Opened 9 years ago

Closed 9 years ago

#7212 closed enhancement (fixed)

php-7.0.0

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.9
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

This release fixes some vulnerabilities

http://www.php.net/distributions/php-7.0.0.tar.xz

http://www.php.net/distributions/php-7.0.0.tar.xz.asc

https://secure.php.net/downloads.php

md5: 394e4d6c517078ca3e23acf633c5ed27

https://secure.php.net/archive/2015.php

PHP 7.0.0 Released
03 Dec 2015

The PHP development team announces the immediate availability of PHP
7.0.0. This release marks the start of the new major PHP 7 series.

PHP 7.0.0 comes with a new version of the Zend Engine, numerous
improvements and new features such as

 • Improved performance: PHP 7 is up to twice as fast as PHP 5.6
 • Significantly reduced memory usage
 • Abstract Syntax Tree
 • Consistent 64-bit support
 • Improved Exception hierarchy
 • Many fatal errors converted to Exceptions
 • Secure random number generator
 • Removed old and unsupported SAPIs and extensions
 • The null coalescing operator (??)
 • Return and Scalar Type Declarations
 • Anonymous Classes
 • Zero cost asserts

The migration guide is available in the PHP Manual. Please consult it
for the detailed list of new features and backward incompatible changes.

The inconvenience of the release lateness in several time zones is
caused by the need to ensure the compatibility with the latest OpenSSL
1.0.2e release. Thanks for the patience!

It is not just a next major PHP version being released today. The
release being introduced is an outcome of the almost two years
development journey. It is a very special accomplishment of the core
team. And, it is a result of incredible efforts of many active community
members. Indeed, it is not just a final release being brought out today,
it is the rise of a new PHP generation with an enormous potential.

Congratulations everyone to this spectacular day for the PHP world!

Grateful thanks to all the contributors and supporters!

