| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
PHP 8.0.26 (2022-11-24)
- CLI:
. Fixed bug GH-9709 (Null pointer dereference with -w/-s options). (Adam Saponara)
- Core:
. Fixed bug GH-9752 (Generator crashes when interrupted during argument
evaluation with extra named params). (Arnaud)
. Fixed bug GH-9801 (Generator crashes when memory limit is exceeded during
initialization). (Arnaud)
. Fixed potential NULL pointer dereference in Windows shm*() functions. (cmb)
. Fixed bug GH-9750 (Generator memory leak when interrupted during argument
evaluation. (Arnaud)
- Date:
. Fixed bug GH-9763 (DateTimeZone ctr mishandles input and adds null byte if
the argument is an offset larger than 100*60 minutes). (Derick)
- FPM:
. Fixed bug GH-9754 (SaltStack (using Python subprocess) hangs when running
php-fpm 8.1.11). (Jakub Zelenka)
- mysqli:
. Fixed bug GH-9841 (mysqli_query throws warning despite using
silenced error mode). (Kamil Tekiela)
- OpenSSL:
. Fixed bug GH-8430 (OpenSSL compiled with no-md2, no-md4 or no-rmd160 does
not build). (Jakub Zelenka, fsbruva)
- SOAP:
. Fixed GH-9720 (Null pointer dereference while serializing the response).
(cmb)
|
|
8.1.13 (2022-11-24)
- CLI:
. Fixed bug GH-9709 (Null pointer dereference with -w/-s options). (Adam Saponara)
- Core:
. Fixed bug GH-9752 (Generator crashes when interrupted during argument
evaluation with extra named params). (Arnaud)
. Fixed bug GH-9801 (Generator crashes when memory limit is exceeded during
initialization). (Arnaud)
. Fixed potential NULL pointer dereference Windows shm*() functions. (cmb)
. Fixed bug GH-9750 (Generator memory leak when interrupted during argument
evaluation. (Arnaud)
- Date:
. Fixed bug GH-9763 (DateTimeZone ctr mishandles input and adds null byte if
the argument is an offset larger than 100*60 minutes). (Derick)
- FPM:
. Fixed bug GH-9754 (SaltStack (using Python subprocess) hangs when running
php-fpm 8.1.11). (Jakub Zelenka)
- mysqli:
. Fixed bug GH-9841 (mysqli_query throws warning despite using
silenced error mode). (Kamil Tekiela)
- MySQLnd:
. Fixed potential heap corruption due to alignment mismatch. (cmb)
- OpenSSL:
. Fixed bug GH-8430 (OpenSSL compiled with no-md2, no-md4 or no-rmd160 does
not build). (Jakub Zelenka, fsbruva)
- SOAP:
. Fixed GH-9720 (Null pointer dereference while serializing the response).
(cmb)
|
|
7.4.33 (2022-11-03)
- GD:
. Fixed bug #81739: OOB read due to insufficient input validation in
imageloadfont(). (CVE-2022-31630) (cmb)
- Hash:
. Fixed bug #81738: buffer overflow in hash_update() on long parameter.
(CVE-2022-37454) (nicky at mouha dot be)
|
|
8.0.25 (2022-10-27)
- GD:
. Fixed bug #81739: OOB read due to insufficient input validation in
imageloadfont(). (CVE-2022-31630) (cmb)
- Hash:
. Fixed bug #81738: buffer overflow in hash_update() on long parameter.
(CVE-2022-37454) (nicky at mouha dot be)
- Session:
. Fixed bug GH-9583 (session_create_id() fails with user defined save handler
that doesn't have a validateId() method). (Girgias)
- Streams:
. Fixed bug GH-9590 (stream_select does not abort upon exception or empty
valid fd set). (Arnaud)
|
|
8.1.12 (2022-10-27)
- Core:
. Fixes segfault with Fiber on FreeBSD i386 architecture. (David Carlier)
- Fileinfo:
. Fixed bug GH-8805 (finfo returns wrong mime type for woff/woff2 files).
(Anatol)
- GD:
. Fixed bug #81739: OOB read due to insufficient input validation in
imageloadfont(). (CVE-2022-31630) (cmb)
- Hash:
. Fixed bug #81738: buffer overflow in hash_update() on long parameter.
(CVE-2022-37454) (nicky at mouha dot be)
- MBString:
- Fixed bug GH-9683 (Problem when ISO-2022-JP-MS is specified in
mb_ encode_mimeheader). (Alex Dowad)
- Opcache:
. Added indirect call reduction for jit on x86 architectures. (wxue1)
- Session:
. Fixed bug GH-9583 (session_create_id() fails with user defined save handler
that doesn't have a validateId() method). (Girgias)
- Streams:
. Fixed bug GH-9590 (stream_select does not abort upon exception or empty
valid fd set). (Arnaud)
|
|
29 Sep 2022, PHP 8.0.24
- Core:
. Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function)
(Tim Starling)
. Fixed bug GH-9361 (Segmentation fault on script exit #9379). (cmb,
Christian Schneider)
. Fixed bug GH-9407 (LSP error in eval'd code refers to wrong class for static
type). (ilutov)
. Fix #81727 (Don't mangle semantically meaningful HTTP var names). (derick)
- DOM:
. Fixed bug #79451 (DOMDocument->replaceChild on doctype causes double free).
(Nathan Freeman)
- FPM:
. Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to
error_log after daemon reload). (Dmitry Menshikov)
. Fixed bug #77780 ("Headers already sent..." when previous connection was
aborted). (Jakub Zelenka)
- GMP
. Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed
to gmp_init()). (Girgias)
- Intl
. Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter).
(Girgias)
- Phar:
. Fix #81726 (DOS when using quine gzip file). (cmb)
- PDO_PGSQL:
. Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed).
(Yurunsoft)
- Reflection:
. Fixed bug GH-8932 (ReflectionFunction provides no way to get the called
class of a Closure). (cmb, Nicolas Grekas)
. Fixed bug GH-9409 (Private method is incorrectly dumped as "overwrites").
(ilutov)
- Streams:
. Fixed bug GH-9316 ($http_response_header is wrong for long status line).
(cmb, timwolla)
|
|
29 Sep 2022, PHP 8.1.11
- Core:
. Fixed bug #81726: phar wrapper: DOS when using quine gzip file.
(CVE-2022-31628). (cmb)
. Fixed bug #81727: Don't mangle HTTP variable names that clash with ones
that have a specific semantic meaning. (CVE-2022-31629). (Derick)
. Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function)
(Tim Starling)
. Fixed bug GH-9361 (Segmentation fault on script exit #9379). (cmb,
Christian Schneider)
. Fixed bug GH-9447 (Invalid class FQN emitted by AST dump for new and class
constants in constant expressions). (ilutov)
- DOM:
. Fixed bug #79451 (DOMDocument->replaceChild on doctype causes double free).
