Software 42794 Published by

The final version of PHP 7.2.0 has been released



PHP 7.2.0 comes with numerous improvements and new features such as

Convert numeric keys in object/array casts
Counting of non-countable objects
Object typehint
HashContext as Object
Argon2 in password hash
Improve TLS constants to sane values
Mcrypt extension removed
New sodium extension

Change Log:
30 Nov 2017
BCMath:
Fixed bug #46564 (bcmod truncates fractionals).
CLI:
Fixed bug #74849 (Process is started as interactive shell in PhpStorm).
Fixed bug #74979 (Interactive shell opening instead of script execution with -f flag).
CLI server:
Fixed bug #60471 (Random "Invalid request (unexpected EOF)" using a router script).
Core:
Added ZEND_COUNT, ZEND_GET_CLASS, ZEND_GET_CALLED_CLASS, ZEND_GET_TYPE, ZEND_FUNC_NUM_ARGS, ZEND_FUNC_GET_ARGS instructions, to implement corresponding builtin functions.
"Countable" interface is moved from SPL to Core.
Added ZEND_IN_ARRAY instruction, implementing optimized in_array() builtin function, through hash lookup in flipped array.
Removed IS_TYPE_IMMUTABLE (it's the same as COPYABLE & !REFCOUNTED).
Removed the sql.safe_mode directive.
Removed support for Netware.
Renamed ReflectionClass::isIterateable() to ReflectionClass::isIterable() (alias original name for BC).
Fixed bug #54535 (WSA cleanup executes before MSHUTDOWN).
Implemented FR #69791 (Disallow mail header injections by extra headers) (Yasuo)
Implemented FR #49806 (proc_nice() for Windows).
Fix pthreads detection when cross-compiling (ffontaine)
Fixed memory leaks caused by exceptions thrown from destructors. (Bob, Dmitry).
Fixed bug #73215 (uniqid() should use better random source).
Implemented FR #72768 (Add ENABLE_VIRTUAL_TERMINAL_PROCESSING flag for php.exe).
Implemented "Convert numeric keys in object/array casts" RFC, fixes bugs #53838, #61655, #66173, #70925, #72254, etc.
Implemented "Deprecate and Remove Bareword (Unquoted) Strings" RFC.
Raised minimum supported Windows versions to Windows 7/Server 2008 R2.
Implemented minor optimization in array_keys/array_values().
Added PHP_OS_FAMILY constant to determine on which OS we are.
Fixed bug #73987 (Method compatibility check looks to original definition and not parent).
Fixed bug #73991 (JSON_OBJECT_AS_ARRAY not respected).
Fixed bug #74053 (Corrupted class entries on shutdown when a destructor spawns another object).
Fixed bug #73971 (Filename got limited to MAX_PATH on Win32 when scan directory).
Fixed bug #72359, bug #72451, bug #73706, bug #71115 and others related to interned strings handling in TS builds.
Implemented "Trailing Commas In List Syntax" RFC for group use lists only.
Fixed bug #74269 (It's possible to override trait property with different loosely-equal value).
Fixed bug #61970 (Restraining __construct() access level in subclass gives a fatal error).
Fixed bug #63384 (Cannot override an abstract method with an abstract method).
Fixed bug #74607 (Traits enforce different inheritance rules).
Fixed misparsing of abstract unix domain socket names.
Change PHP_OS_FAMILY value from "OSX" to "Darwin".
Allow loading PHP/Zend extensions by name in ini files (extension=).
Added object type annotation.
Fixed bug #74815 (crash with a combination of INI entries at startup).
Fixed bug #74836 (isset on zero-prefixed numeric indexes in array broken).
Added new VM instuctions ISSET_ISEMPTY_CV and UNSET_CV. Previously they were implemented as ISSET_ISEMPTY_VAR and UNSET_VAR variants with ZEND_QUICK_SET flag.
Fixed bug #49649 (unserialize() doesn't handle changes in property visibility).
Fixed bug #74866 (extension_dir = "./ext" now use current directory for base).
Implemented FR #74963 (Improved error message on fetching property of non-object).
Fixed bug #75142 (buildcheck.sh check for autoconf version needs to be updated for v2.64).
Fixed bug #74878 (Data race in ZTS builds).
Fixed bug #75515 ("stream_copy_to_stream" doesn't stream anymore).
