PHP 5.5 已经准备就绪,你呢?

2015 年 5 月 9 日5770

   

尽管官方尚未正式发布,但 PHP 5.5 正式版的源码已经提交到 Github 上。详细的改进记录请看NEWS

期待官方正式宣布的消息

https://github.com/php/php-src/blob/php-5.5.0/NEWS

PHP NEWS

|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||

20 Jun 2013, PHP 5.5.0

- Core:

. Added Zend Opcache extension and enable building it by default.

More details here: https://wiki.php.net/rfc/optimizerplus. (Dmitry)

. Added generators and coroutines (https://wiki.php.net/rfc/generators).

(Nikita Popov)

. Added "finally" keyword (https://wiki.php.net/rfc/finally). (Laruence)

. Added simplified password hashing API

(https://wiki.php.net/rfc/password_hash). (Anthony Ferrara)

. Added support for constant array/string dereferencing. (Laruence)

. Added array_column function which returns a column in a multidimensional

array. https://wiki.php.net/rfc/array_column. (Ben Ramsey)

. Added boolval(). (Jille Timmermans)

. Added "Z" option to pack/unpack. (Gustavo)

. Added Generator::throw() method. (Nikita Popov)

. Added Class Name Resolution As Scalar Via "class" Keyword.

(Ralph Schindler, Nikita Popov, Lars)

. Added optional second argument for assert() to specify custom message. Patch

by Lonny Kapelushnik (lonny@lonnylot.com). (Lars)

. Added support for using empty() on the result of function calls and

other expressions (https://wiki.php.net/rfc/empty_isset_exprs).

(Nikita Popov)

. Added support for non-scalar Iterator keys in foreach

(https://wiki.php.net/rfc/foreach-non-scalar-keys). (Nikita Popov)

. Added support for list in foreach (https://wiki.php.net/rfc/foreachlist).

(Laruence)

. Added support for changing the process's title in CLI/CLI-Server SAPIs.

The implementation is more robust that the proctitle PECL module. More

details here: https://wiki.php.net/rfc/cli_process_title. (Keyur)

. Added ARMv7/v8 versions of various Zend arithmetic functions that are

implemented using inline assembler (Ard Biesheuvel)

. Added systemtap support by enabling systemtap compatible dtrace probes on

linux. (David Soria Parra)

. Optimized access to temporary and compiled VM variables. 8% less memory

reads. (Dmitry)

. The VM stacks for passing function arguments and syntaticaly nested calls

were merged into a single stack. The stack size needed for op_array

execution is calculated at compile time and preallocated at once. As result

all the stack push operatins don't require checks for stack overflow

any more. (Dmitry)

. Improve set_exception_handler while doing reset. (Laruence)

. Return previous handler when passing NULL to set_error_handler and

set_exception_handler. (Nikita Popov)

. Remove php_logo_guid(), php_egg_logo_guid(), php_real_logo_guid(),

zend_logo_guid(). (Adnrew Faulds)

. Drop Windows XP and 2003 support. (Pierre)

. Implemented FR #64175 (Added HTTP codes as of RFC 6585). (Jonh Wendell)

. Implemented FR #60738 (Allow 'set_error_handler' to handle NULL).

(Laruence, Nikita Popov)

. Implemented FR #60524 (specify temp dir by php.ini). (ALeX Kazik).

. Implemented FR #46487 (Dereferencing process-handles no longer waits on

those processes). (Jille Timmermans)

. Fixed bug #65051 (count() off by one inside unset()). (Nikita)

. Fixed bug #64988 (Class loading order affects E_STRICT warning). (Laruence)

. Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). (Laruence)

. Fixed bug #64960 (Segfault in gc_zval_possible_root). (Laruence)

. Fixed bug #64936 (doc comments picked up from previous scanner run). (Stas,

Jonathan Oddy)

. Fixed bug #64934 (Apache2 TS crash with get_browser()). (Anatol)

. Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode,

CVE 2013-2110). (Stas)

. Fixed bug #64853 (Use of no longer available ini directives causes crash

on TS build). (Anatol)

. Fixed bug #64821 (Custom Exceptions crash when internal properties overridden).

(Anatol)

. Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry)

. Fixed bug #64677 (execution operator `` stealing surrounding arguments).

. Fixed bug #64660 (Segfault on memory exhaustion within function definition).

(Stas, reported by Juha Kylmänen)

. Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap:

segfault). (Laruence)

. Fixed bug #64565 (copy doesn't report failure on partial copy). (Remi)

. Fixed bug #64555 (foreach no longer copies keys if they are interned).

(Nikita Popov)

. Fixed bugs #47675 and #64577 (fd leak on Solaris)

. Fixed bug #64544 (Valgrind warnings after using putenv). (Laruence)

. Fixed bug #64515 (Memoryleak when using the same variablename 2times in

function declaration). (Laruence)

. Fixed bug #64503 (Compilation fails with error: conflicting types for

'zendparse'). (Laruence)

. Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or 5.4.11).

(Dmitry, Laruence)

. Fixed bug #64523, allow XOR in php.ini. (Dejan Marjanovic, Lars)

. Fixed bug #64354 (Unserialize array of objects whose class can't

be autoloaded fail). (Laruence)

. Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']).

(Anatol)

. Fixed bug #64166 (quoted-printable-encode stream filter incorrectly

discarding whitespace). (Michael M Slusarz)

(Laruence)

. Fixed bug #64142 (dval to lval different behavior on ppc64). (Remi)

. Fixed bug #64135 (Exceptions from set_error_handler are not always

propagated). (Laruence)

. Fixed bug #63980 (object members get trimmed by zero bytes). (Laruence)

. Fixed bug #63874 (Segfault if php_strip_whitespace has heredoc). (Pierrick)

. Fixed bug #63830 (Segfault on undefined function call in nested generator).

(Nikita Popov)

. Fixed bug #63822 (Crash when using closures with ArrayAccess).

(Nikita Popov)

. Fixed bug #61681 (Malformed grammar). (Nikita Popov, Etienne, Laruence)

. Fixed bug #61038 (unpack("a5", "str\0\0") does not work as expected).

(srgoogleguy, Gustavo)

. Fixed bug #61025 (__invoke() visibility not honored). (Laruence)

. Fixed bug #60833 (self, parent, static behave inconsistently

case-sensitive). (Stas, mario at include-once dot org)

. Fixed Bug #52126: timestamp for mail.log (Martin Jansen, Lars)

. Fixed bug #49348 (Uninitialized ++$foo->bar; does not cause a notice).

(Stas)

. Fixed Bug #23955: allow specifying Max-Age attribute in setcookie() (narfbg, Lars)

. Fixed bug #18556 (Engine uses locale rules to handle class names). (Stas)

. Fix undefined behavior when converting double variables to integers.

The double is now always rounded towards zero, the remainder of its division

by 2^32 or 2^64 (depending on sizeof(long)) is calculated and it's made

signed assuming a two's complement representation. (Gustavo)

. Drop support for bison < 2.4 when building PHP from GIT source.

(Laruence)

- Apache2 Handler SAPI:

. Enabled Apache 2.4 configure option for Windows (Pierre, Anatoliy)

- Calendar:

. Fixed bug #64895 (Integer overflow in SndToJewish). (Remi)

. Fixed bug #54254 (cal_from_jd returns month = 6 when there is only one Adar)

(Stas, Eitan Mosenkis)

- CLI server:

. Fixed bug #64128 (buit-in web server is broken on ppc64). (Remi)

- CURL:

. Remove curl stream wrappers. (Pierrick)

. Implemented FR #46439 - added CURLFile for safer file uploads.