(Nathan Freeman)
- FPM:
. Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to
error_log after daemon reload). (Dmitry Menshikov)
. Fixed bug #77780 ("Headers already sent..." when previous connection was
aborted). (Jakub Zelenka)
- GMP
. Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed
to gmp_init()). (Girgias)
- Intl
. Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter).
(Girgias)
- PCRE:
. Fixed pcre.jit on Apple Silicon. (Niklas Keller)
- PDO_PGSQL:
. Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed).
(Yurunsoft)
- Reflection:
. Fixed bug GH-8932 (ReflectionFunction provides no way to get the called
class of a Closure). (cmb, Nicolas Grekas)
- Streams:
. Fixed bug GH-9316 ($http_response_header is wrong for long status line).
(cmb, timwolla)
|
|
- Core:
. Fixed bug #81726: phar wrapper: DOS when using quine gzip file.
(CVE-2022-31628). (cmb)
. Fixed bug #81727: Don't mangle HTTP variable names that clash with ones
that have a specific semantic meaning. (CVE-2022-31629). (Derick)
|
|
01 Sep 2022, PHP 8.0.23
- Core:
. Fixed incorrect double to long casting in latest clang. (zeriyoshi)
- DBA:
. Fixed LMDB driver memory leak on DB creation failure (Girgias)
. Fixed bug GH-9155 (dba_open("non-existing", "c-", "flatfile") segfaults).
(cmb)
- Intl:
. Fixed IntlDateFormatter::formatObject() parameter type. (Gert de Pagter)
- OPcache:
. Fixed bug GH-9033 (Loading blacklist file can fail due to negative length).
(cmb)
- PDO_SQLite:
. Fixed bug GH-9032 (SQLite3 authorizer crashes on NULL values). (cmb)
- SQLite3:
. Fixed bug GH-9032 (SQLite3 authorizer crashes on NULL values). (cmb)
- Standard:
. Fixed bug GH-9017 (php_stream_sock_open_from_socket could return NULL).
(Heiko Weber)
- Streams:
. Fixed bug GH-8472 (The resource returned by stream_socket_accept may have
incorrect metadata). (Jakub Zelenka)
. Fixed bug GH-8409 (SSL handshake timeout leaves persistent connections
hanging). (Jakub Zelenka, Twosee)
|
|
01 Sep 2022, PHP 8.1.10
- Core:
. Fixed --CGI-- support of run-tests.php. (cmb)
. Fixed incorrect double to long casting in latest clang. (zeriyoshi)
. Fixed bug GH-9266 (GC root buffer keeps growing when dtors are present).
(Michael Olšavský)
- Date:
. Fixed bug GH-8730 (DateTime::diff miscalculation is same time zone of
different type). (Derick)
. Fixed bug GH-8964 (DateTime object comparison after applying delta less
than 1 second). (Derick)
. Fixed bug GH-9106: (DateInterval 1.5s added to DateTimeInterface is rounded
down since PHP 8.1.0). (Derick)
. Fixed bug #81263 (Wrong result from DateTimeImmutable::diff). (Derick)
- DBA:
. Fixed LMDB driver memory leak on DB creation failure (Girgias)
. Fixed bug GH-9155 (dba_open("non-existing", "c-", "flatfile") segfaults)
(cmb)
- IMAP:
. Fixed bug GH-9309 (Segfault when connection is used after imap_close()).
(cmb)
- Intl:
. Fixed IntlDateFormatter::formatObject() parameter type. (Gert de Pagter)
- MBString:
. Fixed bug GH-9008 (mb_detect_encoding(): wrong results with null $encodings).
(cmb)
- OPcache:
. Fixed bug GH-9033 (Loading blacklist file can fail due to negative length).
(cmb)
. Fixed bug GH-9164 (Segfault in zend_accel_class_hash_copy).
(Arnaud, Sergei Turchanov)
- PDO_SQLite:
. Fixed bug GH-9032 (SQLite3 authorizer crashes on NULL values). (cmb)
- SQLite3:
. Fixed bug GH-9032 (SQLite3 authorizer crashes on NULL values). (cmb)
- Streams:
. Fixed bug GH-8472 (The resource returned by stream_socket_accept may have
incorrect metadata). (Jakub Zelenka)
. Fixed bug GH-8409 (SSL handshake timeout leaves persistent connections
hanging). (Jakub Zelenka, Twosee)
|
|
04 Aug 2022, PHP 8.1.9
- CLI:
. Fixed potential overflow for the builtin server via the
PHP_CLI_SERVER_WORKERS environment variable. (yiyuaner)
. Fixed GH-8952 (Intentionally closing std handles no longer possible).
(Arnaud, cmb)
- Core:
. Fixed bug GH-8923 (error_log on Windows can hold the file write
lock). (cmb)
. Fixed bug GH-8995 (WeakMap object reference offset causing TypeError).
(Tobias Bachert)
- Date:
. Fixed bug #80047 (DatePeriod doesn't warn with custom DateTimeImmutable).
(Derick)
- FPM:
. Fixed zlog message prepend, free on incorrect address. (Heiko Weber)
. Fixed possible double free on configuration loading
failure. (Heiko Weber).
- GD:
. Fixed bug GH-8848 (imagecopyresized() error refers to the wrong argument).
(cmb)
- Intl:
. Fixed build for ICU 69.x and onwards. (David Carlier)
- OPcache:
. Fixed bug GH-8847 (PHP hanging infinitly at 100% cpu when check php
syntaxe of a valid file). (Dmitry)
. Fixed bug GH-8030 (Segfault with JIT and large match/switch statements).
(Arnaud)
- Reflection:
. Fixed bug GH-8943 (Fixed Reflection::getModifiersNames() with readonly
modifier). (Pierrick)
- Standard:
. Fixed the crypt_sha256/512 api build with clang > 12. (David Carlier)
. Uses CCRandomGenerateBytes instead of arc4random_buf on
macOs. (David Carlier).
. Fixed bug GH-9017 (php_stream_sock_open_from_socket could return NULL).
(Heiko Weber)
|
|
02 Aug 2022, PHP 8.0.22
- CLI:
. Fixed potential overflow for the builtin server via the
PHP_CLI_SERVER_WORKERS environment variable. (yiyuaner)
- Core:
. Fixed bug GH-8923 (error_log on Windows can hold the file write
lock). (cmb)
. Fixed bug GH-8995 (WeakMap object reference offset causing TypeError).
(Tobias Bachert)
- Date:
. Fixed bug #80047 (DatePeriod doesn't warn with custom
DateTimeImmutable). (Derick)
- DBA:
. Fixed LMDB driver hanging when attempting to delete a non-existing key
(Girgias)
- FPM:
. Fixed zlog message prepend, free on incorrect address. (Heiko Weber)
. Fixed possible double free on configuration loading failure. (Heiko
Weber).
- GD:
. Fixed bug GH-8848 (imagecopyresized() error refers to the wrong argument).
