The PHP group has released new PHP updates
Version 7.2.5
Version 7.2.5
Version 7.1.17
Core:
Fixed bug #75722 (Convert valgrind detection to configure option).
Date:
Fixed bug #76131 (mismatch arginfo for date_create).
Exif:
Fixed bug #76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value).
FPM:
Fixed bug #68440 (ERROR: failed to reload: execvp() failed: Argument list too long).
Fixed incorrect write to getenv result in FPM reload.
GD:
Fixed bug #52070 (imagedashedline() - dashed line sometimes is not visible).
iconv:
Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on invalid sequence).
intl:
Fixed bug #76153 (Intl compilation fails with icu4c 61.1).
ldap:
Fixed bug #76248 (Malicious LDAP-Server Response causes Crash).
mbstring:
Fixed bug #75944 (Wrong cp1251 detection).
Fixed bug #76113 (mbstring does not build with Oniguruma 6.8.1).
ODBC:
Fixed bug #76088 (ODBC functions are not available by default on Windows).
Opcache:
Fixed bug #76094 (Access violation when using opcache).
Phar:
Fixed bug #76129 (fix for CVE-2018-5712 may not be complete).
phpdbg:
Fixed bug #76143 (Memory corruption: arbitrary NUL overwrite).
SPL:
Fixed bug #76131 (mismatch arginfo for splarray constructor).
standard:
Fixed bug #74139 (mail.add_x_header default inconsistent with docs).
Fixed bug #75996 (incorrect url in header for mt_rand).
Date:Version 7.0.30
Fixed bug #76131 (mismatch arginfo for date_create).
Exif:
Fixed bug#76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value).
FPM:
Fixed bug #68440 (ERROR: failed to reload: execvp() failed: Argument list too long).
Fixed incorrect write to getenv result in FPM reload.
GD:
Fixed bug #52070 (imagedashedline() - dashed line sometimes is not visible).
iconv:
Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on invalid sequence).
intl:
Fixed bug #76153 (Intl compilation fails with icu4c 61.1).
ldap:
Fixed bug #76248 (Malicious LDAP-Server Response causes Crash).
mbstring:
Fixed bug #75944 (Wrong cp1251 detection).
Fixed bug #76113 (mbstring does not build with Oniguruma 6.8.1).
Phar:
Fixed bug #76129 (fix for CVE-2018-5712 may not be complete).
phpdbg:
Fixed bug #76143 (Memory corruption: arbitrary NUL overwrite).
SPL:
Fixed bug #76131 (mismatch arginfo for splarray constructor).
standard:
Fixed bug #75996 (incorrect url in header for mt_rand).
Version 5.6.36
Exif:
Fixed bug #76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value).
iconv:
Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on invalid sequence).
LDAP:
Fixed bug #76248 (Malicious LDAP-Server Response causes Crash).
Phar:
Fixed bug #76129 (fix for CVE-2018-5712 may not be complete).
Exif:PHP 7.2.5, 7.1.17, 7.0.30, and 5.6.36 released
Fixed bug #76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value).
iconv:
Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on invalid sequence).
LDAP:
Fixed bug #76248 (Malicious LDAP-Server Response causes Crash).
Phar:
Fixed bug #76129 (fix for CVE-2018-5712 may not be complete).