(Stas)

. Added support for CURLOPT_FTP_RESPONSE_TIMEOUT, CURLOPT_APPEND,

CURLOPT_DIRLISTONLY, CURLOPT_NEW_DIRECTORY_PERMS, CURLOPT_NEW_FILE_PERMS,

CURLOPT_NETRC_FILE, CURLOPT_PREQUOTE, CURLOPT_KRBLEVEL, CURLOPT_MAXFILESIZE,

CURLOPT_FTP_ACCOUNT, CURLOPT_COOKIELIST, CURLOPT_IGNORE_CONTENT_LENGTH,

CURLOPT_CONNECT_ONLY, CURLOPT_LOCALPORT, CURLOPT_LOCALPORTRANGE,

CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_SSL_SESSIONID_CACHE,

CURLOPT_FTP_SSL_CCC, CURLOPT_HTTP_CONTENT_DECODING,

CURLOPT_HTTP_TRANSFER_DECODING, CURLOPT_PROXY_TRANSFER_MODE,

CURLOPT_ADDRESS_SCOPE, CURLOPT_CRLFILE, CURLOPT_ISSUERCERT,

CURLOPT_USERNAME, CURLOPT_PASSWORD, CURLOPT_PROXYUSERNAME,

CURLOPT_PROXYPASSWORD, CURLOPT_NOPROXY, CURLOPT_SOCKS5_GSSAPI_NEC,

CURLOPT_SOCKS5_GSSAPI_SERVICE, CURLOPT_TFTP_BLKSIZE,

CURLOPT_SSH_KNOWNHOSTS, CURLOPT_FTP_USE_PRET, CURLOPT_MAIL_FROM,

CURLOPT_MAIL_RCPT, CURLOPT_RTSP_CLIENT_CSEQ, CURLOPT_RTSP_SERVER_CSEQ,

CURLOPT_RTSP_SESSION_ID, CURLOPT_RTSP_STREAM_URI, CURLOPT_RTSP_TRANSPORT,

CURLOPT_RTSP_REQUEST, CURLOPT_RESOLVE, CURLOPT_ACCEPT_ENCODING,

CURLOPT_TRANSFER_ENCODING, CURLOPT_DNS_SERVERS and CURLOPT_USE_SSL.

(Pierrick)

. Fixed bug #55635 (CURLOPT_BINARYTRANSFER no longer used. The constant

still exists for backward compatibility but is doing nothing). (Pierrick)

. Fixed bug #54995 (Missing CURLINFO_RESPONSE_CODE support). (Pierrick)

- DateTime

. Added DateTimeImmutable - a variant of DateTime that only returns the

modified state instead of changing itself. (Derick)

. Added new functions curl_escape, curl_multi_setopt, curl_multi_strerror

curl_pause, curl_reset, curl_share_close, curl_share_init,

curl_share_setopt curl_strerror and curl_unescape. (Pierrick)

. Addes new curl options CURLOPT_TELNETOPTIONS, CURLOPT_GSSAPI_DELEGATION,

CURLOPT_ACCEPTTIMEOUT_MS, CURLOPT_SSL_OPTIONS, CURLOPT_TCP_KEEPALIVE,

CURLOPT_TCP_KEEPIDLE and CURLOPT_TCP_KEEPINTVL. (Pierrick)

. Fixed bug #64825 (Invalid free when unserializing DateTimeZone).

(Anatol)

. Fixed bug #64359 (strftime crash with VS2012). (Anatol)

. Fixed bug #62852 (Unserialize Invalid Date causes crash). (Anatol)

. Fixed bug #61642 (modify("+5 weekdays") returns Sunday).

(Dmitri Iouchtchenko)

. Fixed bug #60774 (DateInterval::format("%a") is always zero when an

interval is created using the createFromDateString method) (Lonny

Kapelushnik, Derick)

. Fixed bug #54567 (DateTimeZone serialize/unserialize) (Lonny

Kapelushnik, Derick)

. Fixed bug #53437 (Crash when using unserialized DatePeriod instance).

(Gustavo, Derick, Anatol)

- dba:

. Bug #62489: dba_insert not working as expected.

(marc-bennewitz at arcor dot de, Lars)

- Filter:

. Implemented FR #49180 - added MAC address validation. (Martin)

- Fileinfo:

. Upgraded libmagic to 5.14. (Anatol)

. Fixed bug #64830 (mimetype detection segfaults on mp3 file). (Anatol)

. Fixed bug #63590 (Different results in TS and NTS under Windows).

(Anatoliy)

. Fixed bug #63248 (Load multiple magic files from a directory under Windows).

(Anatoliy)

- FPM:

. Add --with-fpm-systemd option to report health to systemd, and

systemd_interval option to configure this. The service can now use

Type=notify in the systemd unit file. (Remi)

. Ignore QUERY_STRING when sent in SCRIPT_FILENAME. (Remi)

. Log a warning when a syscall fails. (Remi)

. Implemented FR #64764 (add support for FPM init.d script). (Lior Kaplan)

. Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi)

. Fixed bug #63999 (php with fpm fails to build on Solaris 10 or 11). (Adam)

. Fixed some possible memory or resource leaks and possible null dereference

detected by code coverity scan. (Remi)

- GD:

. Fixed Bug #64962 (imagerotate produces corrupted image). (Remi)

. Fixed Bug #64961 (segfault in imagesetinterpolation). (Remi)

. Fix build with system libgd >= 2.1 which is now the minimal

version required (as build with previous version is broken).

No change when bundled libgd is used. (Ondrej Sury, Remi)

- Hash:

. Added support for PBKDF2 via hash_pbkdf2(). (Anthony Ferrara)

. Fixed Bug #64745 (hash_pbkdf2() truncates data when using default length

and hex output). (Anthony Ferrara)

- Intl:

. Added UConverter wrapper.

. The intl extension now requires ICU 4.0+.

. Added intl.use_exceptions INI directive, which controls what happens when

global errors are set together with intl.error_level. (Gustavo)

. MessageFormatter::format() and related functions now accepted named

arguments and mixed numeric/named arguments in ICU 4.8+. (Gustavo)

. MessageFormatter::format() and related functions now don't error out when

an insufficient argument count is provided. Instead, the placeholders will

remain unsubstituted. (Gustavo)

. MessageFormatter::parse() and MessageFormat::format() (and their static

equivalents) don't throw away better than second precision in the arguments.

(Gustavo)

. IntlDateFormatter::__construct and datefmt_create() now accept for the

$timezone argument time zone identifiers, IntlTimeZone objects, DateTimeZone

objects and NULL. (Gustavo)

. IntlDateFormatter::__construct and datefmt_create() no longer accept invalid

timezone identifiers or empty strings. (Gustavo)

. The default time zone used in IntlDateFormatter::__construct and

datefmt_create() (when the corresponding argument is not passed or NULL is

passed) is now the one given by date_default_timezone_get(), not the

default ICU time zone. (Gustavo)

. The time zone passed to the IntlDateFormatter is ignored if it is NULL and

if the calendar passed is an IntlCalendar object -- in this case, the

IntlCalendar's time zone will be used instead. Otherwise, the time zone

specified in the $timezone argument is used instead. This does not affect

old code, as IntlCalendar was introduced in this version. (Gustavo)

. IntlDateFormatter::__construct and datefmt_create() now accept for the

$calendar argument also IntlCalendar objects. (Gustavo)

. IntlDateFormatter::getCalendar() and datefmt_get_calendar() return false

if the IntlDateFormatter was set up with an IntlCalendar instead of the

constants IntlDateFormatter::GREGORIAN/TRADITIONAL. IntlCalendar did not

exist before this version. (Gustavo)

. IntlDateFormatter::setCalendar() and datefmt_set_calendar() now also accept

an IntlCalendar object, in which case its time zone is taken. Passing a

constant is still allowed, and still keeps the time zone. (Gustavo)

. IntlDateFormatter::setTimeZoneID() and datefmt_set_timezone_id() are

deprecated. Use IntlDateFormatter::setTimeZone() or datefmt_set_timezone()

instead. (Gustavo)

. IntlDateFormatter::format() and datefmt_format() now also accept an

IntlCalendar object for formatting. (Gustavo)

. Added the classes: IntlCalendar, IntlGregorianCalendar, IntlTimeZone,

IntlBreakIterator, IntlRuleBasedBreakIterator and

IntlCodePointBreakIterator. (Gustavo)