(cmb)
- Intl:
. Fixed build for ICU 69.x and onwards. (David Carlier)
- OPcache:
. Fixed bug GH-8847 (PHP hanging infinitly at 100% cpu when check php
syntaxe of a valid file). (Dmitry)
- Standard:
. Fixed the crypt_sha256/512 api build with clang > 12. (David Carlier)
. Uses CCRandomGenerateBytes instead of arc4random_buf on macOs. (David
Carlier).
|
|
07 Jul 2022, PHP 8.1.8
- Core:
. Fixed bug GH-8338 (Intel CET is disabled unintentionally). (Chen, Hu)
. Fixed leak in Enum::from/tryFrom for internal enums when using JIT (ilutov)
. Fixed calling internal methods with a static return type from
extension code. (Sara)
. Fixed bug GH-8655 (Casting an object to array does not unwrap refcount=1
references). (Nicolas Grekas)
. Fixed potential use after free in php_binary_init(). (Heiko Weber)
- CLI:
. Fixed GH-8827 (Intentionally closing std handles no longer possible). (cmb)
- COM:
. Fixed bug GH-8778 (Integer arithmethic with large number variants fails).
(cmb)
- Curl:
. Fixed CURLOPT_TLSAUTH_TYPE is not treated as a string option. (Pierrick)
- Date:
. Fixed bug #72963 (Null-byte injection in CreateFromFormat and related
functions). (Derick)
. Fixed bug #74671 (DST timezone abbreviation has incorrect offset). (Derick)
. Fixed bug #77243 (Weekdays are calculated incorrectly for negative years).
(Derick)
. Fixed bug #78139 (timezone_open accepts invalid timezone string argument).
(Derick)
- Fileinfo:
. Fixed bug #81723 (Heap buffer overflow in finfo_buffer). (CVE-2022-31627)
(cmb)
- FPM:
. Fixed bug #67764 (fpm: syslog.ident don't work). (Jakub Zelenka)
- GD:
. Fixed imagecreatefromavif() memory leak. (cmb)
- MBString:
. mb_detect_encoding recognizes all letters in Czech alphabet (alexdowad)
. mb_detect_encoding recognizes all letters in Hungarian alphabet (alexdowad)
. Fixed bug GH-8685 (pcre not ready at mbstring startup). (Remi)
. Backwards-compatible mappings for 0x5C/0x7E in Shift-JIS are restored,
after they had been changed in 8.1.0. (Alex Dowad)
- ODBC:
. Fixed handling of single-key connection strings. (Calvin Buckley)
- OPcache:
. Fixed bug GH-8591 (tracing JIT crash after private instance method change).
(Arnaud, Dmitry, Oleg Stepanischev)
- OpenSSL:
. Fixed bug #50293 (Several openssl functions ignore the VCWD).
(Jakub Zelenka, cmb)
. Fixed bug #81713 (NULL byte injection in several OpenSSL functions working
with certificates). (Jakub Zelenka)
- PDO_ODBC:
. Fixed handling of single-key connection strings. (Calvin Buckley)
- SPL:
. Fixed bug GH-8563 (Different results for seek() on SplFileObject and SplTempFileObject). (Girgias)
- Zip:
. Fixed bug GH-8781 (ZipArchive::close deletes zip file without updating stat
cache). (Remi)
|
|
07 Jul 2022, PHP 8.0.21
- Core:
. Fixed potential use after free in php_binary_init(). (Heiko Weber)
- CLI:
. Fixed GH-8827 (Intentionally closing std handles no longer possible). (cmb)
- COM:
. Fixed bug GH-8778 (Integer arithmethic with large number variants fails).
(cmb)
- Curl:
. Fixed CURLOPT_TLSAUTH_TYPE is not treated as a string option. (Pierrick)
- Date:
. Fixed bug #74671 (DST timezone abbreviation has incorrect offset). (Derick)
. Fixed bug #77243 (Weekdays are calculated incorrectly for negative years).
(Derick)
. Fixed bug #78139 (timezone_open accepts invalid timezone string argument).
(Derick)
- FPM:
. Fixed bug #67764 (fpm: syslog.ident don't work). (Jakub Zelenka)
- MBString:
. Fixed bug GH-8685 (pcre not ready at mbstring startup). (Remi)
- ODBC:
. Fixed handling of single-key connection strings. (Calvin Buckley)
- OpenSSL:
. Fixed bug #50293 (Several openssl functions ignore the VCWD).
(Jakub Zelenka, cmb)
. Fixed bug #81713 (NULL byte injection in several OpenSSL functions working
with certificates). (Jakub Zelenka)
- PDO_ODBC:
. Fixed errorInfo() result on successful PDOStatement->execute(). (Yurunsoft)
. Fixed handling of single-key connection strings. (Calvin Buckley)
- SPL:
. Fixed bug GH-8563 (Different results for seek() on SplFileObject and SplTempFileObject). (Girgias)
- Zip:
. Fixed bug GH-8781 (ZipArchive::close deletes zip file without updating stat
cache). (Remi)
|
|
09 Jun 2022, PHP 8.0.20
- CLI:
. Fixed bug GH-8575 (CLI closes standard streams too early). (Levi Morrison)
- Core:
. Fixed Haiku ZTS builds. (David Carlier)
- Date:
. Fixed bug GH-8471 (Segmentation fault when converting immutable and mutable
DateTime instances created using reflection). (Derick)
- FPM:
. Fixed ACL build check on MacOS. (David Carlier)
. Fixed bug #72185: php-fpm writes empty fcgi record causing nginx 502.
(Jakub Zelenka, loveharmful)
- Mysqlnd:
. Fixed bug #81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626)
(c dot fol at ambionics dot io)
- OPcache:
. Fixed bug GH-8466 (ini_get() is optimized out when the option does not
exist). (Arnaud)
- Pcntl:
. Fixed Haiku build. (David Carlier)
- Pgsql:
. Fixed bug #81720: Uninitialized array in pg_query_params().
(CVE-2022-31625) (cmb)
- Soap:
. Fixed bug GH-8578 (Error on wrong parameter on SoapHeader constructor).
(robertnisipeanu)
. Fixed bug GH-8538 (SoapClient may strip parts of nmtokens). (cmb)
- SPL:
. Fixed bug GH-8235 (iterator_count() may run indefinitely). (cmb)
- Zip:
. Fixed type for index in ZipArchive::replaceFile. (Martin Rehberger)
|
|
09 Jun 2022, PHP 8.1.7
- CLI:
. Fixed bug GH-8575 (CLI closes standard streams too early). (Levi Morrison)
- Date:
. Fixed bug #51934 (strtotime plurals / incorrect time). (Derick)
. Fixed bug #51987 (Datetime fails to parse an ISO 8601 ordinal date
(extended format)). (Derick)
. Fixed bug #66019 (DateTime object does not support short ISO 8601 time
format - YYYY-MM-DDTHH) (cmb, Derick)
. Fixed bug #68549 (Timezones and offsets are not properly used when working
with dates) (Derick, Roel Harbers)
. Fixed bug #81565 (date parsing fails when provided with timezones including
seconds). (Derick)
. Fixed bug GH-7758 (Problems with negative timestamps and fractions).