cURL:
Fixed bug #75093 (OpenSSL support not detected).
Better fix for #74125 (use pkg-config instead of curl-config).
Date:
Fixed bug #55407 (Impossible to prototype DateTime::createFromFormat).
Implemented FR #71520 (Adding the DateTime constants to the DateTimeInterface interface).
Fixed bug #75149 (redefinition of typedefs ttinfo and t1info).
Fixed bug #75222 (DateInterval microseconds property always 0).
Dba:
Fixed bug #72885 (flatfile: dba_fetch() fails to read replaced entry).
DOM:
Implemented FR #74837 (Implement Countable for DomNodeList and DOMNamedNodeMap).
EXIF:
Added support for vendor specific tags for the following formats: Samsung, DJI, Panasonic, Sony, Pentax, Minolta, Sigma/Foveon, AGFA, Kyocera, Ricoh & Epson.
Fixed bug #72682 (exif_read_data() fails to read all data for some images).
Fixed bug #71534 (Type confusion in exif_read_data() leading to heap overflow in debug mode).
Fixed bug #68547 (Exif Header component value check error).
Fixed bug #66443 (Corrupt EXIF header: maximum directory nesting level reached for some cameras).
Fixed Redhat bug #1362571 (PHP not returning full results for exif_read_data function).
Implemented FR #65187 (exif_read_data/thumbnail: add support for stream resource).
Deprecated the read_exif_data() alias.
Fixed bug #74428 (exif_read_data(): "Illegal IFD size" warning occurs with correct exif format).
Fixed bug #72819 (EXIF thumbnails not read anymore).
Fixed bug #62523 (php crashes with segfault when exif_read_data called).
Fixed bug #50660 (exif_read_data(): Illegal IFD offset (works fine with other exif readers).
Fileinfo:
Upgrade bundled libmagic to 5.31.
FPM:
Configuration to limit fpm slow log trace callers.
Fixed bug #75212 (php_value acts like php_admin_value).
FTP:
Implement MLSD for structured listing of directories.
Added ftp_append() function.
GD:
Implemented imageresolution as getter and setter (Christoph)
Fixed bug #74744 (gd.h: stdarg.h include missing for va_list use in gdErrorMethod).
Fixed bug #75111 (Memory disclosure or DoS via crafted .bmp image).
GMP:
Fixed bug #70896 (gmp_fact() silently ignores non-integer input).
Hash:
Changed HashContext from resource to object.
Disallowed usage of non-cryptographic hash functions with HMAC and PBKDF2.
Fixed bug #75284 (sha3 is not supported on bigendian machine).
IMAP:
Fixed bug #72324 (imap_mailboxmsginfo() return wrong size).
Intl:
Fixed bug #63790 (test using Spoofchecker which may be unavailable).
Fixed bug #75378 ([REGRESSION] IntlDateFormatter::parse() does not change $position argument).
JSON:
Add JSON_INVALID_UTF8_IGNORE and JSON_INVALID_UTF8_SUBSTITUTE options for json_encode and json_decode to ignore or replace invalid UTF-8 byte sequences - it addresses request #65082.
Fixed bug #75185 (Buffer overflow in json_decode() with JSON_INVALID_UTF8_IGNORE or JSON_INVALID).
Fixed bug #68567 (JSON_PARTIAL_OUTPUT_ON_ERROR can result in JSON with null key).
LDAP:
Implemented FR #69445 (Support for LDAP EXOP operations)
Fixed support for LDAP_OPT_SERVER_CONTROLS and LDAP_OPT_CLIENT_CONTROLS in ldap_get_option
Fixed passing an empty array to ldap_set_option for client or server controls.
Mbstring:
Implemented FR #66024 (mb_chr() and mb_ord()).
Implemented FR #65081 (mb_scrub()).
Implemented FR #69086 (enhancement for mb_convert_encoding() that handles multibyte replacement char nicely).
Added array input support to mb_convert_encoding().
Added array input support to mb_check_encoding().
Fixed bug #69079 (enhancement for mb_substitute_character).
Update to oniguruma version 6.3.0.
Fixed bug #69267 (mb_strtolower fails on titlecase characters).
Mcrypt:
The deprecated mcrypt extension has been moved to PECL.
Opcache:
Added global optimisation passes based on data flow analysis using Single Static Assignment (SSA) form: Sparse Conditional Constant Propagation (SCCP), Dead Code Elimination (DCE), and removal of unused local variables (Nikita, Dmitry)