. Added the functions: intlcal_get_keyword_values_for_locale(),

intlcal_get_now(), intlcal_get_available_locales(), intlcal_get(),

intlcal_get_time(), intlcal_set_time(), intlcal_add(),

intlcal_set_time_zone(), intlcal_after(), intlcal_before(), intlcal_set(),

intlcal_roll(), intlcal_clear(), intlcal_field_difference(),

intlcal_get_actual_maximum(), intlcal_get_actual_minimum(),

intlcal_get_day_of_week_type(), intlcal_get_first_day_of_week(),

intlcal_get_greatest_minimum(), intlcal_get_least_maximum(),

intlcal_get_locale(), intlcal_get_maximum(),

intlcal_get_minimal_days_in_first_week(), intlcal_get_minimum(),

intlcal_get_time_zone(), intlcal_get_type(),

intlcal_get_weekend_transition(), intlcal_in_daylight_time(),

intlcal_is_equivalent_to(), intlcal_is_lenient(), intlcal_is_set(),

intlcal_is_weekend(), intlcal_set_first_day_of_week(),

intlcal_set_lenient(), intlcal_equals(),

intlcal_get_repeated_wall_time_option(),

intlcal_get_skipped_wall_time_option(),

intlcal_set_repeated_wall_time_option(),

intlcal_set_skipped_wall_time_option(), intlcal_from_date_time(),

intlcal_to_date_time(), intlcal_get_error_code(),

intlcal_get_error_message(), intlgregcal_create_instance(),

intlgregcal_set_gregorian_change(), intlgregcal_get_gregorian_change() and

intlgregcal_is_leap_year(). (Gustavo)

. Added the functions: intltz_create_time_zone(), intltz_create_default(),

intltz_get_id(), intltz_get_gmt(), intltz_get_unknown(),

intltz_create_enumeration(), intltz_count_equivalent_ids(),

intltz_create_time_zone_id_enumeration(), intltz_get_canonical_id(),

intltz_get_region(), intltz_get_tz_data_version(),

intltz_get_equivalent_id(), intltz_use_daylight_time(), intltz_get_offset(),

intltz_get_raw_offset(), intltz_has_same_rules(), intltz_get_display_name(),

intltz_get_dst_savings(), intltz_from_date_time_zone(),

intltz_to_date_time_zone(), intltz_get_error_code(),

intltz_get_error_message(). (Gustavo)

. Added the methods: IntlDateFormatter::formatObject(),

IntlDateFormatter::getCalendarObject(), IntlDateFormatter::getTimeZone(),

IntlDateFormatter::setTimeZone(). (Gustavo)

. Added the functions: datefmt_format_object(), datefmt_get_calendar_object(),

datefmt_get_timezone(), datefmt_set_timezone(),

datefmt_get_calendar_object(), intlcal_create_instance(). (Gustavo)

- mbstring:

. Fixed bug #64769 (mbstring PHPTs crash on Windows x64). (Anatol)

- MCrypt

. mcrypt_ecb(), mcrypt_cbc(), mcrypt_cfb() and mcrypt_ofb() now throw

E_DEPRECATED. (GoogleGuy)

- mysql

. This extension is now deprecated, and deprecation warnings will be generated

when connections are established to databases via mysql_connect(),

mysql_pconnect(), or through implicit connection: use MySQLi or PDO_MySQL

instead (https://wiki.php.net/rfc/mysql_deprecation). (Adam)

. Dropped support for LOAD DATA LOCAL INFILE handlers when using libmysql.

Known for stability problems. (Andrey)

. Added support for SHA256 authentication available with MySQL 5.6.6+.

(Andrey)

- mysqli:

. Added mysqli_begin_transaction()/mysqli::begin_transaction(). Implemented

all options, per MySQL 5.6, which can be used with START TRANSACTION, COMMIT

and ROLLBACK through options to mysqli_commit()/mysqli_rollback() and their

respective OO counterparts. They work in libmysql and mysqlnd mode. (Andrey)

. Added mysqli_savepoint(), mysqli_release_savepoint(). (Andrey)

. Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB

pointer has closed). (Laruence)

. Fixed bug #64394 (MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS undeclared when

using Connector/C). (Andrey)

- mysqlnd

. Add new begin_transaction() call to the connection object. Implemented all

options, per MySQL 5.6, which can be used with START TRANSACTION, COMMIT

and ROLLBACK. (Andrey)

. Added mysqlnd_savepoint(), mysqlnd_release_savepoint(). (Andrey)

. Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc

for stmt->param_bind). (Andrey)

. Fixed return value of mysqli_stmt_affected_rows() in the time after

prepare() and before execute(). (Andrey)

- PCRE:

. Merged PCRE 8.32. (Anatol)

. Deprecated the /e modifier

(https://wiki.php.net/rfc/remove_preg_replace_eval_modifier). (Nikita Popov)

. Fixed bug #63284 (Upgrade PCRE to 8.31). (Anatoliy)

- PDO:

. Fixed bug #63176 (Segmentation fault when instantiate 2 persistent PDO to

the same db server). (Laruence)

- PDO_DBlib:

. Fixed bug #63638 (Cannot connect to SQL Server 2008 with PDO dblib).

(Stanley Sufficool)

. Fixed bug #64338 (pdo_dblib can't connect to Azure SQL). (Stanley

Sufficool)

. Fixed bug #64808 (FreeTDS PDO getColumnMeta on a prepared but not executed

statement crashes). (Stanley Sufficool)

- PDO_pgsql:

. Fixed Bug #64949 (Buffer overflow in _pdo_pgsql_error). (Remi)

- PDO_mysql:

. Fixed bug #48724 (getColumnMeta() doesn't return native_type for BIT,

TINYINT and YEAR). (Antony, Daniel Beardsley)

- pgsql:

. Added pg_escape_literal() and pg_escape_identifier() (Yasuo)

. Bug #46408: Locale number format settings can cause pg_query_params to

break with numerics. (asmecher, Lars)

- Phar:

. Fixed timestamp update on Phar contents modification. (Dmitry)

- Readline:

. Implement FR #55694 (Expose additional readline variable to prevent

default filename completion). (Hartmel)

- Reflection:

. Fixed bug #64007 (There is an ability to create instance of Generator by

hand). (Laruence)

- Sockets:

. Added recvmsg() and sendmsg() wrappers. (Gustavo)

See https://wiki.php.net/rfc/sendrecvmsg

. Fixed bug #64508 (Fails to build with --disable-ipv6). (Gustavo)

. Fixed bug #64287 (sendmsg/recvmsg shutdown handler causes segfault).

(Gustavo)

- SPL:

. Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on

64-bits systems). (Laruence)

. Fixed bug #64264 (SPLFixedArray toArray problem). (Laruence)

. Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS).

(patch by kriss@krizalys.com, Laruence)

. Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended).

(Nikita Popov)

. Fix bug #60560 (SplFixedArray un-/serialize, getSize(), count() return 0,

keys are strings). (Adam)

. Fixed bug #52861 (unset fails with ArrayObject and deep arrays).

(Mike Willbanks)

. Implement FR #48358 (Add SplDoublyLinkedList::add() to insert an element

at a given offset). (Mark Baker, David Soria Parra)

- SNMP:

. Fixed bug #64765 (Some IPv6 addresses get interpreted wrong).

(Boris Lytochkin)

. Fixed bug #64159 (Truncated snmpget). (Boris Lytochkin)

. Fixed bug #64124 (IPv6 malformed). (Boris Lytochkin)

. Fixed bug #61981 (OO API, walk: $suffix_as_key is not working correctly).

(Boris Lytochkin)

- SOAP:

. Added SoapClient constructor option 'ssl_method' to specify ssl method.

(Eric Iversen)

- Streams:

. Fixed bug #64770 (stream_select() fails with pipes returned by proc_open()

on Windows x64). (Anatol)

. Fixed Windows x64 version of stream_socket_pair() and improved error

handling. (Anatol Belski)

- Tokenizer:

. Fixed bug #60097 (token_get_all fails to lex nested heredoc). (Nikita Popov)

- Zip:

. Upgraded libzip to 0.10.1 (Anatoliy)

. Bug #64452 (Zip crash intermittently). (Anatol)

. Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).

