECT_ONLY, CURLOPT_LOCALPORT, CURLOPT_LOCALPORTRANGE,
CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_SSL_SESSIONID_CACHE,
CURLOPT_FTP_SSL_CCC, CURLOPT_HTTP_CONTENT_DECODING,
CURLOPT_HTTP_TRANSFER_DECODING, CURLOPT_PROXY_TRANSFER_MODE,
CURLOPT_ADDRESS_SCOPE, CURLOPT_CRLFILE, CURLOPT_ISSUERCERT,
CURLOPT_USERNAME, CURLOPT_PASSWORD, CURLOPT_PROXYUSERNAME,
CURLOPT_PROXYPASSWORD, CURLOPT_NOPROXY, CURLOPT_SOCKS5_GSSAPI_NEC,
CURLOPT_SOCKS5_GSSAPI_SERVICE, CURLOPT_TFTP_BLKSIZE,
CURLOPT_SSH_KNOWNHOSTS, CURLOPT_FTP_USE_PRET, CURLOPT_MAIL_FROM,
CURLOPT_MAIL_RCPT, CURLOPT_RTSP_CLIENT_CSEQ, CURLOPT_RTSP_SERVER_CSEQ,
CURLOPT_RTSP_SESSION_ID, CURLOPT_RTSP_STREAM_URI, CURLOPT_RTSP_TRANSPORT,
CURLOPT_RTSP_REQUEST, CURLOPT_RESOLVE, CURLOPT_ACCEPT_ENCODING,
CURLOPT_TRANSFER_ENCODING, CURLOPT_DNS_SERVERS and CURLOPT_USE_SSL.
(Pierrick)
. Fixed bug #55635 (CURLOPT_BINARYTRANSFER no longer used. The constant
still exists for backward compatibility but is doing nothing). (Pierrick)
. Fixed bug #54995 (Missing CURLINFO_RESPONSE_CODE support). (Pierrick)
- DateTime
. Added DateTimeImmutable - a variant of DateTime that only returns the
modified state instead of changing itself. (Derick)
. Added new functions curl_escape, curl_multi_setopt, curl_multi_strerror
curl_pause, curl_reset, curl_share_close, curl_share_init,
curl_share_setopt curl_strerror and curl_unescape. (Pierrick)
. Addes new curl options CURLOPT_TELNETOPTIONS, CURLOPT_GSSAPI_DELEGATION,
CURLOPT_ACCEPTTIMEOUT_MS, CURLOPT_SSL_OPTIONS, CURLOPT_TCP_KEEPALIVE,
CURLOPT_TCP_KEEPIDLE and CURLOPT_TCP_KEEPINTVL. (Pierrick)
. Fixed bug #64825 (Invalid free when unserializing DateTimeZone).
(Anatol)
. Fixed bug #64359 (strftime crash with VS2012). (Anatol)
. Fixed bug #62852 (Unserialize Invalid Date causes crash). (Anatol)
. Fixed bug #61642 (modify("+5 weekdays") returns Sunday).
(Dmitri Iouchtchenko)
. Fixed bug #60774 (DateInterval::format("%a") is always zero when an
interval is created using the createFromDateString method) (Lonny
Kapelushnik, Derick)
. Fixed bug #54567 (DateTimeZone serialize/unserialize) (Lonny
Kapelushnik, Derick)
. Fixed bug #53437 (Crash when using unserialized DatePeriod instance).
(Gustavo, Derick, Anatol)
- dba:
. Bug #62489: dba_insert not working as expected.
(marc-bennewitz at arcor dot de, Lars)
- Filter:
. Implemented FR #49180 - added MAC address validation. (Martin)
- Fileinfo:
. Upgraded libmagic to 5.14. (Anatol)
. Fixed bug #64830 (mimetype detection segfaults on mp3 file). (Anatol)
. Fixed bug #63590 (Different results in TS and NTS under Windows).
(Anatoliy)
. Fixed bug #63248 (Load multiple magic files from a directory under Windows).
(Anatoliy)
- FPM:
. Add --with-fpm-systemd option to report health to systemd, and
systemd_interval option to configure this. The service can now use
Type=notify in the systemd unit file. (Remi)
. Ignore QUERY_STRING when sent in SCRIPT_FILENAME. (Remi)
. Log a warning when a syscall fails. (Remi)
. Implemented FR #64764 (add support for FPM init.d script). (Lior Kaplan)
. Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi)
. Fixed bug #63999 (php with fpm fails to build on Solaris 10 or 11). (Adam)
. Fixed some possible memory or resource leaks and possible null dereference
detected by code coverity scan. (Remi)
- GD:
. Fixed Bug #64962 (imagerotate produces corrupted image). (Remi)
. Fixed Bug #64961 (segfault in imagesetinterpolation). (Remi)
. Fix build with system libgd >= 2.1 which is now the minimal
version required (as build with previous version is broken).
No change when bundled libgd is used. (Ondrej Sury, Remi)
- Hash:
. Added support for PBKDF2 via hash_pbkdf2(). (Anthony Ferrara)
. Fixed Bug #64745 (hash_pbkdf2() truncates data when using default length
and hex output). (Anthony Ferrara)
- Intl:
. Added UConverter wrapper.
. The intl extension now requires ICU 4.0+.
. Added intl.use_exceptions INI directive, which controls what happens when
global errors are set together with intl.error_level. (Gustavo)
. MessageFormatter::format() and related functions now accepted named
arguments and mixed numeric/named arguments in ICU 4.8+. (Gustavo)
. MessageFormatter::format() and related functions now don't error out when
an insufficient argument count is provided. Instead, the placeholders will
remain unsubstituted. (Gustavo)
. MessageFormatter::parse() and MessageFormat::format() (and their static
equivalents) don't throw away better than second precision in the arguments.