https://secure.php.net/ChangeLog-7.php

PHP 7 ChangeLog
Version 7.0.0
03 Dec 2015

 • Core:
    ◦ Fixed bug #70947 (INI parser segfault with INI_SCANNER_TYPED).
    ◦ Fixed bug #70914 (zend_throw_or_error() format string
      vulnerability).
    ◦ Fixed bug #70912 (Null ptr dereference instantiating class with
      invalid array property).
    ◦ Fixed bug #70895, #70898 (null ptr deref and segfault with crafted
      calable).
    ◦ Fixed bug #70249 (Segmentation fault while running PHPUnit tests
      on phpBB 3.2-dev).
    ◦ Fixed bug #70805 (Segmentation faults whilst running Drupal 8 test
      suite).
    ◦ Fixed bug #70842 (Persistent Stream Segmentation Fault).
    ◦ Fixed bug #70862 (Several functions do not check return code of
      php_stream_copy_to_mem()).
    ◦ Fixed bug #70863 (Incorect logic to increment_function for proxy
      objects).
    ◦ Fixed bug #70323 (Regression in zend_fetch_debug_backtrace() can
      cause segfaults).
    ◦ Fixed bug #70873 (Regression on private static properties access).
    ◦ Fixed bug #70748 (Segfault in ini_lex () at
      Zend/zend_ini_scanner.l).
    ◦ Fixed bug #70689 (Exception handler does not work as expected).
    ◦ Fixed bug #70430 (Stack buffer overflow in
      zend_language_parser()).
    ◦ Fixed bug #70782 (null ptr deref and segfault
      (zend_get_class_fetch_type)).
    ◦ Fixed bug #70785 (Infinite loop due to exception during identical
      comparison).
    ◦ Fixed bug #70630 (Closure::call/bind() crash with
      ReflectionFunction-> getClosure()).
    ◦ Fixed bug #70662 (Duplicate array key via undefined index error
      handler).
    ◦ Fixed bug #70681 (Segfault when binding $this of internal instance
      method to null).
    ◦ Fixed bug #70685 (Segfault for getClosure() internal method rebind
      with invalid $this).
    ◦ Added zend_internal_function.reserved[] fields.
    ◦ Fixed bug #70557 (Memleak on return type verifying failed).
    ◦ Fixed bug #70555 (fun_get_arg() on unsetted vars return UNKNOW).
    ◦ Fixed bug #70548 (Redundant information printed in case of
      uncaught engine exception).
    ◦ Fixed bug #70547 (unsetting function variables corrupts
      backtrace).
    ◦ Fixed bug #70528 (assert() with instanceof adds apostrophes around
      class name).
    ◦ Fixed bug #70481 (Memory leak in auto_global_copy_ctor() in ZTS
      build).
    ◦ Fixed bug #70431 (Memory leak in php_ini.c).
    ◦ Fixed bug #70478 (**= does no longer work).
    ◦ Fixed bug #70398 (SIGSEGV, Segmentation fault
      zend_ast_destroy_ex).
    ◦ Fixed bug #70332 (Wrong behavior while returning reference on
      object).
    ◦ Fixed bug #70300 (Syntactical inconsistency with new group use
      syntax).
    ◦ Fixed bug #70321 (Magic getter breaks reference to array
      property).
    ◦ Fixed bug #70187 (Notice: unserialize(): Unexpected end of
      serialized data).
    ◦ Fixed bug #70145 (From field incorrectly parsed from headers).
    ◦ Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10
      when building extensions).
    ◦ Fixed bug causing exception traces with anon classes to be
      truncated.
    ◦ Fixed bug #70397 (Segmentation fault when using Closure::call and
      yield).
    ◦ Fixed bug #70299 (Memleak while assigning object offsetGet
      result).
    ◦ Fixed bug #70288 (Apache crash related to ZEND_SEND_REF).
    ◦ Fixed bug #70262 (Accessing array crashes PHP 7.0beta3).
    ◦ Fixed bug #70258 (Segfault if do_resize fails to allocated
      memory).
    ◦ Fixed bug #70253 (segfault at _efree () in zend_alloc.c:1389).
    ◦ Fixed bug #70240 (Segfault when doing unset($var());).
    ◦ Fixed bug #70223 (Incrementing value returned by magic getter).
    ◦ Fixed bug #70215 (Segfault when __invoke is static).
    ◦ Fixed bug #70207 (Finally is broken with opcache).
    ◦ Fixed bug #70173 (ZVAL_COPY_VALUE_EX broken for 32bit Solaris
      Sparc).
    ◦ Fixed bug #69487 (SAPI may truncate POST data).