(Anatol)

06 Jun 2013, PHP 5.4.16

- Core:

. Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode,

CVE 2013-2110). (Stas)

. Fixed bug #64853 (Use of no longer available ini directives causes crash on

TS build). (Anatol)

. Fixed bug #64729 (compilation failure on x32). (Gustavo)

. Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry)

. Fixed bug #64660 (Segfault on memory exhaustion within function definition).

(Stas, reported by Juha Kylmänen)

- Calendar:

. Fixed bug #64895 (Integer overflow in SndToJewish). (Remi)

- Fileinfo:

. Fixed bug #64830 (mimetype detection segfaults on mp3 file). (Anatol)

- FPM:

. Ignore QUERY_STRING when sent in SCRIPT_FILENAME. (Remi)

. Fixed some possible memory or resource leaks and possible null dereference

detected by code coverity scan. (Remi)

. Log a warning when a syscall fails. (Remi)

. Add --with-fpm-systemd option to report health to systemd, and

systemd_interval option to configure this. The service can now use

Type=notify in the systemd unit file. (Remi)

- MySQLi

. Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB

pointer has closed). (Laruence)

- Phar

. Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, SMB or

with non std tmp dir). (Pierre)

- SNMP:

. Fixed bug #64765 (Some IPv6 addresses get interpreted wrong).

(Boris Lytochkin)

. Fixed bug #64159 (Truncated snmpget). (Boris Lytochkin)

- Streams:

. Fixed bug #64770 (stream_select() fails with pipes returned by proc_open()

on Windows x64). (Anatol)

- Zend Engine:

. Fixed bug #64821 (Custom Exceptions crash when internal properties

overridden). (Anatol)

09 May 2013, PHP 5.4.15

- Core:

. Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap:

segfault). (Laruence)

. Fixed bug #64458 (dns_get_record result with string of length -1). (Stas)

. Fixed bug #64433 (follow_location parameter of context is ignored for most

response codes). (Sergey Akbarov)

. Fixed bugs #47675 and #64577 (fd leak on Solaris)

- Fileinfo:

. Upgraded libmagic to 5.14. (Anatol)

- MySQLi:

. Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB

pointer has closed). (Laruence)

- Zip:

. Fixed bug #64342 (ZipArchive::addFile() has to check for file existence).

(Anatol)

- Streams:

. Fixed Windows x64 version of stream_socket_pair() and improved error

handling. (Anatol Belski)

. Fixed bug #64770 (stream_select() fails with pipes returned by proc_open()

on Windows x64). (Anatol)

11 Apr 2013, PHP 5.4.14

- Core:

. Fixed bug #64529 (Ran out of opcode space). (Dmitry)

. Fixed bug #64515 (Memoryleak when using the same variablename two times in

function declaration). (Laruence)

. Fixed bug #64432 (more empty delimiter warning in strX methods). (Laruence)

. Fixed bug #64417 (ArrayAccess::&offsetGet() in a trait causes fatal error).

(Dmitry)

. Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']).

(Anatol)

. Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or 5.4.11).

(Dmitry, Laruence)

. Fixed bug #63976 (Parent class incorrectly using child constant in class

property). (Dmitry)

. Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle

exceptions properly). (Jeff Welch)

. Fixed bug #62343 (Show class_alias In get_declared_classes()) (Dmitry)

- PCRE:

. Merged PCRE 8.32. (Anatol)

- SNMP:

. Fixed bug #61981 (OO API, walk: $suffix_as_key is not working correctly).

(Boris Lytochkin)

- Zip:

. Bug #64452 (Zip crash intermittently). (Anatol)

14 Mar 2013, PHP 5.4.13

- Core:

. Fixed bug #64354 (Unserialize array of objects whose class can't

be autoloaded fail). (Laruence)

. Fixed bug #64235 (Insteadof not work for class method in 5.4.11).

(Laruence)

. Fixed bug #64197 (_Offsetof() macro used but not defined on ARM/Clang).

(Ard Biesheuvel)

. Implemented FR #64175 (Added HTTP codes as of RFC 6585). (Jonh Wendell)

. Fixed bug #64142 (dval to lval different behavior on ppc64). (Remi)

. Fixed bug #64070 (Inheritance with Traits failed with error). (Dmitry)

- CLI server:

. Fixed bug #64128 (buit-in web server is broken on ppc64). (Remi)

- Mbstring:

. mb_split() can now handle empty matches like preg_split() does. (Moriyoshi)

- mysqlnd

. Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc

for stmt->param_bind). (Andrey)

- OpenSSL:

. New SSL stream context option to prevent CRIME attack vector. (Daniel Lowrey,

Lars)

. Fixed bug #61930 (openssl corrupts ssl key resource when using

openssl_get_publickey()). (Stas)

- PDO_mysql:

. Fixed bug #60840 (undefined symbol: mysqlnd_debug_std_no_trace_funcs).

(Johannes)

- Phar:

. Fixed timestamp update on Phar contents modification. (Dmitry)

- SOAP

. Added check that soap.wsdl_cache_dir conforms to open_basedir

(CVE-2013-1635). (Dmitry)

. Disabled external entities loading (CVE-2013-1643, CVE-2013-1824).

(Dmitry)

- Phar:

. Fixed timestamp update on Phar contents modification. (Dmitry)

- SPL:

. Fixed bug #64264 (SPLFixedArray toArray problem). (Laruence)

. Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS).

(patch by kriss@krizalys.com, Laruence)

. Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended).

(Nikita Popov)

. Fixed bug #52861 (unset fails with ArrayObject and deep arrays).

(Mike Willbanks)

- SNMP:

. Fixed bug #64124 (IPv6 malformed). (Boris Lytochkin)

21 Feb 2013, PHP 5.4.12

- Core:

. Fixed bug #64099 (Wrong TSRM usage in zend_Register_class alias). (Johannes)

. Fixed bug #64011 (get_html_translation_table() output incomplete with

HTML_ENTITIES and ISO-8859-1). (Gustavo)

. Fixed bug #63982 (isset() inconsistently produces a fatal error on

protected property). (Stas)

. Fixed bug #63943 (Bad warning text from strpos() on empty needle).

(Laruence)

. Fixed bug #63899 (Use after scope error in zend_compile). (Laruence)

. Fixed bug #63893 (Poor efficiency of strtr() using array with keys of very

different length). (Gustavo)

. Fixed bug #63882 (zend_std_compare_objects crash on recursion). (Dmitry)

. Fixed bug #63462 (Magic methods called twice for unset protected

properties). (Stas)

. Fixed bug #62524 (fopen follows redirects for non-3xx statuses).

(Wes Mason)

. Support BITMAPV5HEADER in getimagesize(). (AsamK, Lars)

- Date:

. Fixed bug #63699 (Performance improvements for various ext/date functions).

(Lars, original patch by njaguar at gmail dot com)

. Fixed bug #55397: Comparsion of incomplete DateTime causes SIGSEGV.

(Derick)

- FPM:

. Fixed bug #63999 (php with fpm fails to build on Solaris 10 or 11). (Adam)

- Litespeed:

. Fixed bug #63228 (-Werror=format-security error in lsapi code). (George)

- ext/sqlite3:

. Fixed bug #63921 (sqlite3::bindvalue and relative PHP functions aren't

using sqlite3_*_int64 API). (srgoogleguy, Lars)

- PDO_OCI

. Fixed bug #57702 (Multi-row BLOB fetches). (hswong3i, Laruence)

. Fixed bug #52958 (Segfault in PDO_OCI on cleanup after running a long

testsuite). (hswong3i, Lars)

- PDO_sqlite:

. Fixed bug #63916 (PDO::PARAM_INT casts to 32bit int internally even

on 64bit builds in pdo_sqlite). (srgoogleguy, Lars)

17 Jan 2013, PHP 5.4.11

- Core:

. Fixed bug #63762 (Sigsegv when Exception::$trace is changed by user).

(Johannes)

. Fixed bug #43177 (Errors in eval()'ed code produce status code 500).

(Todd Ruth, Stas).