(Gustavo)
. IntlDateFormatter::__construct and datefmt_create() now accept for the
$timezone argument time zone identifiers, IntlTimeZone objects, DateTimeZone
objects and NULL. (Gustavo)
. IntlDateFormatter::__construct and datefmt_create() no longer accept invalid
timezone identifiers or empty strings. (Gustavo)
. The default time zone used in IntlDateFormatter::__construct and
datefmt_create() (when the corresponding argument is not passed or NULL is
passed) is now the one given by date_default_timezone_get(), not the
default ICU time zone. (Gustavo)
. The time zone passed to the IntlDateFormatter is ignored if it is NULL and
if the calendar passed is an IntlCalendar object -- in this case, the
IntlCalendar's time zone will be used instead. Otherwise, the time zone
specified in the $timezone argument is used instead. This does not affect
old code, as IntlCalendar was introduced in this version. (Gustavo)
. IntlDateFormatter::__construct and datefmt_create() now accept for the
$calendar argument also IntlCalendar objects. (Gustavo)
. IntlDateFormatter::getCalendar() and datefmt_get_calendar() return false
if the IntlDateFormatter was set up with an IntlCalendar instead of the
constants IntlDateFormatter::GREGORIAN/TRADITIONAL. IntlCalendar did not
exist before this version. (Gustavo)
. IntlDateFormatter::setCalendar() and datefmt_set_calendar() now also accept
an IntlCalendar object, in which case its time zone is taken. Passing a
constant is still allowed, and still keeps the time zone. (Gustavo)
. IntlDateFormatter::setTimeZoneID() and datefmt_set_timezone_id() are
deprecated. Use IntlDateFormatter::setTimeZone() or datefmt_set_timezone()
instead. (Gustavo)
. IntlDateFormatter::format() and datefmt_format() now also accept an
IntlCalendar object for formatting. (Gustavo)
. Added the classes: IntlCalendar, IntlGregorianCalendar, IntlTimeZone,
IntlBreakIterator, IntlRuleBasedBreakIterator and
IntlCodePointBreakIterator. (Gustavo)
. Added the functions: intlcal_get_keyword_values_for_locale(),
intlcal_get_now(), intlcal_get_available_locales(), intlcal_get(),
intlcal_get_time(), intlcal_set_time(), intlcal_add(),
intlcal_set_time_zone(), intlcal_after(), intlcal_before(), intlcal_set(),
intlcal_roll(), intlcal_clear(), intlcal_field_difference(),
intlcal_get_actual_maximum(), intlcal_get_actual_minimum(),
intlcal_get_day_of_week_type(), intlcal_get_first_day_of_week(),
intlcal_get_greatest_minimum(), intlcal_get_least_maximum(),
intlcal_get_locale(), intlcal_get_maximum(),
intlcal_get_minimal_days_in_first_week(), intlcal_get_minimum(),
intlcal_get_time_zone(), intlcal_get_type(),
intlcal_get_weekend_transition(), intlcal_in_daylight_time(),
intlcal_is_equivalent_to(), intlcal_is_lenient(), intlcal_is_set(),
intlcal_is_weekend(), intlcal_set_first_day_of_week(),
intlcal_set_lenient(), intlcal_equals(),
intlcal_get_repeated_wall_time_option(),
intlcal_get_skipped_wall_time_option(),
intlcal_set_repeated_wall_time_option(),
intlcal_set_skipped_wall_time_option(), intlcal_from_date_time(),
intlcal_to_date_time(), intlcal_get_error_code(),
intlcal_get_error_message(), intlgregcal_create_instance(),
intlgregcal_set_gregorian_change(), intlgregcal_get_gregorian_change() and
intlgregcal_is_leap_year(). (Gustavo)
. Added the functions: intltz_create_time_zone(), intltz_create_default(),
intltz_get_id(), intltz_get_gmt(), intltz_get_unknown(),
intltz_create_enumeration(), intltz_count_equivalent_ids(),
intltz_create_time_zone_id_enumeration(), intltz_get_canonical_id(),
intltz_get_region(), intltz_get_tz_data_version(),
intltz_get_equivalent_id(), intltz_use_daylight_time(), intltz_get_offset(),
intltz_get_raw_offset(), intltz_has_same_rules(), intltz_get_display_name(),
intltz_get_dst_savings(), intltz_from_date_time_zone(),
intltz_to_date_time_zone(), intltz_get_error_code(),
intltz_get_error_message(). (Gustavo)
. Added the methods: IntlDateFormatter::formatObject(),
IntlDateFormatter::getCalendarObject(), IntlDateFormatter::getTimeZone(),
IntlDateFormatter::setTimeZone(). (Gustavo)
. Added the functions: datefmt_format_object(), datefmt_get_calendar_object(),
datefmt_get_timezone(), datefmt_set_timezone(),
datefmt_get_calendar_object(), intlcal_create_instance(). (Gustavo)
- mbstring:
. Fixed bug #64769 (mbstring PHPTs crash on Windows x64). (Anatol)
- MCrypt
. mcrypt_ecb(), mcrypt_cbc(), mcrypt_cfb() and mcrypt_ofb() now throw
E_DEPRECATED. (GoogleGuy)
- mysql
. This extension is now deprecated, and deprecation warnings will be generated
when connections are established to databases via mysql_connect(),
mysql_pconnect(), or through implicit connection: use MySQLi or PDO_MySQL
instead (https://wiki.php.net/rfc/mysql_deprecation). (Adam)
. Dropped support for LOAD DATA LOCAL INFILE handlers when using libmysql.
Known for stability problems. (Andrey)
. Added support for SHA256 authentication available with MySQL 5.6.6+.
(Andrey)
- mysqli:
. Added mysqli_begin_transaction()/mysqli::begin_transaction(). Implemented
all options, per MySQL 5.6, which can be used with START TRANSACTION, COMMIT
and ROLLBACK through options to mysqli_commit()/mysqli_rollback() and their
respective OO counterparts. They work in libmysql and mysqlnd mode. (Andrey)
. Added mysqli_savepoint(), mysqli_release_savepoint(). (Andrey)
. Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB
pointer has closed). (Laruence)
. Fixed bug #64394 (MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS undeclared when
using Connector/C). (Andrey)
- mysqlnd
. Add new begin_transaction() call to the connection object. Implemented all
options, per MySQL 5.6, which can be used with START TRANSACTION, COMMIT
and ROLLBACK. (Andrey)
. Added mysqlnd_savepoint(), mysqlnd_release_savepoint(). (Andrey)
. Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc
for stmt->param_bind). (Andrey)
. Fixed return value of mysqli_stmt_affected_rows() in the time after
prepare() and before execute(). (Andrey)
- PCRE:
. Merged PCRE 8.32. (Anatol)
. Deprecated the /e modifier
(https://wiki.php.net/rfc/remove_preg_replace_eval_modifier). (Nikita Popov)
. Fixed bug #63284 (Upgrade PCRE to 8.31). (Anatoliy)
- PDO:
. Fixed bug #63176 (Segmentation fault when instantiate 2 persistent PDO to
the same db server). (Laruence)
- PDO_DBlib:
. Fixed bug #63638 (Cannot connect to SQL Server 2008 with PDO dblib).
(Stanley Sufficool)
. Fixed bug #64338 (pdo_dblib can't connect to Azure SQL). (Stanley
Sufficool)
. Fixed bug #64808 (FreeTDS PDO getColumnMeta on a prepared but not executed
statement crashes). (Stanley Sufficool)
- PDO_pgsql:
. Fixed Bug #64949 (Buffer overflow in _pdo_pgsql_error). (Remi)
- PDO_mysql:
. Fixed bug #48724 (getColumnMeta() doesn't return native_type for BIT,
TINYINT and YEAR). (Antony, Daniel Beardsley)
- pgsql:
. Added pg_escape_literal() and pg_escape_identifier() (Yasuo)
. Bug #46408: Locale number format settings can cause pg_query_params to
break with numerics. (asmecher, Lars)
- Phar:
. Fixed timestamp update on Phar contents modification. (Dmitry)
- Readline:
. Implement FR #55694 (Expose additional readline variable to prevent
default filename completion). (Hartmel)
- Reflection:
. Fixed bug #64007 (There is an ability to create instance of Generator by
hand). (Laruence)
- Sockets:
. Added recvmsg() and sendmsg() wrappers. (Gustavo)
See https://wiki.php.net/rfc/sendrecvmsg
. Fixed bug #64508 (Fails to build with --disable-ipv6). (Gustavo)
. Fixed bug #64287 (sendmsg/recvmsg shutdown handler causes segfault).