    ◦ Fixed bug #70198 (Checking liveness does not work as expected).
    ◦ Fixed bug #70241, #70293 (Skipped assertions affect Generator
      returns).
    ◦ Fixed bug #70239 (Creating a huge array doesn't result in
      exhausted, but segfault).
    ◦ Fixed "finally" issues.
    ◦ Fixed bug #70098 (Real memory usage doesn't decrease).
    ◦ Fixed bug #70159 (__CLASS__ is lost in closures).
    ◦ Fixed bug #70156 (Segfault in zend_find_alias_name).
    ◦ Fixed bug #70124 (null ptr deref / seg fault in
      ZEND_HANDLE_EXCEPTION).
    ◦ Fixed bug #70117 (Unexpected return type error).
    ◦ Fixed bug #70106 (Inheritance by anonymous class).
    ◦ Fixed bug #69674 (SIGSEGV array.c:953).
    ◦ Fixed bug #70164 (__COMPILER_HALT_OFFSET__ under namespace is not
      defined).
    ◦ Fixed bug #70108 (sometimes empty $_SERVER['QUERY_STRING']).
    ◦ Fixed bug #70179 ($this refcount issue).
    ◦ Fixed bug #69896 ('asm' operand has impossible constraints).
    ◦ Fixed bug #70183 (null pointer deref (segfault) in
      zend_eval_const_expr).
    ◦ Fixed bug #70182 (Segfault in
      ZEND_ASSIGN_DIV_SPEC_CV_UNUSED_HANDLER).
    ◦ Fixed bug #69793 (Remotely triggerable stack exhaustion via
      recursive method calls).
    ◦ Fixed bug #69892 (Different arrays compare indentical due to
      integer key truncation).
    ◦ Fixed bug #70121 (unserialize() could lead to unexpected methods
      execution / NULL pointer deref).
    ◦ Fixed bug #70089 (segfault at
      ZEND_FETCH_DIM_W_SPEC_VAR_CONST_HANDLER ()).
    ◦ Fixed bug #70057 (Build failure on 32-bit Mac OS X 10.6.8:
      recursive inlining).
    ◦ Fixed bug #70012 (Exception lost with nested finally block).
    ◦ Fixed bug #69996 (Changing the property of a cloned object affects
      the original).
    ◦ Fixed bug #70083 (Use after free with assign by ref to overloaded
      objects).
    ◦ Fixed bug #70006 (cli - function with default arg = STDOUT crash
      output).
    ◦ Fixed bug #69521 (Segfault in gc_collect_cycles()).
    ◦ Improved zend_string API.
    ◦ Fixed bug #69955 (Segfault when trying to combine [] and assign-op
      on ArrayAccess object).
    ◦ Fixed bug #69957 (Different ways of handling div/mod/intdiv).
    ◦ Fixed bug #69900 (Too long timeout on pipes).
    ◦ Fixed bug #69872 (uninitialised value in strtr with array).
    ◦ Fixed bug #69868 (Invalid read of size 1 in
      zend_compile_short_circuiting).
    ◦ Fixed bug #69849 (Broken output of apache_request_headers).
    ◦ Fixed bug #69840 (iconv_substr() doesn't work with UTF-16BE).
    ◦ Fixed bug #69823 (PHP 7.0.0alpha1 segmentation fault when exactly
      33 extensions are loaded).
    ◦ Fixed bug #69805 (null ptr deref and seg fault in
      zend_resolve_class_name).
    ◦ Fixed bug #69802 (Reflection on Closure::__invoke borks type hint
      class name).
    ◦ Fixed bug #69761 (Serialization of anonymous classes should be
      prevented).
    ◦ Fixed bug #69551 (parse_ini_file() and parse_ini_string()
      segmentation fault).
    ◦ Fixed bug #69781 (phpinfo() reports Professional Editions of
      Windows 7/8/8.1/10 as "Business").
    ◦ Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
    ◦ Fixed bug #69889 (Null coalesce operator doesn't work for string
      offsets).
    ◦ Fixed bug #69891 (Unexpected array comparison result).
    ◦ Fixed bug #69892 (Different arrays compare indentical due to
      integer key truncation).
    ◦ Fixed bug #69893 (Strict comparison between integer and empty
      string keys crashes).
    ◦ Fixed bug #69767 (Default parameter value with wrong type
      segfaults).
    ◦ Fixed bug #69756 (Fatal error: Nesting level too deep - recursive
      dependency ? with ===).
    ◦ Fixed bug #69758 (Item added to array not being removed by
      array_pop/shift ).
    ◦ Fixed bug #68475 (Add support for $callable() sytnax with
      'Class::method').
    ◦ Fixed bug #69485 (Double free on zend_list_dtor).
