PHP 5.4.5 和 5.3.15 发布

PHP 5.4.5和5.3.15发布。

上个版本是2012-06-15的5.4.4/5.3.14修正了30多个Bug以及几个安全漏洞。经过1个RC.

This release fixes over 30 bugs and includes a fix for a security related overflow issue in the stream implementation.



Version 5.4.5

19-July-2012

 

• Core


• Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)


• Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent)


• Fixed bug #62373 (serialize() generates wrong reference to the object).


• Fixed bug #62357 (compile failure: (S) Arguments missing for built-in function __memcmp)


• Fixed bug #61998 (Using traits with method aliases appears to result in crash during execution)


• Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)


• Fixed potential overflow in _php_stream_scandir (CVE-2012-2688)


• EXIF


• Fixed information leak in ext exi


• FPM


• Fixed bug #62205 (php-fpm segfaults (null passed to strstr)


• Fixed bug #62160 (Add process.priority to set nice(2) priorities)


• Fixed bug #62153 (when using unix sockets, multiples FPM instances)


• Fixed bug #62033 (php-fpm exits with status 0 on some failures to start)


• Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm)


• Fixed bug #61835 (php-fpm is not allowed to run as root)


• Fixed bug #61295 (php-fpm should not fail with commented 'user'


• Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests)


• Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat) for non-root start)


• Fixed bug #61026 (FPM pools can listen on the same address). (fat) can be launched without errors)


• Iconv


• Fixed bug #55042 (Erealloc in iconv.c unsafe)


• Intl


• Fixed bug #62083 (grapheme_extract() memory leaks)


• Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice)


• Fixed bug #62070 (Collator::getSortKey() returns garbage)


• Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern)


• Fixed bug #60785 (memory leak in IntlDateFormatter constructor)


• ResourceBundle constructor now accepts NULL for the first two arguments


• JSON


• Fixed bug #61359 (json_encode() calls too many reallocs)


• libxml


• Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM SAPI)


• Phar


• Fixed bug #62227 (Invalid phar stream path causes crash)


• Readline


• Fixed bug #62186 (readline fails to compile - void function should not return a value)


• Reflection


• Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault)


• Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant)


• Sockets


• Fixed bug #62025 (__ss_family was changed on AIX 5.3)


• SPL


• Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to dot files)


• Fixed bug #62262 (RecursiveArrayIterator does not implement Countable)


• XML Writer


• Fixed bug #62064 (memory leak in the XML Writer module)


• Zip


• Upgraded libzip to 0.10.

Version 5.3.15

19-July-2012

 

• Zend Engine


• Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon)


• COM


• Fixed bug #62146 com_dotnet cannot be built shared


• Core


• Fixed potential overflow in _php_stream_scandir, CVE-2012-2688


• Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent)


• Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt)


• Fileinfo


• Fixed magic file regex support


• FPM


• Fixed bug #61045 (fpm don't send error log to fastcgi clients)


• Fixed bug #61835 (php-fpm is not allowed to run as root)


• Fixed bug #61295 (php-fpm should not fail with commented 'user' for non-root start)


• Fixed bug #61026 (FPM pools can listen on the same address)


• Fixed bug #62033 (php-fpm exits with status 0 on some failures to start)


• Fixed bug #62153 (when using unix sockets, multiples FPM instances can be launched without errors)


• Fixed bug #62160 (Add process.priority to set nice(2) priorities)


• Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests)


• Fixed bug #62205 (php-fpm segfaults (null passed to strstr))


• Intl


• Fixed bug #62083 (grapheme_extract() memory leaks)


• Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice)


• Fixed bug #62070 (Collator::getSortKey() returns garbage)


• Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern)


• Fixed bug #60785 (memory leak in IntlDateFormatter constructor)


• JSON


• Reverted fix for bug #61537


• Phar


• Fixed bug #62227 (Invalid phar stream path causes crash)


• Reflection


• Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault)


• Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant)


• SPL


• Fixed bug #62262 (RecursiveArrayIterator does not implement Countable)


• SQLite


• Fixed open_basedir bypass, CVE-2012-3365


• XML Write


• Fixed bug #62064 (memory leak in the XML Writer module)


• Zip


• Upgraded libzip to 0.10

下载：

http://us3.php.net/distributions/php-5.4.5.tar.bz2

http://us3.php.net/distributions/php-5.3.15.tar.bz2

原文链接:http://www.huacolor.com/article/31279.html
如有疑问请与原作者联系

标签：

版权申明：本站文章部分自网络，如有侵权，请联系：west999com@outlook.com
特别注意：本站所有转载文章言论不代表本站观点，本站所提供的摄影照片，插画，设计作品，如需使用，请与原作者联系，版权归原作者所有