- Filter:

. Fixed bug #63757 (getenv() produces memory leak with CGI SAPI). (Dmitry)

. Fixed bug #54096 (FILTER_VALIDATE_INT does not accept +0 and -0).

(martin at divbyzero dot net, Lars)

- JSON:

. Fixed bug #63737 (json_decode does not properly decode with options

parameter). (Adam)

- CLI server

. Update list of common mime types. Added webm, ogv, ogg. (Lars,

pascalc at gmail dot com)

- cURL extension:

. Fixed bug (segfault due to libcurl connection caching). (Pierrick)

. Fixed bug #63859 (Memory leak when reusing curl-handle). (Pierrick)

. Fixed bug #63795 (CURL >= 7.28.0 no longer support value 1 for

CURLOPT_SSL_VERIFYHOST). (Pierrick)

. Fixed bug #63352 (Can't enable hostname validation when using curl stream

wrappers). (Pierrick)

. Fixed bug #55438 (Curlwapper is not sending http header randomly).

(phpnet@lostreality.org, Pierrick)

20 Dec 2012, PHP 5.4.10

- Core:

. Fixed bug #63726 (Memleak with static properties and internal/user

classes). (Laruence)

. Fixed bug #63635 (Segfault in gc_collect_cycles). (Dmitry)

. Fixed bug #63512 (parse_ini_file() with INI_SCANNER_RAW removes quotes

from value). (Pierrick)

. Fixed bug #63468 (wrong called method as callback with inheritance).

(Laruence)

. Fixed bug #63451 (config.guess file does not have AIX 7 defined,

shared objects are not created). (kemcline at au1 dot ibm dot com)

. Fixed bug #61557 (Crasher in tt-rss backend.php).

(i dot am dot jack dot mail at gmail dot com)

. Fixed bug #61272 (ob_start callback gets passed empty string).

(Mike, casper at langemeijer dot eu)

- Date:

. Fixed bug #63666 (Poor date() performance). (Paul Taulborg).

. Fixed bug #63435 (Datetime::format('u') sometimes wrong by 1 microsecond).

(Remi)

- Imap:

. Fixed bug #63126 (DISABLE_AUTHENTICATOR ignores array). (Remi)

- Json:

. Fixed bug #63588 (use php_next_utf8_char and remove duplicate

implementation). (Remi)

- MySQLi:

. Fixed bug #63361 (missing header). (Remi)

- MySQLnd:

. Fixed bug #63398 (Segfault when polling closed link). (Laruence)

- Fileinfo:

. Fixed bug #63590 (Different results in TS and NTS under Windows).

(Anatoliy)

- FPM:

. Fixed bug #63581 Possible null dereference and buffer overflow (Remi)

- Pdo_sqlite:

. Fixed Bug #63149 getColumnMeta should return the table name

when system SQLite used. (Remi)

- Apache2 Handler SAPI:

. Enabled Apache 2.4 configure option for Windows (Pierre, Anatoliy)

- Reflection:

. Fixed Bug #63614 (Fatal error on Reflection). (Laruence)

- SOAP

. Fixed bug #63271 (SOAP wsdl cache is not enabled after initial requests).

(John Jawed, Dmitry)

- Sockets

. Fixed bug #49341 (Add SO_REUSEPORT support for socket_set_option()).

(Igor Wiedler, Lars)

- SPL

. Fixed bug #63680 (Memleak in splfixedarray with cycle reference). (Laruence)

22 Nov 2012, PHP 5.4.9

- Core:

. Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence)

. Fixed bug #63369 ((un)serialize() leaves dangling pointers, causes crashes).

(Tony, Andrew Sitnikov)

. Fixed bug #63241 (PHP fails to open Windows deduplicated files).

(daniel dot stelter-gliese at innogames dot de)

. Fixed bug #62444 (Handle leak in is_readable on windows).

(krazyest at seznam dot cz)

- Curl:

. Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST).

Patch by John Jawed GitHub PR #221 (Anthony)

- Fileinfo:

. Fixed bug #63248 (Load multiple magic files from a directory under Windows).

(Anatoliy)

- Libxml

. Fixed bug #63389 (Missing context check on libxml_set_streams_context()

causes memleak). (Laruence)

- Mbstring:

. Fixed bug #63447 (max_input_vars doesn't filter variables when

mbstring.encoding_translation = On). (Laruence)

- OCI8:

. Fixed bug #63265 (Add ORA-00028 to the PHP_OCI_HANDLE_ERROR macro)

(Chris Jones)

- PCRE:

. Fixed bug #63180 (Corruption of hash tables). (Dmitry)

. Fixed bug #63055 (Segfault in zend_gc with SF2 testsuite).

(Dmitry, Laruence)

. Fixed bug #63284 (Upgrade PCRE to 8.31). (Anatoliy)

- PDO:

. Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).

(Martin Osvald, Remi)

- PDO_pgsql:

. Fixed bug #62593 (Emulate prepares behave strangely with PARAM_BOOL).

(Will Fitch)

- Phar:

. Fixed bug #63297 (Phar fails to write an openssl based signature).

(Anatoliy)

- Streams:

. Fixed bug #63240 (stream_get_line() return contains delimiter string).

(Tjerk, Gustavo)

- Reflection:

. Fixed bug #63399 (ReflectionClass::getTraitAliases() incorrectly resolves

traitnames). (Laruence)

18 Oct 2012, PHP 5.4.8

- CLI server:

. Implemented FR #63242 (Default error page in PHP built-in web server uses

outdated html/css). (pascal.chevrel@free.fr)

. Changed response to unknown HTTP method to 501 according to RFC.

(Niklas Lindgren).

. Support HTTP PATCH method. Patch by Niklas Lindgren, GitHub PR #190.

(Lars)

- Core:

. Fixed bug #63219 (Segfault when aliasing trait method when autoloader

throws excpetion). (Laruence)

. Added optional second argument for assert() to specify custom message. Patch

by Lonny Kapelushnik (lonny@lonnylot.com). (Lars)

. Support building PHP with the native client toolchain. (Stuart Langley)

. Added --offline option for tests. (Remi)

. Fixed bug #63162 (parse_url does not match password component). (husman)

. Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry)

. Fixed bug #63093 (Segfault while load extension failed in zts-build).

(Laruence)

. Fixed bug #62976 (Notice: could not be converted to int when comparing

some builtin classes). (Laruence)

. Fixed bug #62955 (Only one directive is loaded from "Per Directory Values"

Windows registry). (aserbulov at parallels dot com)

. Fixed bug #62907 (Double free when use traits). (Dmitry)

. Fixed bug #61767 (Shutdown functions not called in certain error

situation). (Dmitry)

. Fixed bug #60909 (custom error handler throwing Exception + fatal error

= no shutdown function). (Dmitry)

. Fixed bug #60723 (error_log error time has changed to UTC ignoring default

timezone). (Laruence)

- cURL:

. Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will

cause cpu Soaring). (Pierrick)

- Date:

. Fixed bug #62896 ("DateTime->modify('+0 days')" modifies DateTime object)

(Lonny Kapelushnik)

. Fixed bug #62561 (DateTime add 'P1D' adds 25 hours). (Lonny Kapelushnik)

- DOM:

. Fixed bug #63015 (Incorrect arginfo for DOMErrorHandler). (Rob)

- FPM:

. Fixed bug #62954 (startup problems fpm / php-fpm). (fat)

. Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat)

. Fixed bug #63085 (Systemd integration and daemonize). (remi, fat)

. Fixed bug #62947 (Unneccesary warnings on FPM). (fat)

. Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat)

. Fixed bug #62216 (Add PID to php-fpm init.d script). (fat)

- OCI8:

. Fixed bug #60901 (Improve "tail" syntax for AIX installation) (Chris Jones)

- OpenSSL:

. Implemented FR #61421 (OpenSSL signature verification missing RMD160,

SHA224, SHA256, SHA384, SHA512). (Mark Jones)

- PDO:

. Fixed bug #63258 (seg fault with PDO and dblib using DBSETOPT(H->link,

DBQUOTEDIDENT, 1)). (Laruence)

. Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).

