#6796 closed enhancement (fixed)
php-5.6.12
| Reported by: | Fernando de Oliveira | Owned by: | Fernando de Oliveira |
|---|---|---|---|
| Priority: | high | Milestone: | 7.8 |
| Component: | BOOK | Version: | SVN |
| Severity: | normal | Keywords: | |
| Cc: |
Description (last modified by ) ¶
http://www.php.net/distributions/php-5.6.12.tar.xz
https://secure.php.net/downloads.php
md5: f2cc602602eb2b121779f2c4b8bacaba
http://www.php.net/distributions/php-5.6.12.tar.xz.asc
https://secure.php.net/archive/2015.php#id2015-08-06-4
The PHP development team announces the immediate availability of PHP 5.6.12. 12 security-related issues were fixed in this release. All PHP 5.6 users are encouraged to upgrade to this version.
https://php.net/ChangeLog-5.php#5.6.12
Version 5.6.12
06 Aug 2015
• Core:
• Fixed bug #70012 (Exception lost with nested finally block).
• Fixed bug #70002 (TS issues with temporary dir handling).
• Fixed bug #69793 (Remotely triggerable stack exhaustion via
recursive method calls).
• Fixed bug #69892 (Different arrays compare indentical due to
integer key truncation).
• Fixed bug #70121 (unserialize() could lead to unexpected
methods execution / NULL pointer deref).
• CLI server:
• Fixed bug #69655 (php -S changes MKCALENDAR request method to
MKCOL).
• Fixed bug #64878 (304 responses return Content-Type header).
• GD:
• Fixed bug #53156 (imagerectangle problem with point ordering).
• Fixed bug #66387 (Stack overflow with imagefilltoborder).
• Fixed bug #70102 (imagecreatefromwebm() shifts colors).
• Fixed bug #66590 (imagewebp() doesn't pad to even length).
• Fixed bug #66882 (imagerotate by -90 degrees truncates image by
1px).
• Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory).
• Fixed bug #69024 (imagescale segfault with palette based
image).
• Fixed bug #53154 (Zero-height rectangle has whiskers).
• Fixed bug #67447 (imagecrop() add a black line when cropping).
• Fixed bug #68714 (copy 'n paste error).
• Fixed bug #66339 (PHP segfaults in imagexbm).
• Fixed bug #70047 (gd_info() doesn't report WebP support).
• ODBC:
• Fixed bug #69975 (PHP segfaults when accessing nvarchar(max)
defined columns).
• OpenSSL:
• Fixed bug #69882 (OpenSSL error "key values mismatch" after
openssl_pkcs12_read with extra cert).
• Fixed bug #70014 (openssl_random_pseudo_bytes() is not
cryptographically secure).
• Phar:
• Improved fix for bug #69441.
• Fixed bug #70019 (Files extracted from archive may be placed
outside of destination directory).
• SOAP:
• Fixed bug #70081 (SoapClient info leak / null pointer
dereference via multiple type confusions).
• SPL:
• Fixed bug #70068 (Dangling pointer in the unserialization of
ArrayObject items).
• Fixed bug #70166 (Use After Free Vulnerability in unserialize()
with SPLArrayObject).
• Fixed bug #70168 (Use After Free Vulnerability in unserialize()
with SplObjectStorage).
• Fixed bug #70169 (Use After Free Vulnerability in unserialize()
with SplDoublyLinkedList).
• Standard:
• Fixed bug #70096 (Repeated iptcembed() adds superfluous FF
bytes).
Change History (4)
comment:1 by , 10 years ago
| Description: | modified (diff) |
|---|
comment:2 by , 10 years ago
| Owner: | changed from to |
|---|---|
| Status: | new → assigned |
comment:3 by , 10 years ago
| Resolution: | → fixed |
|---|---|
| Status: | assigned → closed |
comment:4 by , 10 years ago
| Description: | modified (diff) |
|---|
Note:
See TracTickets
for help on using tickets.
Fixed at r16333.