(Gustavo)
- SPL:
. Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on
64-bits systems). (Laruence)
. Fixed bug #64264 (SPLFixedArray toArray problem). (Laruence)
. Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS).
(patch by kriss@krizalys.com, Laruence)
. Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended).
(Nikita Popov)
. Fix bug #60560 (SplFixedArray un-/serialize, getSize(), count() return 0,
keys are strings). (Adam)
. Fixed bug #52861 (unset fails with ArrayObject and deep arrays).
(Mike Willbanks)
. Implement FR #48358 (Add SplDoublyLinkedList::add() to insert an element
at a given offset). (Mark Baker, David Soria Parra)
- SNMP:
. Fixed bug #64765 (Some IPv6 addresses get interpreted wrong).
(Boris Lytochkin)
. Fixed bug #64159 (Truncated snmpget). (Boris Lytochkin)
. Fixed bug #64124 (IPv6 malformed). (Boris Lytochkin)
. Fixed bug #61981 (OO API, walk: $suffix_as_key is not working correctly).
(Boris Lytochkin)
- SOAP:
. Added SoapClient constructor option 'ssl_method' to specify ssl method.
(Eric Iversen)
- Streams:
. Fixed bug #64770 (stream_select() fails with pipes returned by proc_open()
on Windows x64). (Anatol)
. Fixed Windows x64 version of stream_socket_pair() and improved error
handling. (Anatol Belski)
- Tokenizer:
. Fixed bug #60097 (token_get_all fails to lex nested heredoc). (Nikita Popov)
- Zip:
. Upgraded libzip to 0.10.1 (Anatoliy)
. Bug #64452 (Zip crash intermittently). (Anatol)
. Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).
(Anatol)
06 Jun 2013, PHP 5.4.16
- Core:
. Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode,
CVE 2013-2110). (Stas)
. Fixed bug #64853 (Use of no longer available ini directives causes crash on
TS build). (Anatol)
. Fixed bug #64729 (compilation failure on x32). (Gustavo)
. Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry)
. Fixed bug #64660 (Segfault on memory exhaustion within function definition).
(Stas, reported by Juha Kylmänen)
- Calendar:
. Fixed bug #64895 (Integer overflow in SndToJewish). (Remi)
- Fileinfo:
. Fixed bug #64830 (mimetype detection segfaults on mp3 file). (Anatol)
- FPM:
. Ignore QUERY_STRING when sent in SCRIPT_FILENAME. (Remi)
. Fixed some possible memory or resource leaks and possible null dereference
detected by code coverity scan. (Remi)
. Log a warning when a syscall fails. (Remi)
. Add --with-fpm-systemd option to report health to systemd, and
systemd_interval option to configure this. The service can now use
Type=notify in the systemd unit file. (Remi)
- MySQLi
. Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB
pointer has closed). (Laruence)
- Phar
. Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, SMB or
with non std tmp dir). (Pierre)
- SNMP:
. Fixed bug #64765 (Some IPv6 addresses get interpreted wrong).
(Boris Lytochkin)
. Fixed bug #64159 (Truncated snmpget). (Boris Lytochkin)
- Streams:
. Fixed bug #64770 (stream_select() fails with pipes returned by proc_open()
on Windows x64). (Anatol)
- Zend Engine:
. Fixed bug #64821 (Custom Exceptions crash when internal properties
overridden). (Anatol)
09 May 2013, PHP 5.4.15
- Core:
. Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap:
segfault). (Laruence)
. Fixed bug #64458 (dns_get_record result with string of length -1). (Stas)
. Fixed bug #64433 (follow_location parameter of context is ignored for most
response codes). (Sergey Akbarov)
. Fixed bugs #47675 and #64577 (fd leak on Solaris)
- Fileinfo:
. Upgraded libmagic to 5.14. (Anatol)
- MySQLi:
. Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB
pointer has closed). (Laruence)
- Zip:
. Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).
(Anatol)
- Streams:
. Fixed Windows x64 version of stream_socket_pair() and improved error
handling. (Anatol Belski)
. Fixed bug #64770 (stream_select() fails with pipes returned by proc_open()
on Windows x64). (Anatol)
11 Apr 2013, PHP 5.4.14
- Core:
. Fixed bug #64529 (Ran out of opcode space). (Dmitry)
. Fixed bug #64515 (Memoryleak when using the same variablename two times in
function declaration). (Laruence)
. Fixed bug #64432 (more empty delimiter warning in strX methods). (Laruence)
. Fixed bug #64417 (ArrayAccess::&offsetGet() in a trait causes fatal error).
(Dmitry)
. Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']).
(Anatol)
. Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or 5.4.11).
(Dmitry, Laruence)
. Fixed bug #63976 (Parent class incorrectly using child constant in class
property). (Dmitry)
. Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle
exceptions properly). (Jeff Welch)
. Fixed bug #62343 (Show class_alias In get_declared_classes()) (Dmitry)
- PCRE:
. Merged PCRE 8.32. (Anatol)
- SNMP:
. Fixed bug #61981 (OO API, walk: $suffix_as_key is not working correctly).
(Boris Lytochkin)
- Zip:
. Bug #64452 (Zip crash intermittently). (Anatol)
14 Mar 2013, PHP 5.4.13
- Core:
. Fixed bug #64354 (Unserialize array of objects whose class can't
be autoloaded fail). (Laruence)
. Fixed bug #64235 (Insteadof not work for class method in 5.4.11).
(Laruence)
. Fixed bug #64197 (_Offsetof() macro used but not defined on ARM/Clang).
(Ard Biesheuvel)
. Implemented FR #64175 (Added HTTP codes as of RFC 6585). (Jonh Wendell)
. Fixed bug #64142 (dval to lval different behavior on ppc64). (Remi)
. Fixed bug #64070 (Inheritance with Traits failed with error). (Dmitry)
- CLI server:
. Fixed bug #64128 (buit-in web server is broken on ppc64). (Remi)
- Mbstring:
. mb_split() can now handle empty matches like preg_split() does. (Moriyoshi)
- mysqlnd
. Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc
for stmt->param_bind). (Andrey)
- OpenSSL:
. New SSL stream context option to prevent CRIME attack vector. (Daniel Lowrey,
Lars)
. Fixed bug #61930 (openssl corrupts ssl key resource when using
openssl_get_publickey()). (Stas)
- PDO_mysql:
. Fixed bug #60840 (undefined symbol: mysqlnd_debug_std_no_trace_funcs).
(Johannes)
- Phar:
. Fixed timestamp update on Phar contents modification. (Dmitry)
- SOAP
. Added check that soap.wsdl_cache_dir conforms to open_basedir
(CVE-2013-1635). (Dmitry)
. Disabled external entities loading (CVE-2013-1643, CVE-2013-1824).