(Martin Osvald, Remi)

- PDO Firebird:

. Fixed bug #63214 (Large PDO Firebird Queries).

(james at kenjim dot com)

- SOAP

. Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice).

(Dmitry)

- SPL:

. Bug #62987 (Assigning to ArrayObject[null][something] overrides all

undefined variables). (Laruence)

- mbstring:

. Allow passing null as a default value to mb_substr() and mb_strcut(). Patch

by Alexander Moskaliov via GitHub PR #133. (Lars)

- Filter extension:

. Bug #49510: Boolean validation fails with FILTER_NULL_ON_FAILURE with empty

string or false. (Lars)

- Sockets

. Fixed bug #63000 (MCAST_JOIN_GROUP on OSX is broken, merge of PR 185 by

Igor Wiedler). (Lars)

13 Sep 2012, PHP 5.4.7

- Core:

. Fixed bug (segfault while build with zts and GOTO vm-kind). (Laruence)

. Fixed bug #62844 (parse_url() does not recognize //). (Andrew Faulds).

. Fixed bug #62829 (stdint.h included on platform where HAVE_STDINT_H is not

set). (Felipe)

. Fixed bug #62763 (register_shutdown_function and extending class).

(Laruence)

. Fixed bug #62725 (Calling exit() in a shutdown function does not return

the exit value). (Laruence)

. Fixed bug #62744 (dangling pointers made by zend_disable_class). (Laruence)

. Fixed bug #62716 (munmap() is called with the incorrect length).

(slangley@google.com)

. Fixed bug #62358 (Segfault when using traits a lot). (Laruence)

. Fixed bug #62328 (implementing __toString and a cast to string fails)

(Laruence)

. Fixed bug #51363 (Fatal error raised by var_export() not caught by error

handler). (Lonny Kapelushnik)

. Fixed bug #40459 (Stat and Dir stream wrapper methods do not call

constructor). (Stas)

- CURL:

. Fixed bug #62912 (CURLINFO_PRIMARY_* AND CURLINFO_LOCAL_* not exposed).

(Pierrick)

. Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE). (Pierrick)

- Intl:

. Fixed Spoofchecker not being registered on ICU 49.1. (Gustavo)

. Fix bug #62933 (ext/intl compilation error on icu 3.4.1). (Gustavo)

. Fix bug #62915 (defective cloning in several intl classes). (Gustavo)

- Installation:

. Fixed bug #62460 (php binaries installed as binary.dSYM). (Reeze Xia)

- PCRE:

. Fixed bug #55856 (preg_replace should fail on trailing garbage).

(reg dot php at alf dot nu)

- PDO:

. Fixed bug #62685 (Wrong return datatype in PDO::inTransaction()). (Laruence)

- Reflection:

. Fixed bug #62892 (ReflectionClass::getTraitAliases crashes on importing

trait methods as private). (Felipe)

. Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong

result). (Laruence)

- Session:

. Fixed bug (segfault due to retval is not initialized). (Laruence)

. Fixed bug (segfault due to PS(mod_user_implemented) not be reseted

when close handler call exit). (Laruence)

- SOAP

. Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice).

(Dmitry)

- SPL:

. Fixed bug #62904 (Crash when cloning an object which inherits SplFixedArray)

(Laruence)

. Implemented FR #62840 (Add sort flag to ArrayObject::ksort). (Laruence)

- Standard:

. Fixed bug #62836 (Seg fault or broken object references on unserialize()).

(Laruence)

- FPM:

. Merged PR 121 by minitux to add support for slow request counting on PHP

FPM status page. (Lars)

16 Aug 2012, PHP 5.4.6

- CLI Server:

. Implemented FR #62700 (have the console output 'Listening on

http://http://www.zjjv.com//, Laruence)

- DateTime:

. Fixed Bug #62500 (Segfault in DateInterval class when extended). (Laruence)

- Fileinfo:

. Fixed bug #61964 (finfo_open with directory causes invalid free).

(reeze.xia@gmail.com)

- Intl:

. Fixed bug #62564 (Extending MessageFormatter and adding property causes

crash). (Felipe)

- MySQLnd:

. Fixed bug #62594 (segfault in mysqlnd_res_meta::set_mode). (Laruence)

- readline:

. Fixed bug #62612 (readline extension compilation fails with

sapi/cli/cli.h: No such file). (Johannes)

- Reflection:

. Implemented FR #61602 (Allow access to name of constant used as default

value). (reeze.xia@gmail.com)

- SimpleXML:

. Implemented FR #55218 Get namespaces from current node. (Lonny)

- SPL:

. Fixed bug #62616 (ArrayIterator::count() from IteratorIterator instance

gives Segmentation fault). (Laruence, Gustavo)

. Fixed bug #61527 (ArrayIterator gives misleading notice on next() when

moved to the end). (reeze.xia@gmail.com)

- Streams:

. Fixed bug #62597 (segfault in php_stream_wrapper_log_error with ZTS build).

(Laruence)

- Zlib:

. Fixed bug #55544 (ob_gzhandler always conflicts with

zlib.output_compression). (Laruence)

19 Jul 2012, PHP 5.4.5

- Core:

. Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed

Salt). (Anthony Ferrara)

. Fixed bug #62432 (ReflectionMethod random corrupt memory on high

concurrent). (Johannes)

. Fixed bug #62373 (serialize() generates wrong reference to the object).

(Moriyoshi)

. Fixed bug #62357 (compile failure: (S) Arguments missing for built-in

function __memcmp). (Laruence)

. Fixed bug #61998 (Using traits with method aliases appears to result in

crash during execution). (Dmitry)

. Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that

includes a semi-colon). (Pierrick)

. Fixed potential overflow in _php_stream_scandir (CVE-2012-2688).

(Jason Powell, Stas)

- EXIF:

. Fixed information leak in ext exif (discovered by Martin Noga,

Matthew "j00ru" Jurczyk, Gynvael Coldwind)

- FPM:

. Fixed bug #62205 (php-fpm segfaults (null passed to strstr)). (fat)

. Fixed bug #62160 (Add process.priority to set nice(2) priorities). (fat)

. Fixed bug #62153 (when using unix sockets, multiples FPM instances

. Fixed bug #62033 (php-fpm exits with status 0 on some failures to start).

(fat)

. Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm). (fat)

. Fixed bug #61835 (php-fpm is not allowed to run as root). (fat)

. Fixed bug #61295 (php-fpm should not fail with commented 'user'

. Fixed bug #61218 (FPM drops connection while receiving some binary values

in FastCGI requests). (fat)

. Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat)

for non-root start). (fat)

. Fixed bug #61026 (FPM pools can listen on the same address). (fat)

can be launched without errors). (fat)

- Iconv:

. Fix bug #55042 (Erealloc in iconv.c unsafe). (Stas)

- Intl:

. Fixed bug #62083 (grapheme_extract() memory leaks). (Gustavo)

. ResourceBundle constructor now accepts NULL for the first two arguments.

(Gustavo)

. Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called

twice). (Gustavo)

. Fixed bug #62070 (Collator::getSortKey() returns garbage). (Gustavo)

. Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks

pattern). (Gustavo)

. Fixed bug #60785 (memory leak in IntlDateFormatter constructor). (Gustavo)

- JSON:

. Fixed bug #61359 (json_encode() calls too many reallocs). (Stas)

- libxml:

. Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM

SAPI). (Gustavo)

- Phar:

. Fixed bug #62227 (Invalid phar stream path causes crash). (Felipe)

- Readline:

. Fixed bug #62186 (readline fails to compile - void function should not

return a value). (Johannes)

- Reflection:

. Fixed bug #62384 (Attempting to invoke a Closure more than once causes

segfault). (Felipe)

. Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks

with constant). (Laruence)

- Sockets:

. Fixed bug #62025 (__ss_family was changed on AIX 5.3). (Felipe)

- SPL:

. Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to

dot files). (Laruence)

. Fixed bug #62262 (RecursiveArrayIterator does not implement Countable).

(Nikita Popov)

- XML Writer:

. Fixed bug #62064 (memory leak in the XML Writer module).

