חדשות, עדכונים, מדריכים ועזרים | עדכוני תוכנות ואפליקציות - (16.04.15) - גרסה חדשה: PHP 5.4.40

(16.04.15) - גרסה חדשה: PHP 5.4.40

עדכוני תוכנות ואפליקציות

חדשות, עדכונים, מדריכים ועזרים


להורדה:
לינוקס: http://www.php.net/downloads.php
ווינדוס (Windows binaries): http://windows.php.net/download/

http://php.net/ChangeLog-5.php

מה חדש:
•Apache2handler:
 •Fixed bug #69218 (potential remote code execution with apache 2.4 apache2handler).

•Core:
 •Additional fix for bug #69152 (Type confusion vulnerability in exception::getTraceAsString).
 •Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion vulnerability).
 •Fixed bug #69353 (Missing null byte checks for paths in various PHP extensions).

•cURL:
 •Fixed bug #69316 (Use-after-free in php_curl related to CURLOPT_FILE/_INFILE/_WRITEHEADER).

•Ereg:
 •Fixed bug #68740 (NULL Pointer Dereference).

•Fileinfo:
 •Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or segfault).

•GD:
 •Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (CVE-2014-9709)

•Phar:
 •Fixed bug #68901 (use after free). (CVE-2015-2301)
 •Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (CVE-2015-2783)
 •Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in phar_set_inode).

•Postgres:
 •Fixed bug #68741 (Null pointer deference) (CVE-2015-1352).

•SOAP:
 •Fixed bug #69152 (Type Confusion Infoleak Vulnerability in unserialize() with SoapFault).

•Sqlite3:
 •Fixed bug #66550 (SQLite prepared statement use-after-free).