(Derick, Ilija)
- FPM:
. Fixed ACL build check on MacOS. (David Carlier)
. Fixed bug #72185: php-fpm writes empty fcgi record causing nginx 502.
(Jakub Zelenka, loveharmful)
- mysqlnd:
. Fixed bug #81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626)
(c dot fol at ambionics dot io)
- OPcache:
. Fixed bug GH-8461 (tracing JIT crash after function/method change).
(Arnaud, Dmitry)
- OpenSSL:
. Fixed bug #79589 (error:14095126:SSL routines:ssl3_read_n:unexpected eof
while reading). (Jakub Zelenka)
- Pcntl:
. Fixed Haiku build. (David Carlier)
- pgsql
. Fixed bug #81720: Uninitialized array in pg_query_params().
(CVE-2022-31625) (cmb)
- Soap:
. Fixed bug GH-8578 (Error on wrong parameter on SoapHeader constructor).
(robertnisipeanu)
. Fixed bug GH-8538 (SoapClient may strip parts of nmtokens). (cmb)
- SPL:
. Fixed bug GH-8235 (iterator_count() may run indefinitely). (cmb)
- Standard:
. Fixed bug GH-8185 (Crash during unloading of extension after dl() in ZTS).
(Arnaud)
- Zip:
. Fixed type for index in ZipArchive::replaceFile. (Martin Rehberger)
|
|
09 Jun 2022, PHP 7.4.30
- mysqlnd:
. Fixed bug #81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626)
(c dot fol at ambionics dot io)
- pgsql
. Fixed bug #81720: Uninitialized array in pg_query_params().
(CVE-2022-31625) (cmb)
|
|
12 May 2022, PHP 8.1.6
- Core:
. Fixed bug GH-8310 (Registry settings are no longer recognized). (cmb)
. Fixed potential race condition during resource ID allocation. (ryancaicse)
. Fixed bug GH-8133 (Preloading of constants containing arrays with enums
segfaults). (ilutov)
. Fixed Haiku ZTS builds. (David Carlier)
- Date:
. Fixed bug GH-7752 (DateTimeZone::getTransitions() returns insufficient
data). (Derick)
. Fixed bug GH-8108 (Timezone doesn't work as intended). (Derick)
. Fixed bug #81660 (DateTimeZone::getTransitions() returns invalid data).
(Derick)
. Fixed bug GH-8289 (Exceptions thrown within a yielded from iterator are
not rethrown into the generator). (Bob)
- FFI:
. Fixed bug GH-8433 (Assigning function pointers to structs in FFI leaks).
(Bob)
- FPM:
. Fixed bug #76003 (FPM /status reports wrong number of active processe).
(Jakub Zelenka)
. Fixed bug #77023 (FPM cannot shutdown processes). (Jakub Zelenka)
. Fixed comment in kqueue remove callback log message. (David Carlier)
- Hash:
. Fixed bug #81714 (segfault when serializing finalized HashContext). (cmb)
- Iconv:
. Fixed bug GH-8218 (ob_end_clean does not reset Content-Encoding header).
(cmb)
- Intl:
. Fixed bug GH-8364 (msgfmt_format $values may not support references). (cmb)
- MBString:
. Number of error markers emitted for invalid UTF-8 text matches WHATWG specification.
This is a return to the behavior of PHP 8.0 and earlier. (alexdowad)
- MySQLi:
. Fixed bug GH-8267 (MySQLi uses unsupported format specifier on Windows).
(cmb)
- SPL:
. Fixed bug GH-8366 (ArrayIterator may leak when calling __construct()).
(cmb)
. Fixed bug GH-8273 (SplFileObject: key() returns wrong value). (Girgias)
- Streams:
. Fixed php://temp does not preserve file-position when switched to temporary
file. (Bernd Holzmüller)
- zlib:
. Fixed bug GH-8218 (ob_end_clean does not reset Content-Encoding header).
(cmb)
|
|
Forgot to commit, make sure to update php80 to 8.0.19.
|
|
14 Apr 2022, PHP 8.1.5
- Core:
. Fixed bug GH-8176 (Enum values in property initializers leak). (Bob)
. Fixed freeing of internal attribute arguments. (Bob)
. Fixed bug GH-8070 (memory leak of internal function attribute hash).
(Tim Düsterhus)
. Fixed bug GH-8160 (ZTS support on Alpine is broken). (Michael Voříšek)
- Filter:
. Fixed signedness confusion in php_filter_validate_domain(). (cmb)
- Intl:
. Fixed bug GH-8115 (Can't catch arg type deprecation when instantiating Intl
classes). (ilutov)
. Fixed bug GH-8142 (Compilation error on cygwin). (David Carlier)
. Fixed bug GH-7734 (Fix IntlPartsIterator key off-by-one error and first
key). (ilutov)
- MBString:
. Fixed bug GH-8208 (mb_encode_mimeheader: $indent functionality broken).
(cmb)
- MySQLi:
. Fixed bug GH-8068 (mysqli_fetch_object creates inaccessible properties).
(cmb)
- Pcntl:
. Fixed bug GH-8142 (Compilation error on cygwin). (David Carlier)
- PgSQL:
. Fixed result_type related stack corruption on LLP64 architectures. (cmb)
. Fixed bug GH-8253 (pg_insert() fails for references). (cmb)
- Sockets:
. Fixed Solaris builds. (David Carlier)
- SPL:
. Fixed bug GH-8121 (SplFileObject - seek and key with csv file inconsistent).
(cmb)
. Fixed bug GH-8192 (Cannot override DirectoryIterator::current() without
return typehint in 8.1). (Nikita)
- Standard:
. Fixed bug GH-8048 (Force macOS to use statfs). (risner)
|
|
14 Apr 2022, PHP 8.0.18
- Core:
. Fixed freeing of internal attribute arguments. (Bob)
. Fixed bug GH-8070 (memory leak of internal function attribute hash).
(Tim Düsterhus)
. Fixed bug GH-8160 (ZTS support on Alpine is broken). (Michael Voříšek)
- Filter:
. Fixed signedness confusion in php_filter_validate_domain(). (cmb)
- Intl:
. Fixed bug GH-8142 (Compilation error on cygwin). (David Carlier)
- MBString:
. Fixed bug GH-8208 (mb_encode_mimeheader: $indent functionality broken).
(cmb)
- MySQLi:
. Fixed bug GH-8068 (mysqli_fetch_object creates inaccessible properties).
(cmb)
- Pcntl:
. Fixed bug GH-8142 (Compilation error on cygwin). (David Carlier)
- PgSQL:
. Fixed result_type related stack corruption on LLP64 architectures. (cmb)
. Fixed bug GH-8253 (pg_insert() fails for references). (cmb)
- Sockets:
. Fixed Solaris builds. (David Carlier)
- SPL:
. Fixed bug GH-8121 (SplFileObject - seek and key with csv file inconsistent).