(jean-pierre dot lozi at lip6 dot fr)

- Zip:

. Upgraded libzip to 0.10.1 (Anatoliy)

14 Jun 2012, PHP 5.4.4

- COM:

. Fixed bug #62146 com_dotnet cannot be built shared. (Johannes)

- CLI Server:

. Implemented FR #61977 (Need CLI web-server support for files with .htm &

svg extensions). (Sixd, Laruence)

. Improved performance while sending error page, this also fixed

bug #61785 (Memory leak when access a non-exists file without router).

(Laruence)

. Fixed bug #61546 (functions related to current script failed when chdir()

in cli sapi). (Laruence, reeze.xia@gmail.com)

- Core:

. Fixed missing bound check in iptcparse(). (chris at chiappa.net)

. Fixed CVE-2012-2143. (Solar Designer)

. Fixed bug #62097 (fix for for bug #54547). (Gustavo)

. Fixed bug #62005 (unexpected behavior when incrementally assigning to a

member of a null object). (Laruence)

. Fixed bug #61978 (Object recursion not detected for classes that implement

JsonSerializable). (Felipe)

. Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy)

. Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config).

(Laruence)

. Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy)

. Fixed bug #61782 (__clone/__destruct do not match other methods when checking

access controls). (Stas)

. Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo)

. Fixed bug #61761 ('Overriding' a private static method with a different

signature causes crash). (Laruence)

. Fixed bug #61730 (Segfault from array_walk modifying an array passed by

reference). (Laruence)

. Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown

phase). (Laruence)

. Fixed bug #61713 (Logic error in charset detection for htmlentities).

(Anatoliy)

. Fixed bug #61660 (bin2hex(hex2bin($data)) != $data). (Nikita Popov)

. Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables

(without apache2)). (Laruence)

. Fixed bug #61605 (header_remove() does not remove all headers). (Laruence)

. Fixed bug #54547 (wrong equality of string numbers). (Gustavo)

. Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename

set to null). (Anatoliy)

. Changed php://fd to be available only for CLI.

- CURL:

. Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).

(Laruence)

- Fileinfo

. Fixed bug #61812 (Uninitialised value used in libmagic).

(Laruence, Gustavo)

. Fixed bug #61566 failure caused by the posix lseek and read versions

under windows in cdf_read(). (Anatoliy)

. Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a

directory descriptor under windows. (Anatoliy)

- Intl

. Fixed bug #62082 (Memory corruption in internal function

get_icu_disp_value_src_php()). (Gustavo)

- Libxml:

. Fixed bug #61617 (Libxml tests failed(ht is already destroyed)).

(Laruence)

- PDO:

. Fixed bug #61755 (A parsing bug in the prepared statements can lead to

access violations). (Johannes)

- Phar:

. Fixed bug #61065 (Secunia SA44335, CVE-2012-2386). (Rasmus)

- Pgsql:

. Added pg_escape_identifier/pg_escape_literal. (Yasuo Ohgaki)

- Streams:

. Fixed bug #61961 (file_get_contents leaks when access empty file with

maxlen set). (Reeze)

- Zlib:

. Fixed bug #61820 (using ob_gzhandler will complain about headers already

sent when no compression). (Mike)

. Fixed bug #61443 (can't change zlib.output_compression on the fly). (Mike)

. Fixed bug #60761 (zlib.output_compression fails on refresh). (Mike)

08 May 2012, PHP 5.4.3

- CGI

. Re-Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823.

(Stas)

. Fix bug #61807 - Buffer Overflow in apache_request_headers.

(nyt-php at countercultured dot net).

03 May 2012, PHP 5.4.2

- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus)

26 Apr 2012, PHP 5.4.1

- CLI Server:

. Fixed bug #61461 (missing checks around malloc() calls). (Ilia)

. Implemented FR #60850 (Built in web server does not set

$_SERVER['SCRIPT_FILENAME'] when using router). (Laruence)

. "Connection: close" instead of "Connection: closed" (Gustavo)

- Core:

. Fixed crash in ZTS using same class in many threads. (Johannes)

. Fixed bug #61374 (html_entity_decode tries to decode code points that don't

exist in ISO-8859-1). (Gustavo)

. Fixed bug #61273 (call_user_func_array with more than 16333 arguments

leaks / crashes). (Laruence)

. Fixed bug #61225 (Incorrect lexing of 0b00*+<NUM>). (Pierrick)

. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)

. Fixed bug #61106 (Segfault when using header_register_callback). (Nikita

Popov)

. Fixed bug #61087 (Memory leak in parse_ini_file when specifying

invalid scanner mode). (Nikic, Laruence)

. Fixed bug #61072 (Memory leak when restoring an exception handler).

(Nikic, Laruence)

. Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).

(Laruence)

. Fixed bug #61052 (Missing error check in trait 'insteadof' clause). (Stefan)

. Fixed bug #61011 (Crash when an exception is thrown by __autoload

accessing a static property). (Laruence)

. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical

vars). (Laruence)

. Fixed bug #60978 (exit code incorrect). (Laruence)

. Fixed bug #60911 (Confusing error message when extending traits). (Stefan)

. Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)

. Fixed bug #60717 (Order of traits in use statement can cause a fatal

error). (Stefan)

. Fixed bug #60573 (type hinting with "self" keyword causes weird errors).

(Laruence)

. Fixed bug #60569 (Nullbyte truncates Exception $message). (Ilia)

. Fixed bug #52719 (array_walk_recursive crashes if third param of the

function is by reference). (Nikita Popov)

. Improve performance of set_exception_handler while doing reset (Laruence)

- fileinfo:

. Fix fileinfo test problems. (Anatoliy Belsky)

- FPM

. Fixed bug #61430 (Transposed memset() params in sapi/fpm/fpm/fpm_shm.c).

(michaelhood at gmail dot com, Ilia)

- Ibase

. Fixed bug #60947 (Segmentation fault while executing ibase_db_info).

(Ilia)

- Installation

. Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)

- Intl:

. Fixed bug #61487 (Incorrent bounds checking in grapheme_strpos).

(Stas)

- mbstring:

. MFH mb_ereg_replace_callback() for security enhancements. (Rui)

- mysqli

. Fixed bug #61003 (mysql_stat() require a valid connection). (Johannes).

- mysqlnd

. Fixed bug #61704 (Crash apache, phpinfo() threading issue). (Johannes)

. Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled).

(Johannes)

- PDO

. Fixed bug #61292 (Segfault while calling a method on an overloaded PDO

object). (Laruence)

- PDO_mysql

. Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't

always work). (Johannes)

. Fixed bug #61194 (PDO should export compression flag with myslqnd).

(Johannes)

- PDO_odbc

. Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO). (Ilia)

- Phar

. Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL

bytes). (Nikita Popov)

- Readline:

. Fixed bug #61088 (Memory leak in readline_callback_handler_install).

(Nikic, Laruence)

- Reflection:

. Implemented FR #61602 (Allow access to the name of constant

used as function/method parameter's default value). (reeze.xia@gmail.com)

. Fixed bug #60968 (Late static binding doesn't work with

ReflectionMethod::invokeArgs()). (Laruence)

- Session

. Fixed bug #60634 (Segmentation fault when trying to die() in

SessionHandler::write()). (Ilia)

- SOAP

. Fixed bug #61423 (gzip compression fails). (Ilia)

. Fixed bug #60887 (SoapClient ignores user_agent option and sends no

User-Agent header). (carloschilazo at gmail dot com)

. Fixed bug #60842, #51775 (Chunked response parsing error when

chunksize length line is > 10 bytes). (Ilia)

. Fixed bug #49853 (Soap Client stream context header option ignored).

(Dmitry)

- SPL:

. Fixed bug #61453 (SplObjectStorage does not identify objects correctly).

