Software 42837 Published by

PHP 7.2.0 Release Candidate 5, PHP 7.1.11, PHP 7.0.25, and PHP 5.6.32 has been released



PHP 7.2.0 Release Candidate 5 Released
The PHP development team announces the immediate availability of PHP 7.2.0 RC5. This release is the fifth Release Candidate for 7.2.0. All users of PHP are encouraged to test this version carefully, and report any bugs and incompatibilities in the bug tracking system.

Change Log:

- Core:
. Fixed bug #75368 (mmap/munmap trashing on unlucky allocations). (Nikita,
Dmitry)

- CLI:
. Fixed bug #75287 (Builtin webserver crash after chdir in a shutdown
function). (Laruence)

- Date:
. Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick)

- Enchant:
. Fixed bug #53070 (enchant_broker_get_path crashes if no path is set). (jelle
van der Waa, cmb)
. Fixed bug #75365 (Enchant still reports version 1.1.0). (cmb)

- Exif:
. Fixed bug #75301 (Exif extension has built in revision version). (Peter
Kokot)

- Fileinfo:
. Upgrade bundled libmagic to 5.31. (Anatol)

- GD:
. Fixed bug #65148 (imagerotate may alter image dimensions). (cmb)

- Intl:
. Fixed bug #75378 ([REGRESSION] IntlDateFormatter::parse() does not change
$position argument). (Laruence)
. Fixed bug #75317 (UConverter::setDestinationEncoding changes source instead
of destination). (andrewnester)

- JSON:
. Fixed bug #68567 (JSON_PARTIAL_OUTPUT_ON_ERROR can result in JSON with null
key). (Jakub Zelenka)

- OCI8:
. Fixed valgrind issue. (Tianfang Yang)

- Opcache:
. Fixed bug (assertion fails with extended info generated). (Laruence)
. Fixed bug (Phi sources removel). (Laruence)
. Fixed bug #75370 (Webserver hangs on valid PHP text). (Laruence)
. Fixed bug #75357 (segfault loading WordPress wp-admin). (Laruence)
. Fixed bug #75373 (Warning Internal error: wrong size calculation). (Laruence, Dmitry)

- Openssl:
. Fixed bug #75363 (openssl_x509_parse leaks memory). (Bob)

- PCRE:
. Fixed bug #75207 (applied upstream patch for CVE-2016-1283). (Anatol)

- PGSQL:
. Fixed bug #75419 (Default link incorrectly cleared/linked by pg_close()). (Sara)

- Standard:
. Fixed bug #75221 (Argon2i always throws NUL at the end). (cmb)

- Zlib:
. Fixed bug #75299 (Wrong reflection on inflate_init and inflate_add). (Fabien
Villepinte)
Download

PHP 7.1.11 Released
The PHP development team announces the immediate availability of PHP 7.1.11. This is a bugfix release, with several bug fixes included. All PHP 7.1 users are encouraged to upgrade to this version.

Change Log:
Core:
Fixed bug #75241 (Null pointer dereference in zend_mm_alloc_small()).
Fixed bug #75236 (infinite loop when printing an error-message).
Fixed bug #75252 (Incorrect token formatting on two parse errors in one request).
Fixed bug #75220 (Segfault when calling is_callable on parent).
Fixed bug #75290 (debug info of Closures of internal functions contain garbage argument names).
Date:
Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()).
Apache2Handler:
Fixed bug #75311 (error: 'zend_hash_key' has no member named 'arKey' in apache2handler).
Hash:
Fixed bug #75303 (sha3 hangs on bigendian).
Intl:
Fixed bug #75318 (The parameter of UConverter::getAliases() is not optional).
litespeed:
Fixed bug #75248 (Binary directory doesn't get created when building only litespeed SAPI).
Fixed bug #75251 (Missing program prefix and suffix).
mcrypt:
Fixed bug #72535 (arcfour encryption stream filter crashes php).
MySQLi:
Fixed bug #75018 (Data corruption when reading fields of bit type).
OCI8:
Fixed incorrect reference counting.
Opcache:
Fixed bug #75255 (Request hangs and not finish).
PCRE:
Fixed bug #75207 (applied upstream patch for CVE-2016-1283).
PDO_mysql:
Fixed bug #75177 (Type 'bit' is fetched as unexpected string).
SPL:
Fixed bug #73629 (SplDoublyLinkedList::setIteratorMode masks intern flags).
Download

PHP 7.0.25 Released
The PHP development team announces the immediate availability of PHP 7.0.25. This is a security release. Several security bugs were fixed in this release. All PHP 7.0 users are encouraged to upgrade to this version.

Change Log:
Core:
Fixed bug #75241 (Null pointer dereference in zend_mm_alloc_small()).
Fixed bug #75236 (infinite loop when printing an error-message).
Fixed bug #75252 (Incorrect token formatting on two parse errors in one request).
Fixed bug #75220 (Segfault when calling is_callable on parent).
Fixed bug #75290 (debug info of Closures of internal functions contain garbage argument names).
Apache2Handler:
Fixed bug #75311 (error: 'zend_hash_key' has no member named 'arKey' in apache2handler).
Date:
Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()).
Intl:
Fixed bug #75318 (The parameter of UConverter::getAliases() is not optional).
mcrypt:
Fixed bug #72535 (arcfour encryption stream filter crashes php).
OCI8:
Fixed incorrect reference counting.
PCRE:
Fixed bug #75207 (applied upstream patch for CVE-2016-1283).
litespeed:
Fixed bug #75248 (Binary directory doesn't get created when building only litespeed SAPI).
Fixed bug #75251 (Missing program prefix and suffix).
SPL:
Fixed bug #73629 (SplDoublyLinkedList::setIteratorMode masks intern flags).
Download

PHP 5.6.32 Released
The PHP development team announces the immediate availability of PHP 5.6.32. This is a security release. Several security bugs were fixed in this release. All PHP 5.6 users are encouraged to upgrade to this version.

Change Log:
Date:
Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()).
mcrypt:
Fixed bug #72535 (arcfour encryption stream filter crashes php).
PCRE:
Fixed bug #75207 (applied upstream patch for CVE-2016-1283).
Download