1. XenForo 1.5.14 中文版——支持中文搜索!现已发布!查看详情
  2. Xenforo 爱好者讨论群:215909318 XenForo专区
XenForo 1.5.14 中文版 Xenforo 爱好者

新闻 PHP 5.4.44/5.5.28/5.6.12 发布 下载

本帖由 漂亮的石头2015-08-08 发布。版面名称:软件资讯

  1. 漂亮的石头

    漂亮的石头 版主 管理成员

    注册:
    2012-02-10
    帖子:
    487,354
    赞:
    47
    PHP 发布了三个更新版本,分别是 5.4.44 、5.5.28 和 5.6.12,这三个版本主要是安全方面的更新,详细内容请看 ChangeLog

    Version 5.6.12


    06 Aug 2015

    • Core:
      • Fixed bug #70012 (Exception lost with nested finally block).
      • Fixed bug #70002 (TS issues with temporary dir handling).
      • Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls).
      • Fixed bug #69892 (Different arrays compare indentical due to integer key truncation).
      • Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref).
    • CLI server:
      • Fixed bug #69655 (php -S changes MKCALENDAR request method to MKCOL).
      • Fixed bug #64878 (304 responses return Content-Type header).
    • GD:
      • Fixed bug #53156 (imagerectangle problem with point ordering).
      • Fixed bug #66387 (Stack overflow with imagefilltoborder).
      • Fixed bug #70102 (imagecreatefromwebm() shifts colors).
      • Fixed bug #66590 (imagewebp() doesn't pad to even length).
      • Fixed bug #66882 (imagerotate by -90 degrees truncates image by 1px).
      • Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory).
      • Fixed bug #69024 (imagescale segfault with palette based image).
      • Fixed bug #53154 (Zero-height rectangle has whiskers).
      • Fixed bug #67447 (imagecrop() add a black line when cropping).
      • Fixed bug #68714 (copy 'n paste error).
      • Fixed bug #66339 (PHP segfaults in imagexbm).
      • Fixed bug #70047 (gd_info() doesn't report WebP support).
    • ODBC:
      • Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns).
    • OpenSSL:
      • Fixed bug #69882 (OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra cert).
      • Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure).
    • Phar:
      • Improved fix for bug #69441.
      • Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory).
    • SOAP:
      • Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions).
    • SPL:
      • Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
      • Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject).
      • Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage).
      • Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList).
    • Standard:
      • Fixed bug #70096 (Repeated iptcembed() adds superfluous FF bytes).

    Version 5.5.28

    06-Aug-2015
    • Core:
      • Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls).
      • Fixed bug #69892 (Different arrays compare indentical due to integer key truncation).
      • Fixed bug #70002 (TS issues with temporary dir handling).
      • Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref).
    • OpenSSL:
      • Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure).
    • Phar:
      • Improved fix for bug #69441.
      • Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory).
    • SOAP:
      • Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions).
    • SPL:
      • Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
      • Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject).
      • Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage).
      • Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList).

    Version 5.4.44


    06-Aug-2015

    • Core:
      • Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls).
      • Fixed bug #69892 (Different arrays compare indentical due to integer key truncation).
      • Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref).
    • OpenSSL:
      • Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure).
    • Phar:
      • Improved fix for bug #69441.
      • Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory).
    • SOAP:
      • Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions).
    • SPL:
      • Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
      • Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject).
      • Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage).
      • Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList).
    PHP 5.4.44/5.5.28/5.6.12 发布下载地址
     
    漂亮的石头, 2015-08-08
    #1
正在加载...