(Dmitry)
- Phar:
. Fixed timestamp update on Phar contents modification. (Dmitry)
- SPL:
. Fixed bug #64264 (SPLFixedArray toArray problem). (Laruence)
. Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS).
(patch by kriss@krizalys.com, Laruence)
. Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended).
(Nikita Popov)
. Fixed bug #52861 (unset fails with ArrayObject and deep arrays).
(Mike Willbanks)
- SNMP:
. Fixed bug #64124 (IPv6 malformed). (Boris Lytochkin)
21 Feb 2013, PHP 5.4.12
- Core:
. Fixed bug #64099 (Wrong TSRM usage in zend_Register_class alias). (Johannes)
. Fixed bug #64011 (get_html_translation_table() output incomplete with
HTML_ENTITIES and ISO-8859-1). (Gustavo)
. Fixed bug #63982 (isset() inconsistently produces a fatal error on
protected property). (Stas)
. Fixed bug #63943 (Bad warning text from strpos() on empty needle).
(Laruence)
. Fixed bug #63899 (Use after scope error in zend_compile). (Laruence)
. Fixed bug #63893 (Poor efficiency of strtr() using array with keys of very
different length). (Gustavo)
. Fixed bug #63882 (zend_std_compare_objects crash on recursion). (Dmitry)
. Fixed bug #63462 (Magic methods called twice for unset protected
properties). (Stas)
. Fixed bug #62524 (fopen follows redirects for non-3xx statuses).
(Wes Mason)
. Support BITMAPV5HEADER in getimagesize(). (AsamK, Lars)
- Date:
. Fixed bug #63699 (Performance improvements for various ext/date functions).
(Lars, original patch by njaguar at gmail dot com)
. Fixed bug #55397: Comparsion of incomplete DateTime causes SIGSEGV.
(Derick)
- FPM:
. Fixed bug #63999 (php with fpm fails to build on Solaris 10 or 11). (Adam)
- Litespeed:
. Fixed bug #63228 (-Werror=format-security error in lsapi code). (George)
- ext/sqlite3:
. Fixed bug #63921 (sqlite3::bindvalue and relative PHP functions aren't
using sqlite3_*_int64 API). (srgoogleguy, Lars)
- PDO_OCI
. Fixed bug #57702 (Multi-row BLOB fetches). (hswong3i, Laruence)
. Fixed bug #52958 (Segfault in PDO_OCI on cleanup after running a long
testsuite). (hswong3i, Lars)
- PDO_sqlite:
. Fixed bug #63916 (PDO::PARAM_INT casts to 32bit int internally even
on 64bit builds in pdo_sqlite). (srgoogleguy, Lars)
17 Jan 2013, PHP 5.4.11
- Core:
. Fixed bug #63762 (Sigsegv when Exception::$trace is changed by user).
(Johannes)
. Fixed bug #43177 (Errors in eval()'ed code produce status code 500).
(Todd Ruth, Stas).
- Filter:
. Fixed bug #63757 (getenv() produces memory leak with CGI SAPI). (Dmitry)
. Fixed bug #54096 (FILTER_VALIDATE_INT does not accept +0 and -0).
(martin at divbyzero dot net, Lars)
- JSON:
. Fixed bug #63737 (json_decode does not properly decode with options
parameter). (Adam)
- CLI server
. Update list of common mime types. Added webm, ogv, ogg. (Lars,
pascalc at gmail dot com)
- cURL extension:
. Fixed bug (segfault due to libcurl connection caching). (Pierrick)
. Fixed bug #63859 (Memory leak when reusing curl-handle). (Pierrick)
. Fixed bug #63795 (CURL >= 7.28.0 no longer support value 1 for
CURLOPT_SSL_VERIFYHOST). (Pierrick)
. Fixed bug #63352 (Can't enable hostname validation when using curl stream
wrappers). (Pierrick)
. Fixed bug #55438 (Curlwapper is not sending http header randomly).
(phpnet@lostreality.org, Pierrick)
20 Dec 2012, PHP 5.4.10
- Core:
. Fixed bug #63726 (Memleak with static properties and internal/user
classes). (Laruence)
. Fixed bug #63635 (Segfault in gc_collect_cycles). (Dmitry)
. Fixed bug #63512 (parse_ini_file() with INI_SCANNER_RAW removes quotes
from value). (Pierrick)
. Fixed bug #63468 (wrong called method as callback with inheritance).
(Laruence)
. Fixed bug #63451 (config.guess file does not have AIX 7 defined,
shared objects are not created). (kemcline at au1 dot ibm dot com)
. Fixed bug #61557 (Crasher in tt-rss backend.php).
(i dot am dot jack dot mail at gmail dot com)
. Fixed bug #61272 (ob_start callback gets passed empty string).
(Mike, casper at langemeijer dot eu)
- Date:
. Fixed bug #63666 (Poor date() performance). (Paul Taulborg).
. Fixed bug #63435 (Datetime::format('u') sometimes wrong by 1 microsecond).
(Remi)
- Imap:
. Fixed bug #63126 (DISABLE_AUTHENTICATOR ignores array). (Remi)
- Json:
. Fixed bug #63588 (use php_next_utf8_char and remove duplicate
implementation). (Remi)
- MySQLi:
. Fixed bug #63361 (missing header). (Remi)
- MySQLnd:
. Fixed bug #63398 (Segfault when polling closed link). (Laruence)
- Fileinfo:
. Fixed bug #63590 (Different results in TS and NTS under Windows).
(Anatoliy)
- FPM:
. Fixed bug #63581 Possible null dereference and buffer overflow (Remi)
- Pdo_sqlite:
. Fixed Bug #63149 getColumnMeta should return the table name
when system SQLite used. (Remi)
- Apache2 Handler SAPI:
. Enabled Apache 2.4 configure option for Windows (Pierre, Anatoliy)
- Reflection:
. Fixed Bug #63614 (Fatal error on Reflection). (Laruence)
- SOAP
. Fixed bug #63271 (SOAP wsdl cache is not enabled after initial requests).
(John Jawed, Dmitry)
- Sockets
. Fixed bug #49341 (Add SO_REUSEPORT support for socket_set_option()).
(Igor Wiedler, Lars)
- SPL
. Fixed bug #63680 (Memleak in splfixedarray with cycle reference). (Laruence)
22 Nov 2012, PHP 5.4.9
- Core:
. Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence)
. Fixed bug #63369 ((un)serialize() leaves dangling pointers, causes crashes).
(Tony, Andrew Sitnikov)
. Fixed bug #63241 (PHP fails to open Windows deduplicated files).
(daniel dot stelter-gliese at innogames dot de)
. Fixed bug #62444 (Handle leak in is_readable on windows).
(krazyest at seznam dot cz)
- Curl:
. Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST).
Patch by John Jawed GitHub PR #221 (Anthony)
- Fileinfo:
. Fixed bug #63248 (Load multiple magic files from a directory under Windows).