    ◦ Fixed bug #69427 (Segfault on magic method __call of private
      method in superclass).
    ◦ Improved __call() and __callStatic() magic method handling. Now
      they are called in a stackless way using ZEND_CALL_TRAMPOLINE
      opcode, without additional stack frame.
    ◦ Optimized strings concatenation.
    ◦ Fixed weird operators behavior. Division by zero now emits warning
      and returns +/-INF, modulo by zero and intdid() throws an
      exception, shifts by negative offset throw exceptions.
      Compile-time evaluation of division by zero is disabled.
    ◦ Fixed bug #69371 (Hash table collision leads to inaccessible array
      keys).
    ◦ Fixed bug #68933 (Invalid read of size 8 in
      zend_std_read_property).
    ◦ Fixed bug #68252 (segfault in Zend/zend_hash.c in function
      _zend_hash_del_el).
    ◦ Fixed bug #65598 (Closure executed via static autoload incorrectly
      marked as static).
    ◦ Fixed bug #66811 (Cannot access static::class in lambda, writen
      outside of a class).
    ◦ Fixed bug #69568 (call a private function in closure failed).
    ◦ Added PHP_INT_MIN constant.
    ◦ Added Closure::call() method.
    ◦ Fixed bug #67959 (Segfault when calling phpversion('spl')).
    ◦ Implemented the RFC `Catchable "Call to a member function bar() on
      a non-object"`.
    ◦ Added options parameter for unserialize allowing to specify
      acceptable classes (https://wiki.php.net/rfc/secure_unserialize).
    ◦ Fixed bug #63734 (Garbage collector can free zvals that are still
      referenced).
    ◦ Removed ZEND_ACC_FINAL_CLASS, promoting ZEND_ACC_FINAL as final
      class modifier.
    ◦ is_long() & is_integer() is now an alias of is_int().
    ◦ Implemented FR #55467 (phpinfo: PHP Variables with $ and single
      quotes).
    ◦ Added ?? operator.
    ◦ Added <=> operator.
    ◦ Added \u{xxxxx} Unicode Codepoint Escape Syntax.
    ◦ Fixed oversight where define() did not support arrays yet const
      syntax did.
    ◦ Use "integer" and "float" instead of "long" and "double" in ZPP,
      type hint and conversion error messages.
    ◦ Implemented FR #55428 (E_RECOVERABLE_ERROR when output buffering
      in output buffering handler).
    ◦ Removed scoped calls of non-static methods from an incompatible
      $this context.
    ◦ Removed support for #-style comments in ini files.
    ◦ Removed support for assigning the result of new by reference.
    ◦ Invalid octal literals in source code now produce compile errors,
      fixes PHPSadness #31.
    ◦ Removed dl() function on fpm-fcgi.
    ◦ Removed support for hexadecimal numeric strings.
    ◦ Removed obsolete extensions and SAPIs. See the full list in
      UPGRADING.
    ◦ Added NULL byte protection to exec, system and passthru.
    ◦ Added error_clear_last() function.
    ◦ Fixed bug #68797 (Number 2.2250738585072012e-308 converted
      incorrectly).
    ◦ Improved zend_qsort(using hybrid sorting algo) for better
      performance, and also renamed zend_qsort to zend_sort.
    ◦ Added stable sorting algo zend_insert_sort.
    ◦ Improved zend_memnchr(using sunday algo) for better performance.
    ◦ Implemented the RFC `Scalar Type Decalarations v0.5`.
    ◦ Implemented the RFC `Group Use Declarations`.
    ◦ Implemented the RFC `Continue Output Buffering`.
    ◦ Implemented the RFC `Constructor behaviour of internal classes`.
    ◦ Implemented the RFC `Fix "foreach" behavior`.
    ◦ Implemented the RFC `Generator Delegation`.
    ◦ Implemented the RFC `Anonymous Class Support`.
    ◦ Implemented the RFC `Context Sensitive Lexer`.
    ◦ Fixed bug #69511 (Off-by-one buffer overflow in php_sys_readlink).
 • CLI server:
    ◦ Fixed bug #68291 (404 on urls with '+').
    ◦ Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE).
    ◦ Fixed bug #70264 (CLI server directory traversal).
    ◦ Fixed bug #69655 (php -S changes MKCALENDAR request method to
      MKCOL).
    ◦ Fixed bug #64878 (304 responses return Content-Type header).