(cmb)
- Standard:
. Fixed bug GH-8048 (Force macOS to use statfs). (risner)
|
|
14 Apr 2022, PHP 7.4.29
- Core:
. No source changes to this release.
Version number added for reproduction of Windows builds.
- Date:
. Updated to latest IANA timezone database (2022a). (Derick)
|
|
17 Mar 2022, PHP 8.1.4
- Core:
. Fixed Haiku ZTS build. (David Carlier)
. Fixed bug GH-8059 arginfo not regenerated for extension. (Remi)
. Fixed bug GH-8083 Segfault when dumping uncalled fake closure with static
variables. (ilutov)
. Fixed bug GH-7958 (Nested CallbackFilterIterator is leaking memory). (cmb)
. Fixed bug GH-8074 (Wrong type inference of range() result). (cmb)
. Fixed bug GH-8140 (Wrong first class callable by name optimization). (cmb)
. Fixed bug GH-8082 (op_arrays with temporary run_time_cache leak memory
when observed). (Bob)
- GD:
. Fixed libpng warning when loading interlaced images. (Brett)
- FPM:
. Fixed bug #76109 (Unsafe access to fpm scoreboard).
(Till Backhaus, Jakub Zelenka)
- Iconv:
. Fixed bug GH-7953 (ob_clean() only does not set Content-Encoding). (cmb)
. Fixed bug GH-7980 (Unexpected result for iconv_mime_decode). (cmb)
- MBString:
. Fixed bug GH-8128 (mb_check_encoding wrong result for 7bit). (alexdowad)
- MySQLnd:
. Fixed bug GH-8058 (NULL pointer dereference in mysqlnd package). (Kamil Tekiela)
- Reflection:
. Fixed bug GH-8080 (ReflectionClass::getConstants() depends on def. order).
(cmb)
- Zlib:
. Fixed bug GH-7953 (ob_clean() only does not set Content-Encoding). (cmb)
|
|
17 Mar 2022, PHP 8.0.17
- Core:
. Fixed Haiku ZTS build. (David Carlier)
- GD:
. Fixed libpng warning when loading interlaced images. (Brett)
- FPM:
. Fixed bug #76109 (Unsafe access to fpm scoreboard).
(Till Backhaus, Jakub Zelenka)
- Iconv:
. Fixed bug GH-7953 (ob_clean() only does not set Content-Encoding). (cmb)
. Fixed bug GH-7980 (Unexpected result for iconv_mime_decode). (cmb)
- MySQLnd:
. Fixed bug GH-8058 (NULL pointer dereference in mysqlnd package). (Kamil Tekiela)
- OPcache:
. Fixed bug GH-8074 (Wrong type inference of range() result). (cmb)
- Reflection:
. Fixed bug GH-8080 (ReflectionClass::getConstants() depends on def. order).
(cmb)
- Zlib:
. Fixed bug GH-7953 (ob_clean() only does not set Content-Encoding). (cmb)
|
|
17 Feb 2022, PHP 8.1.3
- Core:
. Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
(beberlei)
. Fixed bug GH-7896 (Environment vars may be mangled on Windows). (cmb)
. Fixed bug GH-7883 (Segfault when INI file is not readable). (Remi)
- Filter:
. Fix #81708: UAF due to php_filter_float() failing for ints. (CVE-2021-21708) (cmb)
- FFI:
. Fixed bug GH-7867 (FFI::cast() from pointer to array is broken). (cmb,
dmitry)
- FPM:
. Fixed memory leak on invalid port. (David Carlier)
. Fixed bug GH-7842 (Invalid OpenMetrics response format returned by FPM
status page. (Stefano Arlandini)
- MBString:
. Fixed bug GH-7902 (mb_send_mail may delimit headers with LF only). (cmb)
- MySQLnd:
. Fixed bug GH-7972 (MariaDB version prefix 5.5.5- is not stripped). (Kamil Tekiela)
- pcntl:
. Fixed pcntl_rfork build for DragonFlyBSD. (David Carlier)
- Sockets:
. Fixed bug GH-7978 (sockets extension compilation errors). (David Carlier)
- Standard:
. Fixed bug GH-7899 (Regression in unpack for negative int value). (Remi)
. Fixed bug GH-7875 (mails are sent even if failure to log throws exception).
(cmb)
|
|
17 Feb 2022, PHP 8.0.16
- Core:
. Fixed bug #81430 (Attribute instantiation leaves dangling pointer).
(beberlei)
. Fixed bug GH-7896 (Environment vars may be mangled on Windows). (cmb)
- FFI:
. Fixed bug GH-7867 (FFI::cast() from pointer to array is broken). (cmb,
dmitry)
- Filter:
. Fix #81708: UAF due to php_filter_float() failing for ints. (stas)
- FPM:
. Fixed memory leak on invalid port. (David Carlier)
- MBString:
. Fixed bug GH-7902 (mb_send_mail may delimit headers with LF only). (cmb)
- MySQLnd:
. Fixed bug GH-7972 (MariaDB version prefix 5.5.5- is not stripped). (Kamil Tekiela)
- Sockets:
. Fixed ext/sockets build on Haiku. (David Carlier)
. Fixed bug GH-7978 (sockets extension compilation errors). (David Carlier)
- Standard:
. Fixed bug GH-7875 (mails are sent even if failure to log throws exception).
(cmb)
|
|
17 Feb 2022, PHP 7.4.28
- Filter:
. Fix #81708: UAF due to php_filter_float() failing for ints
|
|
20 Jan 2022, PHP 8.1.2
- Core:
. Fixed bug #81216 (Nullsafe operator leaks dynamic property name). (Dmitry)
. Fixed bug #81684 (Using null coalesce assignment with $GLOBALS["x"] produces
opcode error). (ilutov)
. Fixed bug #81656 (GCC-11 silently ignores -R). (Michael Wallner)
. Fixed bug #81683 (Misleading "access type ... must be public" error message
on final or abstract interface methods). (ilutov)
. Fixed bug #81585 (cached_chunks are not counted to real_size on shutdown).
(cmb)
. Fixed bug GH-7757 (Multi-inherited final constant causes fatal error).
(cmb)
. Fixed zend_fibers.c build with ZEND_FIBER_UCONTEXT. (Petr Sumbera)
. Added riscv64 support for fibers. (Jeremie Courreges-Anglas)
- Filter:
. Fixed FILTER_FLAG_NO_RES_RANGE flag. (Yifan Tong)
- Hash:
. Fixed bug GH-7759 (Incorrect return types for hash() and hash_hmac()).
(cmb)
. Fixed bug GH-7826 (Inconsistent argument name in hash_hmac_file and
hash_file). (cmb)
- MBString:
. Fixed bug #81693 (mb_check_encoding(7bit) segfaults). (cmb)
- MySQLi:
. Fixed bug #81658 (MYSQL_OPT_LOAD_DATA_LOCAL_DIR not available in MariaDB).
