Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#13889 closed enhancement (fixed)


Reported by: Bruce Dubbs Owned by: Bruce Dubbs
Priority: high Milestone: 10.0
Component: BOOK Version: SVN
Severity: normal Keywords:


New point version.

Change History (4)

comment:1 by Bruce Dubbs, 3 years ago

Owner: changed from blfs-book to Bruce Dubbs
Status: newassigned

comment:2 by Bruce Dubbs, 3 years ago

06 Aug 2020, PHP 7.4.9

  • Apache:
    • Fixed bug 79030 (Upgrade apache2handler's php_apache_sapi_get_request_time to return usec)
  • COM:
    • Fixed bug 63208 (BSTR to PHP string conversion not binary safe).
    • Fixed bug 63527 (DCOM does not work with Username, Password parameter).
  • Core:
    • Fixed bug 79740 (serialize() and unserialize() methods can not be called statically)
    • Fixed bug 79783 (Segfault in php_str_replace_common).
    • Fixed bug 79778 (Assertion failure if dumping closure with unresolved static variable)
    • Fixed bug 79779 (Assertion failure when assigning property of string offset by reference)
    • Fixed bug 79792 (HT iterators not removed if empty array is destroyed).
    • Fixed bug 78598 (Changing array during undef index RW error segfaults).
    • Fixed bug 79784 (Use after free if changing array during undef var during array write fetch)
    • Fixed bug 79793 (Use after free if string used in undefined index warning is changed)
    • Fixed bug 79862 (Public non-static property in child should take priority over private static)
    • Fixed bug 79877 (getimagesize function silently truncates after a null byte)
  • Fileinfo:
    • Fixed bug 79756 (finfo_file crash (FILEINFO_MIME)).
  • FTP:
    • Fixed bug 55857 (ftp_size on large files).
  • Mbstring:
    • Fixed bug 79787 (mb_strimwidth does not trim string).
  • Phar:
    • Fixed bug 79797 (Use of freed hash key in the phar_parse_zipfile function)- (CVE-2020-7068)
  • Reflection:
    • Fixed bug 79487 (::getStaticProperties() ignores property modifications).
    • Fixed bug 69804 (::getStaticPropertyValue() throws on protected props).
    • Fixed bug 79820 (Use after free when type duplicated into ReflectionProperty gets resolved)
  • Standard:
    • Fixed bug 70362 (Can't copy() large 'data://' with open_basedir).
    • Fixed bug 78008 (dns_check_record() always return true on Alpine).
    • Fixed bug 79839 (array_walk() does not respect property types).

comment:3 by Bruce Dubbs, 3 years ago

Resolution: fixed
Status: assignedclosed

Fixed at revision 23475.

comment:4 by Douglas R. Reno, 3 years ago

Priority: normalhigh

Marking as high because of CVE-2020-7068

Note: See TracTickets for help on using tickets.