    ◦ Refactor MIME type handling to use a hash table instead of linear
      search.
    ◦ Update the MIME type list from the one shipped by Apache HTTPD.
    ◦ Added support for SEARCH WebDav method.
 • COM:
    ◦ Fixed bug #69939 (Casting object to bool returns false).
 • Curl:
    ◦ Fixed bug #70330 (Segmentation Fault with multiple
      "curl_copy_handle").
    ◦ Fixed bug #70163 (curl_setopt_array() type confusion).
    ◦ Fixed bug #70065 (curl_getinfo() returns corrupted values).
    ◦ Fixed bug #69831 (Segmentation fault in curl_getinfo).
    ◦ Fixed bug #68937 (Segfault in curl_multi_exec).
    ◦ Removed support for unsafe file uploads.
 • Date:
    ◦ Fixed bug #70245 (strtotime does not emit warning when 2nd
      parameter is object or string).
    ◦ Fixed bug #70266 (DateInterval::__construct.interval_spec is not
      supposed to be optional).
    ◦ Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after
      null byte).
    ◦ Fixed day_of_week function as it could sometimes return negative
      values internally.
    ◦ Removed $is_dst parameter from mktime() and gmmktime().
    ◦ Removed date.timezone warning
      (https://wiki.php.net/rfc/date.timezone_warning_removal).
    ◦ Added "v" DateTime format modifier to get the 3-digit version of
      fraction of seconds.
    ◦ Implemented FR #69089 (Added DateTime::RFC3339_EXTENDED to output
      in RFC3339 Extended format which includes fraction of seconds).
 • DBA:
    ◦ Fixed bug #62490 (dba_delete returns true on missing item
      (inifile)).
    ◦ Fixed bug #68711 (useless comparisons).
 • DOM:
    ◦ Fixed bug #70558 ("Couldn't fetch" error in
      DOMDocument::registerNodeClass()).
    ◦ Fixed bug #70001 (Assigning to DOMNode::textContent does
      additional entity encoding).
    ◦ Fixed bug #69846 (Segmenation fault (access violation) when
      iterating over DOMNodeList).
    ◦ Made DOMNode::textContent writeable.
 • EXIF:
    ◦ Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD
      tag byte value of 32 bytes).
 • Fileinfo:
    ◦ Fixed bug #66242 (libmagic: don't assume char is signed).
 • Filter:
    ◦ New FILTER_VALIDATE_DOMAIN and better RFC conformance for
      FILTER_VALIDATE_URL.
 • FPM:
    ◦ Fixed bug #70538 ("php-fpm -i" crashes).
    ◦ Fixed bug #70279 (HTTP Authorization Header is sometimes passed to
      newer reqeusts).
    ◦ Fixed bug #68945 (Unknown admin values segfault pools).
    ◦ Fixed bug #65933 (Cannot specify config lines longer than 1024
      bytes).
    ◦ Implemented FR #67106 (Split main fpm config).
 • FTP:
    ◦ Fixed bug #69082 (FTPS support on Windows).
 • GD:
    ◦ Fixed bug #53156 (imagerectangle problem with point ordering).
    ◦ Fixed bug #66387 (Stack overflow with imagefilltoborder).
    ◦ Fixed bug #70102 (imagecreatefromwebm() shifts colors).
    ◦ Fixed bug #66590 (imagewebp() doesn't pad to even length).
    ◦ Fixed bug #66882 (imagerotate by -90 degrees truncates image by
      1px).
    ◦ Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory).
    ◦ Fixed bug #69024 (imagescale segfault with palette based image).
    ◦ Fixed bug #53154 (Zero-height rectangle has whiskers).
    ◦ Fixed bug #67447 (imagecrop() add a black line when cropping).
    ◦ Fixed bug #68714 (copy 'n paste error).
    ◦ Fixed bug #66339 (PHP segfaults in imagexbm).
    ◦ Fixed bug #70047 (gd_info() doesn't report WebP support).
    ◦ Replace libvpx with libwebp for bundled libgd.
    ◦ Fixed bug #61221 (imagegammacorrect function loses alpha channel).
    ◦ Made fontFetch's path parser thread-safe.
    ◦ Removed T1Lib support.
 • GMP:
    ◦ Fixed bug #70284 (Use after free vulnerability in unserialize()
      with GMP).
 • hash:
    ◦ Fixed bug #70312 (HAVAL gives wrong hashes in specific cases).
 • IMAP:
    ◦ Fixed bug #70158 (Building with static imap fails).
    ◦ Fixed bug #69998 (curl multi leaking memory).
 • Intl:
    ◦ Fixed bug #70453 (IntlChar::foldCase() incorrect arguments and
