חדשות, עדכונים, מדריכים ועזרים | עדכוני תוכנות ואפליקציות - (14.08.14) - גרסה חדשה: PHP 5.3.29 released

(14.08.14) - גרסה חדשה: PHP 5.3.29 released

עדכוני תוכנות ואפליקציות

חדשות, עדכונים, מדריכים ועזרים


להורדה:
לינוקס: http://www.php.net/downloads.php
ווינדוס (Windows binaries): http://windows.php.net/download/

http://php.net/ChangeLog-5.php

מה חדש:
•Core:
 •Fixed bug #66127 (Segmentation fault with ArrayObject unset).
 •Fixed bug #67247 (spl_fixedarray_resize integer overflow).
 •Fixed bug #67249 (printf out-of-bounds read).
 •Fixed bug #67250 (iptcparse out-of-bounds read).
 •Fixed bug #67252 (convert_uudecode out-of-bounds read).
 •Fixed bug #67359 (Segfault in recursiveDirectoryIterator).
 •Fixed bug #67390 (insecure temporary file use in the configure script). (CVE-2014-3981)
 •Fixed bug #67399 (putenv with empty variable may lead to crash).
 •Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion) (CVE-2014-3515).
 •Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability).

•COM:
 •Fixed missing type checks in com_event_sink.

•Date:
 •Fixed bug #66060 (Heap buffer over-read in DateInterval). (CVE-2013-6712)
 •Fixed bug #67251 (date_parse_from_format out-of-bounds read).
 •Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read).

•Exif:
 •Fixed bug #65873 (Integer overflow in exif_read_data()).

•Fileinfo:
 •Fixed bug #66307 (Fileinfo crashes with powerpoint files).
 •Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check). (CVE-2014-0207)
 •Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS). (CVE-2014-0238)
 •Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in performance degradation). (CVE-2014-0237)
 •Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal string size).
 •Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary check).
 •Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check).
 •Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary check).

•Intl:
 •Fixed bug #67349 (Locale::parseLocale Double Free).
 •Fixed bug #67397 (Buffer overflow in locale_get_display_name and uloc_getDisplayName (libicu 4.8.1)).

•Network:
 •Fixed bug #67432 (Fix potential segfault in dns_check_record()). (CVE-2014-4049)

•OpenSSL:
 •Fixed missing type checks in OpenSSL options.

•Session:
 •Fixed missing type checks in php_session_create_id.