(devnexen)
. Introduced MYSQLI_IS_MARIADB. (devnexen)
. Fixed bug GH-7746 (mysqli_sql_exception->getSqlState()). (Kamil Tekiela)
- MySQLnd:
. Fixed bug where large bigints may be truncated. (Nathan Freeman, cmb)
- OCI8:
. Fixed bug GH-7765 (php_oci_cleanup_global_handles segfaults at second
call). (cmb)
- OPcache:
. Fixed bug #81679 (Tracing JIT crashes on reattaching). (cmb)
- Readline:
. Fixed bug #81598 (Cannot input unicode characters in PHP 8 interactive
shell). (Nikita)
- Reflection:
. Fixed bug #81681 (ReflectionEnum throwing exceptions). (cmb)
- PDO_PGSQL:
. Fixed error message allocation of PDO PgSQL. (SATO Kentaro)
- Sockets:
. Avoid void* arithmetic in sockets/multicast.c on NetBSD. (David Carlier)
. Fixed ext/sockets build on Haiku. (David Carlier)
- Spl:
. Fixed bug #75917 (SplFileObject::seek broken with CSV flags). (Aliaksandr
Bystry)
. Fixed bug GH-7809 (Cloning a faked SplFileInfo object may segfault). (cmb)
- Standard:
. Fixed bug GH-7748 (gethostbyaddr outputs binary string). (cmb)
. Fixed bug GH-7815 (php_uname doesn't recognise latest Windows versions).
(David Warner)
|
|
20 Jan 2022, PHP 8.0.15
- Core:
. Fixed bug #81656 (GCC-11 silently ignores -R). (Michael Wallner)
. Fixed bug #81585 (cached_chunks are not counted to real_size on shutdown).
(cmb)
- Filter:
. Fixed FILTER_FLAG_NO_RES_RANGE flag. (Yifan Tong)
- Hash:
. Fixed bug GH-7759 (Incorrect return types for hash() and hash_hmac()).
(cmb)
. Fixed bug GH-7826 (Inconsistent argument name in hash_hmac_file and
hash_file). (cmb)
- MySQLnd:
. Fixed bug where large bigints may be truncated. (Nathan Freeman, cmb)
- OCI8:
. Fixed bug GH-7765 (php_oci_cleanup_global_handles segfaults at second
call). (cmb)
- OPcache:
. Fixed bug #81679 (Tracing JIT crashes on reattaching). (cmb)
- PDO_PGSQL:
. Fixed error message allocation of PDO PgSQL. (SATO Kentaro)
- Sockets:
. Avoid void* arithmetic in sockets/multicast.c on NetBSD. (David Carlier)
- Spl:
. Fixed bug #75917 (SplFileObject::seek broken with CSV flags). (Aliaksandr
Bystry)
|
|
|
|
16 Dec 2021, PHP 8.1.1
- IMAP:
. Fixed bug #81649 (imap_(un)delete accept sequences, not single numbers).
(cmb)
- PCRE:
. Update bundled PCRE2 to 10.39. (cmb)
. Fixed bug #74604 (Out of bounds in php_pcre_replace_impl). (cmb, Dmitry)
- Standard:
. Fixed bug #81659 (stream_get_contents() may unnecessarily overallocate).
(cmb)
|
|
pkgsrc change: fix indentation in options.mk.
16 Dec 2021, PHP 8.0.14
- Core:
. Fixed bug #81582 (Stringable not implicitly declared if __toString() came
from a trait). (Nikita)
. Fixed bug #81591 (Fatal Error not properly logged in particular cases).
(Nikita)
. Fixed bug #81626 (Error on use static:: in __сallStatic() wrapped to
Closure::fromCallable()). (Nikita)
. Fixed bug #81631 (::class with dynamic class name may yield wrong line
number). (Nikita)
- FPM:
. Fixed bug #81513 (Future possibility for heap overflow in FPM zlog).
(Jakub Zelenka)
- GD:
. Fixed bug #71316 (libpng warning from imagecreatefromstring). (cmb)
- IMAP:
. Fixed bug #81649 (imap_(un)delete accept sequences, not single numbers).
(cmb)
- OpenSSL:
. Fixed bug #75725 (./configure: detecting RAND_egd). (Dilyan Palauzov)
- PCRE:
. Fixed bug #74604 (Out of bounds in php_pcre_replace_impl). (cmb, Dmitry)
- SPL:
. Fixed bug #81587 (MultipleIterator Segmentation fault w/ SimpleXMLElement
attached). (Nikita)
- Standard:
. Fixed bug #81618 (dns_get_record fails on FreeBSD for missing type).
(fsbruva)
. Fixed bug #81659 (stream_get_contents() may unnecessarily overallocate).
(cmb)
|
|
16 Dec 2021, PHP 7.4.27
- Core:
. Fixed bug #81626 (Error on use static:: in __callStatic() wrapped to
Closure::fromCallable()). (Nikita)
- FPM:
. Fixed bug #81513 (Future possibility for heap overflow in FPM zlog).
(Jakub Zelenka)
- GD:
. Fixed bug #71316 (libpng warning from imagecreatefromstring). (cmb)
- OpenSSL:
. Fixed bug #75725 (./configure: detecting RAND_egd). (Dilyan Palauzov)
- PCRE:
. Fixed bug #74604 (Out of bounds in php_pcre_replace_impl). (cmb, Dmitry)
- Standard:
. Fixed bug #81618 (dns_get_record fails on FreeBSD for missing type).
(fsbruva)
. Fixed bug #81659 (stream_get_contents() may unnecessarily overallocate).
(cmb)
|
|
|
|
Oops, forgot to commit this. Noted by wiz@, thanks much.
|
|
This release contains security fix.
18 Nov 2021, PHP 8.0.13
- Core:
. Fixed bug #81518 (Header injection via default_mimetype / default_charset).
(cmb)
- Date:
. Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2).
(cmb)
- MBString:
. Fixed bug #76167 (mbstring may use pointer from some previous request).
(cmb, cataphract)
- Opcache:
. Fixed bug #81512 (Unexpected behavior with arrays and JIT). (Dmitry)
- PCRE:
. Fixed bug #81424 (PCRE2 10.35 JIT performance regression). (cmb)
- XML:
. Fixed bug #79971 (special character is breaking the path in xml function).
(CVE-2021-21707) (cmb)
- XMLReader:
. Fixed bug #81521 (XMLReader::getParserProperty may throw with a valid
property). (Nikita)
|
|
This release contains security fix.
18 Nov 2021, PHP 7.3.33
- XML:
. Fix #79971: special character is breaking the path in xml function.
(CVE-2021-21707) (cmb)
|
|
This release contains security fix.
18 Nov 2021, PHP 7.4.26
- Core:
. Fixed bug #81518 (Header injection via default_mimetype / default_charset).
(cmb)
- Date:
. Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2).
(cmb)
- MBString:
. Fixed bug #76167 (mbstring may use pointer from some previous request).
