Jump to content
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Slate Blackcurrant Watermelon Strawberry Orange Banana Apple Emerald Chocolate Marble
Sign in to follow this  
Dimitris

PHP Version 7.0.12 - Released

Recommended Posts

Version 7.0.12

13 Oct 2016

  • Core:
    • Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c).
    • Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by password_verify).
    • Fixed bug #73058 (crypt broken when salt is 'too' long).
    • Fixed bug #69579 (Invalid free in extension trait).
    • Fixed bug #73156 (segfault on undefined function).
    • Fixed bug #73163 (PHP hangs if error handler throws while accessing undef const in default value).
    • Fixed bug #73172 (parse error: Invalid numeric literal).
    • Fixed bug #73240 (Write out of bounds at number_format).
    • Fixed bug #73147 (Use After Free in PHP7 unserialize()).
    • Fixed bug #73189 (Memcpy negative size parameter php_resolve_path).
  • BCmath:
    • Fixed bug #73190 (memcpy negative parameter _bc_new_num_ex).
  • COM:
    • Fixed bug #73126 (Cannot pass parameter 1 by reference).
  • Date:
    • Fixed bug #73091 (Unserializing DateInterval object may lead to __toString invocation).
  • DOM:
    • Fixed bug #73150 (missing NULL check in dom_document_save_html).
  • Filter:
    • Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and FILTER_FLAG_NO_PRIV_RANGE).
    • Fixed bug #73054 (default option ignored when object passed to int filter).
  • GD:
    • Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
    • Fixed bug #50194 (imagettftext broken on transparent background w/o alphablending).
    • Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c).
    • Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
    • Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given).
    • Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries).
    • Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted files).
    • Fixed bug #73161 (imagecreatefromgd2() may leak memory).
  • Intl:
    • Fixed bug #73218 (add mitigation for ICU int overflow).
  • Mbstring:
    • Fixed bug #66797 (mb_substr only takes 32-bit signed integer).
    • Fixed bug #66964 (mb_convert_variables() cannot detect recursion).
    • Fixed bug #72992 (mbstring.internal_encoding doesn't inherit default_charset).
  • Mysqlnd:
    • Fixed bug #72489 (PHP Crashes When Modifying Array Containing MySQLi Result Data).
  • Opcache:
    • Fixed bug #72982 (Memory leak in zend_accel_blacklist_update_regexp() function).
  • OpenSSL:
    • Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
    • Fixed bug #73276 (crash in openssl_random_pseudo_bytes function).
    • Fixed bug #73275 (crash in openssl_encrypt function).
  • PCRE:
    • Fixed bug #73121 (Bundled PCRE doesn't compile because JIT isn't supported on s390).
    • Fixed bug #73174 (heap overflow in php_pcre_replace_impl).
  • PDO_DBlib:
    • Fixed bug #72414 (Never quote values as raw binary data).
    • Allow \PDO::setAttribute() to set query timeouts.
    • Handle SQLDECIMAL/SQLNUMERIC types, which are used by later TDS versions.
    • Add common PDO test suite.
    • Free error and message strings when cleaning up PDO instances.
    • Fixed bug #67130 (\PDOStatement::nextRowset() should succeed when all rows in current rowset haven't been fetched).
    • Ignore potentially misleading dberr values.
  • phpdbg:
    • Fixed bug #72996 (phpdbg_prompt.c undefined reference to DL_LOAD).
    • Fixed next command not stopping when leaving function.
  • Session:
    • Fixed bug #68015 (Session does not report invalid uid for files save handler).
    • Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
  • SimpleXML:
    • Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()).
  • SOAP:
    • Fixed bug #71711 (Soap Server Member variables reference bug).
    • Fixed bug #71996 (Using references in arrays doesn't work like expected).
  • SPL:
    • Fixed bug #73257, Fixed bug #73258 (SplObjectStorage unserialize allows use of non-object as key).
  • SQLite3:
    • Updated bundled SQLite3 to 3.14.2.
  • Zip:
    • Fixed bug #70752 (Depacking with wrong password leaves 0 length files).

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

×