      missing constants).
    ◦ Fixed bug #70454 (IntlChar::forDigit second parameter should be
      optional).
    ◦ Removed deprecated aliases datefmt_set_timezone_id() and
      IntlDateFormatter::setTimeZoneID().
 • JSON:
    ◦ Fixed bug #62010 (json_decode produces invalid byte-sequences).
    ◦ Fixed bug #68546 (json_decode() Fatal error: Cannot access
      property started with '\0').
    ◦ Replace non-free JSON parser with a parser from Jsond extension,
      fixes #63520 (JSON extension includes a problematic license
      statement).
    ◦ Fixed bug #68938 (json_decode() decodes empty string without
      error).
 • LDAP:
    ◦ Fixed bug #47222 (Implement LDAP_OPT_DIAGNOSTIC_MESSAGE).
 • LiteSpeed:
    ◦ Updated LiteSpeed SAPI code from V5.5 to V6.6.
 • libxml:
    ◦ Fixed handling of big lines in error messages with libxml >=
      2.9.0.
 • Mcrypt:
    ◦ Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV
      was specified under RC4).
    ◦ Fixed bug #69833 (mcrypt fd caching not working).
    ◦ Fixed possible read after end of buffer and use after free.
    ◦ Removed mcrypt_generic_end() alias.
    ◦ Removed mcrypt_ecb(), mcrypt_cbc(), mcrypt_cfb(), mcrypt_ofb().
 • Mysqli:
    ◦ Fixed bug #32490 (constructor of mysqli has wrong name).
 • Mysqlnd:
    ◦ Fixed bug #70949 (SQL Result Sets With NULL Can Cause Fatal Memory
      Errors).
    ◦ Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the
      server).
    ◦ Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when
      connecting to a server).
    ◦ Fixed bug #70572 segfault in mysqlnd_connect.
    ◦ Fixed bug #69796 (mysqli_stmt::fetch doesn't assign null values to
      bound variables).
 • OCI8:
    ◦ Fixed memory leak with LOBs.
    ◦ Fixed bug #68298 (OCI int overflow).
    ◦ Corrected oci8 hash destructors to prevent segfaults, and a few
      other fixes.
 • ODBC:
    ◦ Fixed bug #69975 (PHP segfaults when accessing nvarchar(max)
      defined columns).
 • Opcache:
    ◦ Fixed bug #70656 (require() statement broken after opcache_reset()
      or a few hours of use).
    ◦ Fixed bug #70843 (Segmentation fault on MacOSX with
      opcache.file_cache_only=1).
    ◦ Fixed bug #70724 (Undefined Symbols from opcache.so on Mac OS X
      10.10).
    ◦ Fixed compatibility with Windows 10 (see also bug #70652).
    ◦ Attmpt to fix "Unable to reattach to base address" problem.
    ◦ Fixed bug #70423 (Warning Internal error: wrong size calculation).
    ◦ Fixed bug #70237 (Empty while and do-while segmentation fault with
      opcode on CLI enabled).
    ◦ Fixed bug #70111 (Segfault when a function uses both an explicit
      return type and an explicit cast).
    ◦ Fixed bug #70058 (Build fails when building for i386).
    ◦ Fixed bug #70022 (Crash with opcache using
      opcache.file_cache_only=1).
    ◦ Removed opcache.load_comments configuration directive. Now doc
      comments loading costs nothing and always enabled.
    ◦ Fixed bug #69838 (Wrong size calculation for function table).
    ◦ Fixed bug #69688 (segfault with eval and opcache fast shutdown).
    ◦ Added experimental (disabled by default) file based opcode cache.
    ◦ Fixed bug with try blocks being removed when extended_info opcode
      generation is turned on.
    ◦ Fixed bug #68644 (strlen incorrect : mbstring + func_overload=2
      +UTF-8 + Opcache).
 • OpenSSL:
    ◦ Require at least OpenSSL version 0.9.8.
    ◦ Fixed bug #68312 (Lookup for openssl.cnf causes a message box).
    ◦ Fixed bug #55259 (openssl extension does not get the DH parameters
      from DH key resource).
    ◦ Fixed bug #70395 (Missing ARG_INFO for openssl_seal()).
    ◦ Fixed bug #60632 (openssl_seal fails with AES).
    ◦ Implemented FR #70438 (Add IV parameter for openssl_seal and
      openssl_open).
    ◦ Fixed bug #70014 (openssl_random_pseudo_bytes() is not
      cryptographically secure).
    ◦ Fixed bug #69882 (OpenSSL error "key values mismatch" after