(cmb, cataphract)
- MySQLi:
. Fixed bug #81494 (Stopped unbuffered query does not throw error). (Nikita)
- PCRE:
. Fixed bug #81424 (PCRE2 10.35 JIT performance regression). (cmb)
- Streams:
. Fixed bug #54340 (Memory corruption with user_filter). (Nikita)
- XML:
. Fixed bug #79971 (special character is breaking the path in xml function).
(CVE-2021-21707) (cmb)
|
|
This is a security fix release.
28 Oct 2021, PHP 7.3.32
- FPM:
. Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
escalation). (CVE-2021-21703) (Jakub Zelenka)
|
|
This is a security fix release.
21 Oct 2021, PHP 7.4.25
- DOM:
. Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove ID).
(Viktor Volkov)
- FFI:
. Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not
defined). (Dmitry)
- Fileinfo:
. Fixed bug #78987 (High memory usage during encoding detection). (Anatol)
- Filter:
. Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing).
(cmb, Nikita)
- FPM:
. Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
escalation) (CVE-2021-21703). (Jakub Zelenka)
- SPL:
. Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause double-free).
(cmb, Nikita, Tyson Andre)
- Streams:
. Fixed bug #81475 (stream_isatty emits warning with attached stream wrapper).
(cmb)
- XML:
. Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace).
(Aliaksandr Bystry, cmb)
- Zip:
. Fixed bug #81490 (ZipArchive::extractTo() may leak memory). (cmb, Remi)
. Fixed bug #77978 (Dirname ending in colon unzips to wrong dir). (cmb)
|
|
This is a security fix release.
21 Oct 2021, PHP 8.0.12
- CLI:
. Fixed bug #81496 (Server logs incorrect request method). (lauri)
- Core:
. Fixed bug #81435 (Observer current_observed_frame may point to an old
(overwritten) frame). (Bob)
. Fixed bug #81380 (Observer may not be initialized properly). (krakjoe)
- DOM:
. Fixed bug #81433 (DOMElement::setIdAttribute() called twice may remove ID).
(Viktor Volkov)
- FFI:
. Fixed bug #79576 ("TYPE *" shows unhelpful message when type is not
defined). (Dmitry)
- FPM:
. Fixed bug #81026 (PHP-FPM oob R/W in root process leading to privilege
escalation) (CVE-2021-21703). (Jakub Zelenka)
- Fileinfo:
. Fixed bug #78987 (High memory usage during encoding detection). (Anatol)
- Filter:
. Fixed bug #61700 (FILTER_FLAG_IPV6/FILTER_FLAG_NO_PRIV|RES_RANGE failing).
(cmb, Nikita)
- Opcache:
. Fixed bug #81472 (Cannot support large linux major/minor device number when
read /proc/self/maps). (Lin Yang)
- Reflection:
. ReflectionAttribute is no longer final. (sasezaki)
- SPL:
. Fixed bug #80663 (Recursive SplFixedArray::setSize() may cause double-free).
(cmb, Nikita, Tyson Andre)
. Fixed bug #81477 (LimitIterator + SplFileObject regression in 8.0.1). (cmb)
- Standard:
. Fixed bug #69751 (Change Error message of sprintf/printf for missing/typo
position specifier). (Aliaksandr Bystry)
- Streams:
. Fixed bug #81475 (stream_isatty emits warning with attached stream wrapper).
(cmb)
- XML:
. Fixed bug #70962 (XML_OPTION_SKIP_WHITE strips embedded whitespace).
(Aliaksandr Bystry, cmb)
- Zip:
. Fixed bug #81490 (ZipArchive::extractTo() may leak memory). (cmb, Remi)
. Fixed bug #77978 (Dirname ending in colon unzips to wrong dir). (cmb)
|
|
This is security release fixing CVE-2021-21706.
23 Sep 2021, PHP 7.4.24
- Core:
. Fixed bug #81302 (Stream position after stream filter removed). (cmb)
. Fixed bug #81346 (Non-seekable streams don't update position after write).
(cmb)
. Fixed bug #73122 (Integer Overflow when concatenating strings). (cmb)
-GD:
. Fixed bug #53580 (During resize gdImageCopyResampled cause colors change).
(cmb)
- Opcache:
. Fixed bug #81353 (segfault with preloading and statically bound closure).
(Nikita)
- Shmop:
. Fixed bug #81407 (shmop_open won't attach and causes php to crash). (cmb)
- Standard:
. Fixed bug #71542 (disk_total_space does not work with relative paths). (cmb)
. Fixed bug #81400 (Unterminated string in dns_get_record() results). (cmb)
- SysVMsg:
. Fixed bug #78819 (Heap Overflow in msg_send). (cmb)
- XML:
. Fixed bug #81351 (xml_parse may fail, but has no error code). (cmb, Nikita)
- Zip:
. Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination).
(CVE-2021-21706) (cmb)
|
|
* pkgsrc change: fix PLIST problem when php-embed PKG_OPTIONS is enabled.
* This release conintas security fix for CVE-2021-21706.
23 Sep 2021, PHP 8.0.11
- Core:
. Fixed bug #81302 (Stream position after stream filter removed). (cmb)
. Fixed bug #81346 (Non-seekable streams don't update position after write).
(cmb)
. Fixed bug #73122 (Integer Overflow when concatenating strings). (cmb)
-GD:
. Fixed bug #53580 (During resize gdImageCopyResampled cause colors change).
(cmb)
- Opcache:
. Fixed bug #81353 (segfault with preloading and statically bound closure).
(Nikita)
- Shmop:
. Fixed bug #81407 (shmop_open won't attach and causes php to crash). (cmb)
- Standard:
. Fixed bug #71542 (disk_total_space does not work with relative paths). (cmb)
. Fixed bug #81400 (Unterminated string in dns_get_record() results). (cmb)
- SysVMsg:
. Fixed bug #78819 (Heap Overflow in msg_send). (cmb)
- XML:
. Fixed bug #81351 (xml_parse may fail, but has no error code). (cmb, Nikita)
- Zip:
. Fixed bug #80833 (ZipArchive::getStream doesn't use setPassword). (Remi)
. Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination).
(cmb)
|
|
This is security release fixing CVE-2021-21706.
23 Sep 2021, PHP 7.3.31
- Zip:
. Fixed bug #81420 (ZipArchive::extractTo extracts outside of destination).
(cmb)
|
|
26 Aug 2021, PHP 7.3.30
- Phar:
. Fixed bug #81211: Symlinks are followed when creating PHAR archive (cmb)
|
|
26 Aug 2021, PHP 8.0.10
- Core:
. Fixed bug #72595 (php_output_handler_append illegal write access). (cmb)
. Fixed bug #66719 (Weird behaviour when using get_called_class() with
call_user_func()). (Nikita)
. Fixed bug #81305 (Built-in Webserver Drops Requests With "Upgrade" Header).
