חדשות, עדכונים, מדריכים ועזרים | עדכוני תוכנות ואפליקציות - (15.09.16) - גרסה חדשה: PHP 5.6.26

(15.09.16) - גרסה חדשה: PHP 5.6.26

עדכוני תוכנות ואפליקציות

חדשות, עדכונים, מדריכים ועזרים


PHP

להורדה:
לינוקס: http://www.php.net/downloads.php
ווינדוס (Windows binaries): http://windows.php.net/download/

http://php.net/ChangeLog-5.php

מה חדש:

Core:
Fixed bug #72907 (null pointer deref, segfault in gc_remove_zval_from_buffer (zend_gc.c:260)).

Dba:
Fixed bug #71514 (Bad dba_replace condition because of wrong API usage).
Fixed bug #70825 (Cannot fetch multiple values with group in ini file).

EXIF:
Fixed bug #72926 (Uninitialized Thumbail Data Leads To Memory Leakage in exif_process_IFD_in_TIFF).

FTP:
Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with require_ssl_reuse).

GD:
Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor images).
Fixed bug #72913 (imagecopy() loses single-color transparency on palette images).
Fixed bug #68716 (possible resource leaks in _php_image_convert()).

Intl:
Fixed bug #73007 (add locale length check). (CVE-2016-7416)

JSON:
Fixed bug #72787 (json_decode reads out of bounds).

mbstring:
Fixed bug #66797 (mb_substr only takes 32-bit signed integer).
Fixed bug #72910 (Out of bounds heap read in mbc_to_code() / triggered by mb_ereg_match()).

MSSQL:
Fixed bug #72039 (Use of uninitialised value on mssql_guid_string).

Mysqlnd:
Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields). (CVE-2016-7412)

PDO:
Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY returns false).

PDO_pgsql:
Implemented FR #72633 (Postgres PDO lastInsertId() should work without specifying a sequence).
Fixed bug #72759 (Regression in pgo_pgsql).

Phar:
Fixed bug #72928 (Out of bound when verify signature of zip phar in phar_parse_zipfile). (CVE-2016-7414)
Fixed bug #73035 (Out of bound when verify signature of tar phar in phar_parse_tarfile).

SPL:
Fixed bug #73029 (Missing type check when unserializing SplArray). (CVE-2016-7417)

Standard:
Fixed bug #72823 (strtr out-of-bound access).
Fixed bug #72278 (getimagesize returning FALSE on valid jpg).
Fixed bug #65550 (get_browser() incorrectly parses entries with "+" sign).
Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory).
Fixed bug #73011 (integer overflow in fgets cause heap corruption).
Fixed bug #73017 (memory corruption in wordwrap function).
Fixed bug #73045 (integer overflow in fgetcsv caused heap corruption).
Fixed bug #73052 (Memory Corruption in During Deserialized-object Destruction). (CVE-2016-7411)

Streams:
Fixed bug #72853 (stream_set_blocking doesn't work).

Wddx:
Fixed bug #72860 (wddx_deserialize use-after-free). (CVE-2016-7413)
Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element). (CVE-2016-7418)

XML:
Fixed bug #72085 (SEGV on unknown address zif_xml_parse).
Fixed bug #72927 (integer overflow in xml_utf8_encode).

ZIP:
Fixed bug #68302 (impossible to compile php with zip support).