      openssl_pkcs12_read with extra cert).
    ◦ Added "alpn_protocols" SSL context option allowing encrypted
      client/server streams to negotiate alternative protocols using the
      ALPN TLS extension when built against OpenSSL 1.0.2 or newer.
      Negotiated protocol information is accessible through
      stream_get_meta_data() output.
    ◦ Removed "CN_match" and "SNI_server_name" SSL context options. Use
      automatic detection or the "peer_name" option instead.
 • Pcntl:
    ◦ Fixed bug #70386 (Can't compile on NetBSD because of missing
      WCONTINUED and WIFCONTINUED).
    ◦ Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old
      handler when setting SIG_DFL).
    ◦ Implemented FR #68505 (Added wifcontinued and wcontinued).
    ◦ Added rusage support to pcntl_wait() and pcntl_waitpid().
 • PCRE:
    ◦ Fixed bug #70232 (Incorrect bump-along behavior with \K and empty
      string match).
    ◦ Fixed bug #70345 (Multiple vulnerabilities related to PCRE
      functions).
    ◦ Fixed bug #70232 (Incorrect bump-along behavior with \K and empty
      string match).
    ◦ Fixed bug #53823 (preg_replace: * qualifier on unicode replace
      garbles the string).
    ◦ Fixed bug #69864 (Segfault in preg_replace_callback).
 • PDO:
    ◦ Fixed bug #70861 (Segmentation fault in pdo_parse_params() during
      Drupal 8 test suite).
    ◦ Fixed bug #70389 (PDO constructor changes unrelated variables).
    ◦ Fixed bug #70272 (Segfault in pdo_mysql).
    ◦ Fixed bug #70221 (persistent sqlite connection + custom function
      segfaults).
    ◦ Removed support for the /e (PREG_REPLACE_EVAL) modifier.
    ◦ Fixed bug #59450 (./configure fails with "Cannot find
      php_pdo_driver.h").
 • PDO_DBlib:
    ◦ Fixed bug #69757 (Segmentation fault on nextRowset).
 • PDO_mysql:
    ◦ Fixed bug #68424 (Add new PDO mysql connection attr to control
      multi statements option).
 • PDO_OCI:
    ◦ Fixed bug #70308 (PDO::ATTR_PREFETCH is ignored).
 • PDO_pgsql:
    ◦ Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
      Statements when closeCuror() is u).
    ◦ Removed PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT attribute in
      favor of ATTR_EMULATE_PREPARES).
 • Phar:
    ◦ Fixed bug #69720 (Null pointer dereference in
      phar_get_fp_offset()).
    ◦ Fixed bug #70433 (Uninitialized pointer in phar_make_dirstream
      when zip entry filename is "/").
    ◦ Improved fix for bug #69441.
    ◦ Fixed bug #70019 (Files extracted from archive may be placed
      outside of destination directory).
 • Phpdbg:
    ◦ Fixed bug #70614 (incorrect exit code in -rr mode with
      Exceptions).
    ◦ Fixed bug #70532 (phpdbg must respect set_exception_handler).
    ◦ Fixed bug #70531 (Run and quit mode (-qrr) should not fallback to
      interactive mode).
    ◦ Fixed bug #70533 (Help overview (-h) does not rpint anything under
      Windows).
    ◦ Fixed bug #70449 (PHP won't compile on 10.4 and 10.5 because of
      missing constants).
    ◦ Fixed bug #70214 (FASYNC not defined, needs sys/file.h include).
    ◦ Fixed bug #70138 (Segfault when displaying memory leaks).
 • Reflection:
    ◦ Fixed bug #70650 (Wrong docblock assignment).
    ◦ Fixed bug #70674 (ReflectionFunction::getClosure() leaks memory
      when used for internal functions).
    ◦ Fixed bug causing bogus traces for
      ReflectionGenerator::getTrace().
    ◦ Fixed inheritance chain of Reflector interface.
    ◦ Added ReflectionGenerator class.
    ◦ Added reflection support for return types and type declarations.
 • Session:
    ◦ Fixed bug #70876 (Segmentation fault when regenerating session id
      with strict mode).
    ◦ Fixed bug #70529 (Session read causes "String is not
      zero-terminated" error).
    ◦ Fixed bug #70013 (Reference to $_SESSION is lost after a call to
      session_regenerate_id()).
    ◦ Fixed bug #69952 (Data integrity issues accessing superglobals by
      reference).