(cmb)
- BCMath:
. Fixed bug #78238 (BCMath returns "-0"). (cmb)
- CGI:
. Fixed bug #80849 (HTTP Status header truncation). (cmb)
- Date:
. Fixed bug #64975 (Error parsing when AM/PM not at the end). (Derick)
. Fixed bug #78984 (DateTimeZone accepting invalid UTC timezones). (Derick)
. Fixed bug #79580 (date_create_from_format misses leap year). (Derick)
. Fixed bug #80409 (DateTime::modify() loses time with 'weekday' parameter).
(Derick)
- GD:
. Fixed bug #51498 (imagefilledellipse does not work for large circles). (cmb)
- MySQLi:
. Fixed bug #74544 (Integer overflow in mysqli_real_escape_string()). (cmb,
johannes)
- Opcache:
. Fixed bug #81225 (Wrong result with pow operator with JIT enabled).
(Dmitry)
. Fixed bug #81249 (Intermittent property assignment failure with JIT
enabled). (Dmitry)
. Fixed bug #81206 (Multiple PHP processes crash with JIT enabled). (cmb,
Nikita)
. Fixed bug #81272 (Segfault in var[] after array_slice with JIT). (Nikita)
. Fixed Bug #81255 (Memory leak in PHPUnit with functional JIT). (Dmitry)
. Fixed Bug #80959 (infinite loop in building cfg during JIT compilation)
(Nikita, Dmitry)
. Fixed bug #81226 (Integer overflow behavior is different with JIT
enabled). (Dmitry)
- OpenSSL:
. Fixed bug #81327 (Error build openssl extension on php 7.4.22). (cmb)
- PDO_ODBC:
. Fixed bug #81252 (PDO_ODBC doesn't account for SQL_NO_TOTAL). (cmb)
- Phar:
. Fixed bug #81211: Symlinks are followed when creating PHAR archive (cmb)
- Shmop:
. Fixed bug #81283 (shmop can't read beyond 2147483647 bytes). (cmb, Nikita)
- SimpleXML:
. Fixed bug #81325 (Segfault in zif_simplexml_import_dom). (remi)
- Standard:
. Fixed bug #72146 (Integer overflow on substr_replace). (cmb)
. Fixed bug #81265 (getimagesize returns 0 for 256px ICO images).
(George Dietrich)
. Fixed bug #74960 (Heap buffer overflow via str_repeat). (cmb, Dmitry)
- Streams:
. Fixed bug #81294 (Segfault when removing a filter). (cmb)
|
|
26 Aug 2021, PHP 7.4.23
- Core:
. Fixed bug #72595 (php_output_handler_append illegal write access). (cmb)
. Fixed bug #66719 (Weird behaviour when using get_called_class() with
call_user_func()). (Nikita)
. Fixed bug #81305 (Built-in Webserver Drops Requests With "Upgrade" Header).
(cmb)
- BCMath:
. Fixed bug #78238 (BCMath returns "-0"). (cmb)
- CGI:
. Fixed bug #80849 (HTTP Status header truncation). (cmb)
- GD:
. Fixed bug #51498 (imagefilledellipse does not work for large circles). (cmb)
- MySQLi:
. Fixed bug #74544 (Integer overflow in mysqli_real_escape_string()). (cmb,
johannes)
- OpenSSL:
. Fixed bug #81327 (Error build openssl extension on php 7.4.22). (cmb)
- PDO_ODBC:
. Fixed bug #81252 (PDO_ODBC doesn't account for SQL_NO_TOTAL). (cmb)
- Phar:
. Fixed bug #81211: Symlinks are followed when creating PHAR archive.(cmb)
- Shmop:
. Fixed bug #81283 (shmop can't read beyond 2147483647 bytes). (cmb, Nikita)
- Standard:
. Fixed bug #72146 (Integer overflow on substr_replace). (cmb)
. Fixed bug #81265 (getimagesize returns 0 for 256px ICO images).
(George Dietrich)
. Fixed bug #74960 (Heap buffer overflow via str_repeat). (cmb, Dmitry)
- Streams:
. Fixed bug #81294 (Segfault when removing a filter). (cmb)
|
|
29 Jul 2021, PHP 8.0.9
- Core:
. Fixed bug #81145 (copy() and stream_copy_to_stream() fail for +4GB files).
(cmb, Nikita)
. Fixed bug #81163 (incorrect handling of indirect vars in __sleep).
(krakjoe)
. Fixed bug #81159 (Object to int warning when using an object as a string
offset). (girgias)
. Fixed bug #80728 (PHP built-in web server resets timeout when it can kill
the process). (Calvin Buckley)
. Fixed bug #73630 (Built-in Weberver - overwrite $_SERVER['request_uri']).
(cmb)
. Fixed bug #80173 (Using return value of zend_assign_to_variable() is not
safe). (Nikita)
. Fixed bug #73226 (--r[fcez] always return zero exit code). (cmb)
- Intl:
. Fixed bug #72809 (Locale::lookup() wrong result with canonicalize option).
(cmb)
. Fixed bug #68471 (IntlDateFormatter fails for "GMT+00:00" timezone). (cmb)
. Fixed bug #74264 (grapheme_strrpos() broken for negative offsets). (cmb)
- OpenSSL:
. Fixed bug #52093 (openssl_csr_sign truncates $serial). (cmb)
- PCRE:
. Fixed bug #81101 (PCRE2 10.37 shows unexpected result). (Anatol)
. Fixed bug #81243 (Too much memory is allocated for preg_replace()). (cmb)
- Reflection:
. Fixed bug #81208 (Segmentation fault while create newInstance from
attribute). (Nikita)
- Standard:
. Fixed bug #81223 (flock() only locks first byte of file). (cmb)
|
|
29 Jul 2021, PHP 7.4.22
- Core:
. Fixed bug #81145 (copy() and stream_copy_to_stream() fail for +4GB files).
(cmb, Nikita)
. Fixed bug #81163 (incorrect handling of indirect vars in __sleep).
(krakjoe)
. Fixed bug #80728 (PHP built-in web server resets timeout when it can kill
the process). (Calvin Buckley)
. Fixed bug #73630 (Built-in Weberver - overwrite $_SERVER['request_uri']).
(cmb)
. Fixed bug #80173 (Using return value of zend_assign_to_variable() is not
safe). (Nikita)
. Fixed bug #73226 (--r[fcez] always return zero exit code). (cmb)
- Intl:
. Fixed bug #72809 (Locale::lookup() wrong result with canonicalize option).
(cmb)
. Fixed bug #68471 (IntlDateFormatter fails for "GMT+00:00" timezone). (cmb)
. Fixed bug #74264 (grapheme_strrpos() broken for negative offsets). (cmb)
- OpenSSL:
. Fixed bug #52093 (openssl_csr_sign truncates $serial). (cmb)
- PCRE:
. Fixed bug #81101 (PCRE2 10.37 shows unexpected result). (Anatol)
. Fixed bug #81243 (Too much memory is allocated for preg_replace()). (cmb)
- Standard:
. Fixed bug #81223 (flock() only locks first byte of file). (cmb)
|
