חדשות, עדכונים, מדריכים ועזרים | עדכוני תוכנות ואפליקציות - (23.06.16) - גרסה חדשה: PHP 5.5.37

(23.06.16) - גרסה חדשה: PHP 5.5.37

עדכוני תוכנות ואפליקציות

חדשות, עדכונים, מדריכים ועזרים


PHP

להורדה:
לינוקס: http://www.php.net/downloads.php
ווינדוס (Windows binaries): http://windows.php.net/download/

http://php.net/ChangeLog-5.php

מה חדש:

Core:
Fixed bug #72268 (Integer Overflow in nl2br()).
Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/ json_utf8_to_utf16()).
Fixed bug #72400 (Integer Overflow in addcslashes/addslashes).
Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL).

GD:
Fixed bug #66387 (Stack overflow with imagefilltoborder). (CVE-2015-8874)
Fixed bug #72298 (pass2_no_dither out-of-bounds access).
Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in heap overflow). (CVE-2016-5766)
Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert).
Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow). (CVE-2016-5767)

mbstring:
Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (CVE-2016-5768)

mcrypt:
Fixed bug #72455 (Heap Overflow due to integer overflows). (CVE-2016-5769)

SPL:
Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (CVE-2016-5770)
Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and unserialize). (CVE-2016-5771)

WDDX:
Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (CVE-2016-5772)

zip:
Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize). (CVE-2016-5773)