(Anatoliy)
- Libxml
. Fixed bug #63389 (Missing context check on libxml_set_streams_context()
causes memleak). (Laruence)
- Mbstring:
. Fixed bug #63447 (max_input_vars doesn't filter variables when
mbstring.encoding_translation = On). (Laruence)
- OCI8:
. Fixed bug #63265 (Add ORA-00028 to the PHP_OCI_HANDLE_ERROR macro)
(Chris Jones)
- PCRE:
. Fixed bug #63180 (Corruption of hash tables). (Dmitry)
. Fixed bug #63055 (Segfault in zend_gc with SF2 testsuite).
(Dmitry, Laruence)
. Fixed bug #63284 (Upgrade PCRE to 8.31). (Anatoliy)
- PDO:
. Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).
(Martin Osvald, Remi)
- PDO_pgsql:
. Fixed bug #62593 (Emulate prepares behave strangely with PARAM_BOOL).
(Will Fitch)
- Phar:
. Fixed bug #63297 (Phar fails to write an openssl based signature).
(Anatoliy)
- Streams:
. Fixed bug #63240 (stream_get_line() return contains delimiter string).
(Tjerk, Gustavo)
- Reflection:
. Fixed bug #63399 (ReflectionClass::getTraitAliases() incorrectly resolves
traitnames). (Laruence)
18 Oct 2012, PHP 5.4.8
- CLI server:
. Implemented FR #63242 (Default error page in PHP built-in web server uses
outdated html/css). (pascal.chevrel@free.fr)
. Changed response to unknown HTTP method to 501 according to RFC.
(Niklas Lindgren).
. Support HTTP PATCH method. Patch by Niklas Lindgren, GitHub PR #190.
(Lars)
- Core:
. Fixed bug #63219 (Segfault when aliasing trait method when autoloader
throws excpetion). (Laruence)
. Added optional second argument for assert() to specify custom message. Patch
by Lonny Kapelushnik (lonny@lonnylot.com). (Lars)
. Support building PHP with the native client toolchain. (Stuart Langley)
. Added --offline option for tests. (Remi)
. Fixed bug #63162 (parse_url does not match password component). (husman)
. Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry)
. Fixed bug #63093 (Segfault while load extension failed in zts-build).
(Laruence)
. Fixed bug #62976 (Notice: could not be converted to int when comparing
some builtin classes). (Laruence)
. Fixed bug #62955 (Only one directive is loaded from "Per Directory Values"
Windows registry). (aserbulov at parallels dot com)
. Fixed bug #62907 (Double free when use traits). (Dmitry)
. Fixed bug #61767 (Shutdown functions not called in certain error
situation). (Dmitry)
. Fixed bug #60909 (custom error handler throwing Exception + fatal error
= no shutdown function). (Dmitry)
. Fixed bug #60723 (error_log error time has changed to UTC ignoring default
timezone). (Laruence)
- cURL:
. Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will
cause cpu Soaring). (Pierrick)
- Date:
. Fixed bug #62896 ("DateTime->modify('+0 days')" modifies DateTime object)
(Lonny Kapelushnik)
. Fixed bug #62561 (DateTime add 'P1D' adds 25 hours). (Lonny Kapelushnik)
- DOM:
. Fixed bug #63015 (Incorrect arginfo for DOMErrorHandler). (Rob)
- FPM:
. Fixed bug #62954 (startup problems fpm / php-fpm). (fat)
. Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat)
. Fixed bug #63085 (Systemd integration and daemonize). (remi, fat)
. Fixed bug #62947 (Unneccesary warnings on FPM). (fat)
. Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat)
. Fixed bug #62216 (Add PID to php-fpm init.d script). (fat)
- OCI8:
. Fixed bug #60901 (Improve "tail" syntax for AIX installation) (Chris Jones)
- OpenSSL:
. Implemented FR #61421 (OpenSSL signature verification missing RMD160,
SHA224, SHA256, SHA384, SHA512). (Mark Jones)
- PDO:
. Fixed bug #63258 (seg fault with PDO and dblib using DBSETOPT(H->link,
DBQUOTEDIDENT, 1)). (Laruence)
. Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).
(Martin Osvald, Remi)
- PDO Firebird:
. Fixed bug #63214 (Large PDO Firebird Queries).
(james at kenjim dot com)
- SOAP
. Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice).
(Dmitry)
- SPL:
. Bug #62987 (Assigning to ArrayObject[null][something] overrides all
undefined variables). (Laruence)
- mbstring:
. Allow passing null as a default value to mb_substr() and mb_strcut(). Patch
by Alexander Moskaliov via GitHub PR #133. (Lars)
- Filter extension:
. Bug #49510: Boolean validation fails with FILTER_NULL_ON_FAILURE with empty
string or false. (Lars)
- Sockets
. Fixed bug #63000 (MCAST_JOIN_GROUP on OSX is broken, merge of PR 185 by
Igor Wiedler). (Lars)
13 Sep 2012, PHP 5.4.7
- Core:
. Fixed bug (segfault while build with zts and GOTO vm-kind). (Laruence)
. Fixed bug #62844 (parse_url() does not recognize //). (Andrew Faulds).
. Fixed bug #62829 (stdint.h included on platform where HAVE_STDINT_H is not
set). (Felipe)
. Fixed bug #62763 (register_shutdown_function and extending class).
(Laruence)
. Fixed bug #62725 (Calling exit() in a shutdown function does not return
the exit value). (Laruence)
. Fixed bug #62744 (dangling pointers made by zend_disable_class). (Laruence)
. Fixed bug #62716 (munmap() is called with the incorrect length).
(slangley@google.com)
. Fixed bug #62358 (Segfault when using traits a lot). (Laruence)
. Fixed bug #62328 (implementing __toString and a cast to string fails)
(Laruence)
. Fixed bug #51363 (Fatal error raised by var_export() not caught by error
handler). (Lonny Kapelushnik)
. Fixed bug #40459 (Stat and Dir stream wrapper methods do not call
constructor). (Stas)
- CURL:
. Fixed bug #62912 (CURLINFO_PRIMARY_* AND CURLINFO_LOCAL_* not exposed).
(Pierrick)
. Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE). (Pierrick)
- Intl:
. Fixed Spoofchecker not being registered on ICU 49.1. (Gustavo)
. Fix bug #62933 (ext/intl compilation error on icu 3.4.1). (Gustavo)
. Fix bug #62915 (defective cloning in several intl classes). (Gustavo)
- Installation:
. Fixed bug #62460 (php binaries installed as binary.dSYM). (Reeze Xia)
- PCRE:
. Fixed bug #55856 (preg_replace should fail on trailing garbage).
(reg dot php at alf dot nu)
- PDO:
. Fixed bug #62685 (Wrong return datatype in PDO::inTransaction()). (Laruence)
- Reflection:
. Fixed bug #62892 (ReflectionClass::getTraitAliases crashes on importing
trait methods as private). (Felipe)
. Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong
result). (Laruence)
- Session:
. Fixed bug (segfault due to retval is not initialized). (Laruence)
. Fixed bug (segfault due to PS(mod_user_implemented) not be reseted
when close handler call exit). (Laruence)
- SOAP
. Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice).