(Gustavo)

. Fixed bug #61347 (inconsistent isset behavior of Arrayobject). (Laruence)

- Standard:

. Fixed memory leak in substr_replace. (Pierrick)

. Make max_file_uploads ini directive settable outside of php.ini (Rasmus)

. Fixed bug #61409 (Bad formatting on phpinfo()). (Jakub Vrana)

. Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia)

. Fixed bug #60106 (stream_socket_server silently truncates long unix socket

paths). (Ilia)

- XMLRPC:

. Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary

variable). (Nikita Popov)

. Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita

Popov)

- Zlib:

. Fixed bug #61306 (initialization of global inappropriate for ZTS). (Gustavo)

. Fixed bug #61287 (A particular string fails to decompress). (Mike)

. Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov)

01 Mar 2012, PHP 5.4.0

- Installation:

. autoconf 2.59+ is now supported (and required) for generating the

configure script with ./buildconf. Autoconf 2.60+ is desirable

otherwise the configure help order may be incorrect. (Rasmus, Chris Jones)

- Removed legacy features:

. break/continue $var syntax. (Dmitry)

. Safe mode and all related php.ini options. (Kalle)

. register_globals and register_long_arrays php.ini options. (Kalle)

. import_request_variables(). (Kalle)

. allow_call_time_pass_reference. (Pierrick)

. define_syslog_variables php.ini option and its associated function. (Kalle)

. highlight.bg php.ini option. (Kalle)

. safe_mode, safe_mode_gid, safe_mode_include_dir,

safe_mode_exec_dir, safe_mode_allowed_env_vars and

safe_mode_protected_env_vars php.ini options.

. zend.ze1_compatibility_mode php.ini option.

. Session bug compatibility mode (session.bug_compat_42 and

session.bug_compat_warn php.ini options). (Kalle)

. session_is_registered(), session_register() and session_unregister()

functions. (Kalle)

. y2k_compliance php.ini option. (Kalle)

. magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase

php.ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept

but always return false, set_magic_quotes_runtime raises an

E_CORE_ERROR. (Pierrick, Pierre)

. Removed support for putenv("TZ=..") for setting the timezone. (Derick)

. Removed the timezone guessing algorithm in case the timezone isn't set with

date.timezone or date_default_timezone_set(). Instead of a guessed

timezone, "UTC" is now used instead. (Derick)

- Moved extensions to PECL:

. ext/sqlite. (Note: the ext/sqlite3 and ext/pdo_sqlite extensions are

not affected) (Johannes)

- General improvements:

. Added short array syntax support ([1,2,3]), see UPGRADING guide for full

details. (rsky0711 at gmail . com, sebastian.deutsch at 9elements . com,

Pierre)

. Added binary number format (0b001010). (Jonah dot Harris at gmail dot com)

. Added support for Class::{expr}() syntax (Pierrick)

. Added multibyte support by default. Previously PHP had to be compiled

with --enable-zend-multibyte. Now it can be enabled or disabled through

the zend.multibyte directive in php.ini. (Dmitry)

. Removed compile time dependency from ext/mbstring (Dmitry)

. Added support for Traits. (Stefan, with fixes by Dmitry and Laruence)

. Added closure $this support back. (Stas)

. Added array dereferencing support. (Felipe)

. Added callable typehint. (Hannes)

. Added indirect method call through array. FR #47160. (Felipe)

. Added DTrace support. (David Soria Parra)

. Added class member access on instantiation (e.g. (new foo)->bar()) support.

(Felipe)

. <?= is now always available regardless of the short_open_tag setting. (Rasmus)

. Implemented Zend Signal Handling (configurable option --enable-zend-signals,

off by default). (Lucas Nealan, Arnaud Le Blanc, Brian Shire, Ilia)

. Improved output layer, see README.NEW-OUTPUT-API for internals. (Mike)

. Improved UNIX build system to allow building multiple PHP binary SAPIs and

one SAPI module the same time. FR #53271, FR #52419. (Jani)

. Implemented closure rebinding as parameter to bindTo. (Gustavo Lopes)

. Improved the warning message of incompatible arguments. (Laruence)

. Improved ternary operator performance when returning arrays. (Arnaud, Dmitry)

. Changed error handlers to only generate docref links when the docref_root

php.ini setting is not empty. (Derick)

. Changed silent conversion of array to string to produce a notice. (Patrick)

. Changed default encoding from ISO-8859-1 to UTF-8 when not specified in

htmlspecialchars and htmlentities. (Rasmus)

. Changed casting of null/''/false into an Object when adding a property

from E_STRICT into a warning. (Scott)

. Changed E_ALL to include E_STRICT. (Stas)

. Disabled Windows CRT warning by default, can be enabled again using the

php.ini directive windows_show_crt_warnings. (Pierre)

. Fixed bug #55378: Binary number literal returns float number though its

value is small enough. (Derick)

- Improved Zend Engine memory usage: (Dmitry)

. Improved parse error messages. (Felipe)

. Replaced zend_function.pass_rest_by_reference by

ZEND_ACC_PASS_REST_BY_REFERENCE in zend_function.fn_flags.

. Replaced zend_function.return_reference by ZEND_ACC_RETURN_REFERENCE

in zend_function.fn_flags.

. Removed zend_arg_info.required_num_args as it was only needed for internal

functions. Now the first arg_info for internal functions (which has special

meaning) is represented by the zend_internal_function_info structure.

. Moved zend_op_array.size, size_var, size_literal, current_brk_cont,

backpatch_count into CG(context) as they are used only during compilation.

. Moved zend_op_array.start_op into EG(start_op) as it's used only for

'interactive' execution of a single top-level op-array.

. Replaced zend_op_array.done_pass_two by ZEND_ACC_DONE_PASS_TWO in

zend_op_array.fn_flags.

. op_array.vars array is trimmed (reallocated) during pass_two.

. Replaced zend_class_entry.constants_updated by ZEND_ACC_CONSTANTS_UPDATED

in zend_class_entry.ce_flags.

. Reduced the size of zend_class_entry by sharing the same memory space

by different information for internal and user classes.

See zend_class_entry.info union.

. Reduced size of temp_variable.

- Improved Zend Engine - performance tweaks and optimizations: (Dmitry)

. Inlined most probable code-paths for arithmetic operations directly into

executor.

. Eliminated unnecessary iterations during request startup/shutdown.

. Changed $GLOBALS into a JIT autoglobal, so it's initialized only if used.

(this may affect opcode caches!)

. Improved performance of @ (silence) operator.

. Simplified string offset reading. Given $str="abc" then $str[1][0] is now

a legal construct.

. Added caches to eliminate repeatable run-time bindings of functions,

classes, constants, methods and properties.

. Added concept of interned strings. All strings constants known at compile

time are allocated in a single copy and never changed.

. ZEND_RECV now always has IS_CV as its result.

. ZEND_CATCH now has to be used only with constant class names.

. ZEND_FETCH_DIM_? may fetch array and dimension operands in different order.

. Simplified ZEND_FETCH_*_R operations. They can't be used with the

EXT_TYPE_UNUSED flag any more. This is a very rare and useless case.

ZEND_FREE might be required after them instead.

. Split ZEND_RETURN into two new instructions ZEND_RETURN and

ZEND_RETURN_BY_REF.

. Optimized access to global constants using values with pre-calculated

hash_values from the literals table.

. Optimized access to static properties using executor specialization.

A constant class name may be used as a direct operand of ZEND_FETCH_*

instruction without previous ZEND_FETCH_CLASS.

. zend_stack and zend_ptr_stack allocation is delayed until actual usage.

- Other improvements to Zend Engine:

. Added an optimization which saves memory and emalloc/efree calls for empty

HashTables. (Stas, Dmitry)

. Added ability to reset user opcode handlers (Yoram).

. Changed the structure of op_array.opcodes. The constant values are moved from

opcode operands into a separate literal table. (Dmitry)

. Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.

(Dmitry)

- Improved core functions:

. Enforce an extended class' __construct arguments to match the

abstract constructor in the base class.

. Disallow reusing superglobal names as parameter names.

. Added optional argument to debug_backtrace() and debug_print_backtrace()

to limit the amount of stack frames returned. (Sebastian, Patrick)

. Added hex2bin() function. (Scott)

. number_format() no longer truncates multibyte decimal points and thousand

separators to the first byte. FR #53457. (Adam)

. Added support for object reference

0 0