PHP 5.4.5 和 5.3.15 发布

2012 年 12 月 23 日5610

   

  PHP 5.4.5和5.3.15发布。2012-07-19 上个版本是2012-06-15的5.4.4/5.3.14修正了30多个Bug以及几个安全漏洞。经过1个RC.

  This release fixes over 30 bugs and includes a fix for a security related overflow issue in the stream implementation.

  下载:http://http://www.zjjv.com///distributions/php-5.4.5.tar.bz2

  http://http://www.zjjv.com///distributions/php-5.3.15.tar.bz2

  完全改进:

  Version 5.4.5

  19-July-2012

  Core

  Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)

  Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent)

  Fixed bug #62373 (serialize() generates wrong reference to the object).

  Fixed bug #62357 (compile failure: (S) Arguments missing for built-in function __memcmp)

  Fixed bug #61998 (Using traits with method aliases appears to result in crash during execution)

  Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)

  Fixed potential overflow in _php_stream_scandir (CVE-2012-2688)

  EXIF

  Fixed information leak in ext exi

  FPM

  Fixed bug #62205 (php-fpm segfaults (null passed to strstr)

  Fixed bug #62160 (Add process.priority to set nice(2) priorities)

  Fixed bug #62153 (when using unix sockets, multiples FPM instances)

  Fixed bug #62033 (php-fpm exits with status 0 on some failures to start)

  Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm)

  Fixed bug #61835 (php-fpm is not allowed to run as root)

  Fixed bug #61295 (php-fpm should not fail with commented 'user'

  Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests)

  Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat) for non-root start)

  Fixed bug #61026 (FPM pools can listen on the same address). (fat) can be launched without errors)

  Iconv

  Fixed bug #55042 (Erealloc in iconv.c unsafe)

  Intl

  Fixed bug #62083 (grapheme_extract() memory leaks)

  Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice)

  Fixed bug #62070 (Collator::getSortKey() returns garbage)

  Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern)

  Fixed bug #60785 (memory leak in IntlDateFormatter constructor)

  ResourceBundle constructor now accepts NULL for the first two arguments

  JSON

  Fixed bug #61359 (json_encode() calls too many reallocs)

  libxml

  Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM SAPI)

  Phar

  Fixed bug #62227 (Invalid phar stream path causes crash)

  Readline

  Fixed bug #62186 (readline fails to compile - void function should not return a value)

  Reflection

  Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault)

  Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant)

  Sockets

  Fixed bug #62025 (__ss_family was changed on AIX 5.3)

  SPL

  Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to dot files)

  Fixed bug #62262 (RecursiveArrayIterator does not implement Countable)

  XML Writer

  Fixed bug #62064 (memory leak in the XML Writer module)

  Zip

  Upgraded libzip to 0.10.

  Version 5.3.15

  19-July-2012

  Zend Engine

  Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)

  COM

  Fixed bug #62146 com_dotnet cannot be built shared

  Core

  Fixed potential overflow in _php_stream_scandir, CVE-2012-2688

  Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent)

  Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)

  Fileinfo

  Fixed magic file regex support

  FPM

  Fixed bug #61045 (fpm don't send error log to fastcgi clients)

  Fixed bug #61835 (php-fpm is not allowed to run as root)

  Fixed bug #61295 (php-fpm should not fail with commented 'user' for non-root start)

  Fixed bug #61026 (FPM pools can listen on the same address)

  Fixed bug #62033 (php-fpm exits with status 0 on some failures to start)

  Fixed bug #62153 (when using unix sockets, multiples FPM instances can be launched without errors)

  Fixed bug #62160 (Add process.priority to set nice(2) priorities)

  Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests)

  Fixed bug #62205 (php-fpm segfaults (null passed to strstr))

  Intl

  Fixed bug #62083 (grapheme_extract() memory leaks)

  Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice)

  Fixed bug #62070 (Collator::getSortKey() returns garbage)

  Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern)

  Fixed bug #60785 (memory leak in IntlDateFormatter constructor)

  JSON

  Reverted fix for bug #61537

  Phar

  Fixed bug #62227 (Invalid phar stream path causes crash)

  Reflection

  Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault)

  Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant)

  SPL

  Fixed bug #62262 (RecursiveArrayIterator does not implement Countable)

  SQLite

  Fixed open_basedir bypass, CVE-2012-3365

  XML Write

  Fixed bug #62064 (memory leak in the XML Writer module)

  Zip

  Upgraded libzip to 0.10

0 0