Fixed incorect constant conditional jump elimination.
Fixed bug #75230 (Invalid opcode 49/1/8 using opcache).
Fixed bug (assertion fails with extended info generated).
Fixed bug (Phi sources removel).
Fixed bug #75370 (Webserver hangs on valid PHP text).
Fixed bug #75357 (segfault loading WordPress wp-admin).
OpenSSL:
Use TLS_ANY for default ssl:// and tls:// negotiation.
Fix leak in openssl_spki_new().
Added openssl_pkcs7_read() and pk7 parameter to openssl_pkcs7_verify().
Add ssl security_level stream option to support OpenSSL security levels. (Jakub Zelenka).
Allow setting SNI cert and private key in separate files.
Fixed bug #74903 (openssl_pkcs7_encrypt() uses different EOL than before).
Automatically load OpenSSL configuration file.
PCRE:
Added support for PCRE JIT fast path API.
Fixed bug #61780 (Inconsistent PCRE captures in match results).
Fixed bug #74873 (Minor BC break: PCRE_JIT changes output of preg_match()).
Fixed bug #75089 (preg_grep() is not reporting PREG_BAD_UTF8_ERROR after first input string).
Fixed bug #75223 (PCRE JIT broken in 7.2).
Fixed bug #75285 (Broken build when system libpcre don't have jit support).
phar:
Fixed bug #74196 (phar does not correctly handle names containing dots).
PDO:
Add "Sent SQL" to debug dump for emulated prepares.
Add parameter types for national character set strings.
PDO_DBlib:
Fixed bug #73234 (Emulated statements let value dictate parameter type).
Fixed bug #73396 (bigint columns are returned as strings).
Expose DB-Library version as \PDO::DBLIB_ATTR_VERSION attribute on \PDO instance.
Add test coverage for bug #72969.
PDO_OCI:
Fixed bug #74537 (Align --with-pdo-oci configure option with --with-oci8 syntax).
PDO_Sqlite:
Switch to sqlite3_prepare_v2() and sqlite3_close_v2() functions (rasmus)
PHPDBG:
Added extended_value to opcode dump output.
Session:
Fixed bug #73461 (Prohibit session save handler recursion).
PR #2233 Removed register_globals related code and "!" can be used as $_SESSION key name.
Improved bug #73100 fix. 'user' save handler can only be set by session_set_save_handler()
Fixed bug #74514 (5 session functions incorrectly warn when calling in read-only/getter mode).
Fixed bug #74936 (session_cache_expire/cache_limiter/save_path() trigger a warning in read mode).
Fixed bug #74941 (session fails to start after having headers sent).
Sodium:
New cryptographic extension
Added missing bindings for libsodium > 1.0.13.
SPL:
Fixed bug #71412 (Incorrect arginfo for ArrayIterator::__construct).
Added spl_object_id().
SQLite3:
Implement writing to blobs.
Update to Sqlite 3.20.1.
Standard:
Fixed bug #69442 (closing of fd incorrect when PTS enabled).
Fixed bug #74300 (unserialize accepts two plus/minus signs for float number exponent part).
Compatibility with libargon2 versions 20161029 and 20160821.
Fixed bug #74737 (mysqli_get_client_info reflection info).
Add support for extension name as argument to dl().
Fixed bug #74851 (uniqid() without more_entropy performs badly).
Fixed bug #74103 (heap-use-after-free when unserializing invalid array size).
Fixed bug #75054 (A Denial of Service Vulnerability was found when performing deserialization).
Fixed bug #75170 (mt_rand() bias on 64-bit machines).
Fixed bug #75221 (Argon2i always throws NUL at the end).
Streams:
Default ssl/single_dh_use and ssl/honor_cipher_order to true.
XML:
Moved utf8_encode() and utf8_decode() to the Standard extension.
XMLRPC:
Use Zend MM for allocation in bundled libxmlrpc (Joe)
ZIP:
Add support for encrypted archives.
Use of bundled libzip is deprecated, --with-libzip option is recommended.
Fixed bug #73803 (Reflection of ZipArchive does not show public properties).
ZipArchive implements countable, added ZipArchive::count() method.
Fix segfault in php_stream_context_get_option call.
Fixed bug #75143 (new method setEncryptionName() seems not to exist in ZipArchive).
zlib:
Expose inflate_get_status() and inflate_get_read_len() functions.

  PHP 7.2.0 released