(Dmitry)
- SPL:
. Fixed bug #62904 (Crash when cloning an object which inherits SplFixedArray)
(Laruence)
. Implemented FR #62840 (Add sort flag to ArrayObject::ksort). (Laruence)
- Standard:
. Fixed bug #62836 (Seg fault or broken object references on unserialize()).
(Laruence)
- FPM:
. Merged PR 121 by minitux to add support for slow request counting on PHP
FPM status page. (Lars)
16 Aug 2012, PHP 5.4.6
- CLI Server:
. Implemented FR #62700 (have the console output 'Listening on
http://http://www.zjjv.com//, Laruence)
- DateTime:
. Fixed Bug #62500 (Segfault in DateInterval class when extended). (Laruence)
- Fileinfo:
. Fixed bug #61964 (finfo_open with directory causes invalid free).
(reeze.xia@gmail.com)
- Intl:
. Fixed bug #62564 (Extending MessageFormatter and adding property causes
crash). (Felipe)
- MySQLnd:
. Fixed bug #62594 (segfault in mysqlnd_res_meta::set_mode). (Laruence)
- readline:
. Fixed bug #62612 (readline extension compilation fails with
sapi/cli/cli.h: No such file). (Johannes)
- Reflection:
. Implemented FR #61602 (Allow access to name of constant used as default
value). (reeze.xia@gmail.com)
- SimpleXML:
. Implemented FR #55218 Get namespaces from current node. (Lonny)
- SPL:
. Fixed bug #62616 (ArrayIterator::count() from IteratorIterator instance
gives Segmentation fault). (Laruence, Gustavo)
. Fixed bug #61527 (ArrayIterator gives misleading notice on next() when
moved to the end). (reeze.xia@gmail.com)
- Streams:
. Fixed bug #62597 (segfault in php_stream_wrapper_log_error with ZTS build).
(Laruence)
- Zlib:
. Fixed bug #55544 (ob_gzhandler always conflicts with
zlib.output_compression). (Laruence)
19 Jul 2012, PHP 5.4.5
- Core:
. Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed
Salt). (Anthony Ferrara)
. Fixed bug #62432 (ReflectionMethod random corrupt memory on high
concurrent). (Johannes)
. Fixed bug #62373 (serialize() generates wrong reference to the object).
(Moriyoshi)
. Fixed bug #62357 (compile failure: (S) Arguments missing for built-in
function __memcmp). (Laruence)
. Fixed bug #61998 (Using traits with method aliases appears to result in
crash during execution). (Dmitry)
. Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that
includes a semi-colon). (Pierrick)
. Fixed potential overflow in _php_stream_scandir (CVE-2012-2688).
(Jason Powell, Stas)
- EXIF:
. Fixed information leak in ext exif (discovered by Martin Noga,
Matthew "j00ru" Jurczyk, Gynvael Coldwind)
- FPM:
. Fixed bug #62205 (php-fpm segfaults (null passed to strstr)). (fat)
. Fixed bug #62160 (Add process.priority to set nice(2) priorities). (fat)
. Fixed bug #62153 (when using unix sockets, multiples FPM instances
. Fixed bug #62033 (php-fpm exits with status 0 on some failures to start).
(fat)
. Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm). (fat)
. Fixed bug #61835 (php-fpm is not allowed to run as root). (fat)
. Fixed bug #61295 (php-fpm should not fail with commented 'user'
. Fixed bug #61218 (FPM drops connection while receiving some binary values
in FastCGI requests). (fat)
. Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat)
for non-root start). (fat)
. Fixed bug #61026 (FPM pools can listen on the same address). (fat)
can be launched without errors). (fat)
- Iconv:
. Fix bug #55042 (Erealloc in iconv.c unsafe). (Stas)
- Intl:
. Fixed bug #62083 (grapheme_extract() memory leaks). (Gustavo)
. ResourceBundle constructor now accepts NULL for the first two arguments.
(Gustavo)
. Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called
twice). (Gustavo)
. Fixed bug #62070 (Collator::getSortKey() returns garbage). (Gustavo)
. Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks
pattern). (Gustavo)
. Fixed bug #60785 (memory leak in IntlDateFormatter constructor). (Gustavo)
- JSON:
. Fixed bug #61359 (json_encode() calls too many reallocs). (Stas)
- libxml:
. Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM
SAPI). (Gustavo)
- Phar:
. Fixed bug #62227 (Invalid phar stream path causes crash). (Felipe)
- Readline:
. Fixed bug #62186 (readline fails to compile - void function should not
return a value). (Johannes)
- Reflection:
. Fixed bug #62384 (Attempting to invoke a Closure more than once causes
segfault). (Felipe)
. Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks
with constant). (Laruence)
- Sockets:
. Fixed bug #62025 (__ss_family was changed on AIX 5.3). (Felipe)
- SPL:
. Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to
dot files). (Laruence)
. Fixed bug #62262 (RecursiveArrayIterator does not implement Countable).
(Nikita Popov)
- XML Writer:
. Fixed bug #62064 (memory leak in the XML Writer module).
(jean-pierre dot lozi at lip6 dot fr)
- Zip:
. Upgraded libzip to 0.10.1 (Anatoliy)
14 Jun 2012, PHP 5.4.4
- COM:
. Fixed bug #62146 com_dotnet cannot be built shared. (Johannes)
- CLI Server:
. Implemented FR #61977 (Need CLI web-server support for files with .htm &
svg extensions). (Sixd, Laruence)
. Improved performance while sending error page, this also fixed
bug #61785 (Memory leak when access a non-exists file without router).
(Laruence)
. Fixed bug #61546 (functions related to current script failed when chdir()
in cli sapi). (Laruence, reeze.xia@gmail.com)
- Core:
. Fixed missing bound check in iptcparse(). (chris at chiappa.net)
. Fixed CVE-2012-2143. (Solar Designer)
. Fixed bug #62097 (fix for for bug #54547). (Gustavo)
. Fixed bug #62005 (unexpected behavior when incrementally assigning to a
member of a null object). (Laruence)
. Fixed bug #61978 (Object recursion not detected for classes that implement
JsonSerializable). (Felipe)
. Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy)
. Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config).
(Laruence)
. Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy)
. Fixed bug #61782 (__clone/__destruct do not match other methods when checking
access controls). (Stas)
. Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo)
. Fixed bug #61761 ('Overriding' a private static method with a different
signature causes crash). (Laruence)
. Fixed bug #61730 (Segfault from array_walk modifying an array passed by
reference). (Laruence)
. Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown
phase). (Laruence)
. Fixed bug #61713 (Logic error in charset detection for htmlentities).
(Anatoliy)
. Fixed bug #61660 (bin2hex(hex2bin($data)) != $data). (Nikita Popov)
. Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables
(without apache2)). (Laruence)
. Fixed bug #61605 (header_remove() does not remove all headers). (Laruence)
. Fixed bug #54547 (wrong equality of string numbers). (Gustavo)
. Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename
set to null). (Anatoliy)
. Changed php://fd to be available only for CLI.
- CURL:
. Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
(Laruence)
- Fileinfo
. Fixed bug #61812 (Uninitialised value used in libmagic).
(Laruence, Gustavo)
. Fixed bug #61566 failure caused by the posix lseek and read versions
under windows in cdf_read(). (Anatoliy)
. Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a
directory descriptor under windows. (Anatoliy)
- Intl
. Fixed bug #62082 (Memory corruption in internal function
get_icu_disp_value_src_php()). (Gustavo)
- Libxml:
. Fixed bug #61617 (Libxml tests failed(ht is already destroyed)).
(Laruence)
- PDO:
. Fixed bug #61755 (A parsing bug in the prepared statements can lead to
access violations). (Johannes)
- Phar:
. Fixed bug #61065 (Secunia SA44335, CVE-2012-2386). (Rasmus)
- Pgsql:
. Added pg_escape_identifier/pg_escape_literal. (Yasuo Ohgaki)
- Streams:
. Fixed bug #61961 (file_get_contents leaks when access empty file with
maxlen set). (Reeze)
- Zlib:
. Fixed bug #61820 (using ob_gzhandler will complain about headers already
sent when no compression). (Mike)
. Fixed bug #61443 (can't change zlib.output_compression on the fly). (Mike)
. Fixed bug #60761 (zlib.output_compression fails on refresh). (Mike)
08 May 2012, PHP 5.4.3
- CGI
. Re-Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823.
(Stas)
. Fix bug #61807 - Buffer Overflow in apache_request_headers.
(nyt-php at countercultured dot net).
03 May 2012, PHP 5.4.2
- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus)
26 Apr 2012, PHP 5.4.1
- CLI Server:
. Fixed bug #61461 (missing checks around malloc() calls). (Ilia)
. Implemented FR #60850 (Built in web server does not set
$_SERVER['SCRIPT_FILENAME'] when using router). (Laruence)
. "Connection: close" instead of "Connection: closed" (Gustavo)
- Core:
. Fixed crash in ZTS using same class in many threads. (Johannes)
. Fixed bug #61374 (html_entity_decode tries to decode code points that don't
exist in ISO-8859-1). (Gustavo)
. Fixed bug #61273 (call_user_func_array with more than 16333 arguments
leaks / crashes). (Laruence)
. Fixed bug #61225 (Incorrect lexing of 0b00*+<NUM>). (Pierrick)
. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
. Fixed bug #61106 (Segfault when using header_register_callback). (Nikita
Popov)
. Fixed bug #61087 (Memory leak in parse_ini_file when specifying
invalid scanner mode). (Nikic, Laruence)
. Fixed bug #61072 (Memory leak when restoring an exception handler).
(Nikic, Laruence)
. Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
(Laruence)
. Fixed bug #61052 (Missing error check in trait 'insteadof' clause). (Stefan)
. Fixed bug #61011 (Crash when an exception is thrown by __autoload
accessing a static property). (Laruence)
. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
vars). (Laruence)
. Fixed bug #60978 (exit code incorrect). (Laruence)
. Fixed bug #60911 (Confusing error message when extending traits). (Stefan)
. Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
. Fixed bug #60717 (Order of traits in use statement can cause a fatal
error). (Stefan)
. Fixed bug #60573 (type hinting with "self" keyword causes weird errors).
(Laruence)
. Fixed bug #60569 (Nullbyte truncates Exception $message). (Ilia)
. Fixed bug #52719 (array_walk_recursive crashes if third param of the
function is by reference). (Nikita Popov)
. Improve performance of set_exception_handler while doing reset (Laruence)
- fileinfo:
. Fix fileinfo test problems. (Anatoliy Belsky)
- FPM
. Fixed bug #61430 (Transposed memset() params in sapi/fpm/fpm/fpm_shm.c).
(michaelhood at gmail dot com, Ilia)
- Ibase
. Fixed bug #60947 (Segmentation fault while executing ibase_db_info).
(Ilia)
- Installation
. Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)
- Intl:
. Fixed bug #61487 (Incorrent bounds checking in grapheme_strpos).
(Stas)
- mbstring:
. MFH mb_ereg_replace_callback() for security enhancements. (Rui)
- mysqli
. Fixed bug #61003 (mysql_stat() require a valid connection). (Johannes).
- mysqlnd
. Fixed bug #61704 (Crash apache, phpinfo() threading issue). (Johannes)
. Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled).
(Johannes)
- PDO
. Fixed bug #61292 (Segfault while calling a method on an overloaded PDO
object). (Laruence)
- PDO_mysql
. Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't
always work). (Johannes)
. Fixed bug #61194 (PDO should export compression flag with myslqnd).
(Johannes)
- PDO_odbc
. Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO). (Ilia)
- Phar
. Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL
bytes). (Nikita Popov)
- Readline:
. Fixed bug #61088 (Memory leak in readline_callback_handler_install).
(Nikic, Laruence)
- Reflection:
. Implemented FR #61602 (Allow access to the name of constant
used as function/method parameter's default value). (reeze.xia@gmail.com)
. Fixed bug #60968 (Late static binding doesn't work with
ReflectionMethod::invokeArgs()). (Laruence)
- Session
. Fixed bug #60634 (Segmentation fault when trying to die() in
SessionHandler::write()). (Ilia)
- SOAP
. Fixed bug #61423 (gzip compression fails). (Ilia)
. Fixed bug #60887 (SoapClient ignores user_agent option and sends no
User-Agent header). (carloschilazo at gmail dot com)
. Fixed bug #60842, #51775 (Chunked response parsing error when
chunksize length line is > 10 bytes). (Ilia)
. Fixed bug #49853 (Soap Client stream context header option ignored).
(Dmitry)
- SPL:
. Fixed bug #61453 (SplObjectStorage does not identify objects correctly).
(Gustavo)
. Fixed bug #61347 (inconsistent isset behavior of Arrayobject). (Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
. Make max_file_uploads ini directive settable outside of php.ini (Rasmus)
. Fixed bug #61409 (Bad formatting on phpinfo()). (Jakub Vrana)
. Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia)
. Fixed bug #60106 (stream_socket_server silently truncates long unix socket
paths). (Ilia)
- XMLRPC:
. Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary
variable). (Nikita Popov)
. Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita
Popov)
- Zlib:
. Fixed bug #61306 (initialization of global inappropriate for ZTS). (Gustavo)
. Fixed bug #61287 (A particular string fails to decompress). (Mike)
. Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov)
01 Mar 2012, PHP 5.4.0
- Installation:
. autoconf 2.59+ is now supported (and required) for generating the
configure script with ./buildconf. Autoconf 2.60+ is desirable
otherwise the configure help order may be incorrect. (Rasmus, Chris Jones)
- Removed legacy features:
. break/continue $var syntax. (Dmitry)
. Safe mode and all related php.ini options. (Kalle)
. register_globals and register_long_arrays php.ini options. (Kalle)
. import_request_variables(). (Kalle)
. allow_call_time_pass_reference. (Pierrick)
. define_syslog_variables php.ini option and its associated function. (Kalle)
. highlight.bg php.ini option. (Kalle)
. safe_mode, safe_mode_gid, safe_mode_include_dir,
safe_mode_exec_dir, safe_mode_allowed_env_vars and
safe_mode_protected_env_vars php.ini options.
. zend.ze1_compatibility_mode php.ini option.
. Session bug compatibility mode (session.bug_compat_42 and
session.bug_compat_warn php.ini options). (Kalle)
. session_is_registered(), session_register() and session_unregister()
functions. (Kalle)
. y2k_compliance php.ini option. (Kalle)
. magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase
php.ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept
but always return false, set_magic_quotes_runtime raises an
E_CORE_ERROR. (Pierrick, Pierre)
. Removed support for putenv("TZ=..") for setting the timezone. (Derick)
. Removed the timezone guessing algorithm in case the timezone isn't set with
date.timezone or date_default_timezone_set(). Instead of a guessed
timezone, "UTC" is now used instead. (Derick)
- Moved extensions to PECL:
. ext/sqlite. (Note: the ext/sqlite3 and ext/pdo_sqlite extensions are
not affected) (Johannes)
- General improvements:
. Added short array syntax support ([1,2,3]), see UPGRADING guide for full
details. (rsky0711 at gmail . com, sebastian.deutsch at 9elements . com,
Pierre)
. Added binary number format (0b001010). (Jonah dot Harris at gmail dot com)
. Added support for Class::{expr}() syntax (Pierrick)
. Added multibyte support by default. Previously PHP had to be compiled
with --enable-zend-multibyte. Now it can be enabled or disabled through
the zend.multibyte directive in php.ini. (Dmitry)
. Removed compile time dependency from ext/mbstring (Dmitry)
. Added support for Traits. (Stefan, with fixes by Dmitry and Laruence)
. Added closure $this support back. (Stas)
. Added array dereferencing support. (Felipe)
. Added callable typehint. (Hannes)
. Added indirect method call through array. FR #47160. (Felipe)
. Added DTrace support. (David Soria Parra)
. Added class member access on instantiation (e.g. (new foo)->bar()) support.
(Felipe)
. <?= is now always available regardless of the short_open_tag setting. (Rasmus)
. Implemented Zend Signal Handling (configurable option --enable-zend-signals,
off by default). (Lucas Nealan, Arnaud Le Blanc, Brian Shire, Ilia)
. Improved output layer, see README.NEW-OUTPUT-API for internals. (Mike)
. Improved UNIX build system to allow building multiple PHP binary SAPIs and
one SAPI module the same time. FR #53271, FR #52419. (Jani)
. Implemented closure rebinding as parameter to bindTo. (Gustavo Lopes)
. Improved the warning message of incompatible arguments. (Laruence)
. Improved ternary operator performance when returning arrays. (Arnaud, Dmitry)
. Changed error handlers to only generate docref links when the docref_root
php.ini setting is not empty. (Derick)
. Changed silent conversion of array to string to produce a notice. (Patrick)
. Changed default encoding from ISO-8859-1 to UTF-8 when not specified in
htmlspecialchars and htmlentities. (Rasmus)
. Changed casting of null/''/false into an Object when adding a property
from E_STRICT into a warning. (Scott)
. Changed E_ALL to include E_STRICT. (Stas)
. Disabled Windows CRT warning by default, can be enabled again using the
php.ini directive windows_show_crt_warnings. (Pierre)
. Fixed bug #55378: Binary number literal returns float number though its
value is small enough. (Derick)
- Improved Zend Engine memory usage: (Dmitry)
. Improved parse error messages. (Felipe)
. Replaced zend_function.pass_rest_by_reference by
ZEND_ACC_PASS_REST_BY_REFERENCE in zend_function.fn_flags.
. Replaced zend_function.return_reference by ZEND_ACC_RETURN_REFERENCE
in zend_function.fn_flags.
. Removed zend_arg_info.required_num_args as it was only needed for internal
functions. Now the first arg_info for internal functions (which has special
meaning) is represented by the zend_internal_function_info structure.
. Moved zend_op_array.size, size_var, size_literal, current_brk_cont,
backpatch_count into CG(context) as they are used only during compilation.
. Moved zend_op_array.start_op into EG(start_op) as it's used only for
'interactive' execution of a single top-level op-array.
. Replaced zend_op_array.done_pass_two by ZEND_ACC_DONE_PASS_TWO in
zend_op_array.fn_flags.
. op_array.vars array is trimmed (reallocated) during pass_two.
. Replaced zend_class_entry.constants_updated by ZEND_ACC_CONSTANTS_UPDATED
in zend_class_entry.ce_flags.
. Reduced the size of zend_class_entry by sharing the same memory space
by different information for internal and user classes.
See zend_class_entry.info union.
. Reduced size of temp_variable.
- Improved Zend Engine - performance tweaks and optimizations: (Dmitry)
. Inlined most probable code-paths for arithmetic operations directly into
executor.
. Eliminated unnecessary iterations during request startup/shutdown.
. Changed $GLOBALS into a JIT autoglobal, so it's initialized only if used.
(this may affect opcode caches!)
. Improved performance of @ (silence) operator.
. Simplified string offset reading. Given $str="abc" then $str[1][0] is now
a legal construct.
. Added caches to eliminate repeatable run-time bindings of functions,
classes, constants, methods and properties.
. Added concept of interned strings. All strings constants known at compile
time are allocated in a single copy and never changed.
. ZEND_RECV now always has IS_CV as its result.
. ZEND_CATCH now has to be used only with constant class names.
. ZEND_FETCH_DIM_? may fetch array and dimension operands in different order.
. Simplified ZEND_FETCH_*_R operations. They can't be used with the
EXT_TYPE_UNUSED flag any more. This is a very rare and useless case.
ZEND_FREE might be required after them instead.
. Split ZEND_RETURN into two new instructions ZEND_RETURN and
ZEND_RETURN_BY_REF.
. Optimized access to global constants using values with pre-calculated
hash_values from the literals table.
. Optimized access to static properties using executor specialization.
A constant class name may be used as a direct operand of ZEND_FETCH_*
instruction without previous ZEND_FETCH_CLASS.
. zend_stack and zend_ptr_stack allocation is delayed until actual usage.
- Other improvements to Zend Engine:
. Added an optimization which saves memory and emalloc/efree calls for empty
HashTables. (Stas, Dmitry)
. Added ability to reset user opcode handlers (Yoram).
. Changed the structure of op_array.opcodes. The constant values are moved from
opcode operands into a separate literal table. (Dmitry)
. Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.
(Dmitry)
- Improved core functions:
. Enforce an extended class' __construct arguments to match the
abstract constructor in the base class.
. Disallow reusing superglobal names as parameter names.
. Added optional argument to debug_backtrace() and debug_print_backtrace()
to limit the amount of stack frames returned. (Sebastian, Patrick)
. Added hex2bin() function. (Scott)
. number_format() no longer truncates multibyte decimal points and thousand
separators to the first byte. FR #53457. (Adam)
. Added support for object reference