    ◦ Fixed bug #67694 (Regression in session_regenerate_id()).
    ◦ Fixed bug #68941 (mod_files.sh is a bash-script).
 • SOAP:
    ◦ Fixed bug #70940 (Segfault in soap / type_to_string).
    ◦ Fixed bug #70900 (SoapClient systematic out of memory error).
    ◦ Fixed bug #70875 (Segmentation fault if wsdl has no
      targetNamespace attribute).
    ◦ Fixed bug #70715 (Segmentation fault inside soap client).
    ◦ Fixed bug #70709 (SOAP Client generates Segfault).
    ◦ Fixed bug #70388 (SOAP serialize_function_call() type confusion /
      RCE).
    ◦ Fixed bug #70081 (SoapClient info leak / null pointer dereference
      via multiple type confusions).
    ◦ Fixed bug #70079 (Segmentation fault after more than 100
      SoapClient calls).
    ◦ Fixed bug #70032 (make_http_soap_request calls
      zend_hash_get_current_key_ex(,,,NULL).
    ◦ Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes).
 • SPL:
    ◦ Fixed bug #70959 (ArrayObject unserialize does not restore
      protected fields).
    ◦ Fixed bug #70853 (SplFixedArray throws exception when using ref
      variable as index).
    ◦ Fixed bug #70868 (PCRE JIT and pattern reuse segfault).
    ◦ Fixed bug #70730 (Incorrect ArrayObject serialization if unset is
      called in serialize()).
    ◦ Fixed bug #70573 (Cloning SplPriorityQueue leads to memory leaks).
    ◦ Fixed bug #70303 (Incorrect constructor reflection for
      ArrayObject).
    ◦ Fixed bug #70068 (Dangling pointer in the unserialization of
      ArrayObject items).
    ◦ Fixed bug #70166 (Use After Free Vulnerability in unserialize()
      with SPLArrayObject).
    ◦ Fixed bug #70168 (Use After Free Vulnerability in unserialize()
      with SplObjectStorage).
    ◦ Fixed bug #70169 (Use After Free Vulnerability in unserialize()
      with SplDoublyLinkedList).
    ◦ Fixed bug #70053 (MutlitpleIterator array-keys incompatible change
      in PHP 7).
    ◦ Fixed bug #69970 (Use-after-free vulnerability in
      spl_recursive_it_move_forward_ex()).
    ◦ Fixed bug #69845 (ArrayObject with ARRAY_AS_PROPS broken).
    ◦ Changed ArrayIterator implementation using zend_hash_iterator_...
      API. Allowed modification of iterated ArrayObject using the same
      behavior as proposed in `Fix "foreach" behavior`. Removed "Array
      was modified outside object and internal position is no longer
      valid" hack.
    ◦ Implemented FR #67886 (SplPriorityQueue/SplHeap doesn't expose
      extractFlags nor curruption state).
    ◦ Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME
      breaks the RecursiveIterator).
 • SQLite3:
    ◦ Fixed bug #70571 (Memory leak in sqlite3_do_callback).
    ◦ Fixed bug #69972 (Use-after-free vulnerability in
      sqlite3SafetyCheckSickOrOk()).
    ◦ Fixed bug #69897 (segfault when manually constructing
      SQLite3Result).
    ◦ Fixed bug #68260 (SQLite3Result::fetchArray declares wrong
      required_num_args).
 • Standard:
    ◦ Fixed count on symbol tables.
    ◦ Fixed bug #70963 (Unserialize shows UNKNOWN in result).
    ◦ Fixed bug #70910 (extract() breaks variable references).
    ◦ Fixed bug #70808 (array_merge_recursive corrupts memory of unset
      items).
    ◦ Fixed bug #70667 (strtr() causes invalid writes and a crashes).
    ◦ Fixed bug #70668 (array_keys() doesn't respect references when
      $strict is true).
    ◦ Implemented the RFC `Random Functions Throwing Exceptions in PHP
      7`.
    ◦ Fixed bug #70487 (pack('x') produces an error).
    ◦ Fixed bug #70342 (changing configuration with
      ignore_user_abort(true) isn't working).
    ◦ Fixed bug #70295 (Segmentation fault with setrawcookie).
    ◦ Fixed bug #67131 (setcookie() conditional for empty values not
      met).
    ◦ Fixed bug #70365 (Use-after-free vulnerability in unserialize()
      with SplObjectStorage).
    ◦ Fixed bug #70366 (Use-after-free vulnerability in unserialize()
      with SplDoublyLinkedList).
    ◦ Fixed bug #70250 (extract() turns array elements to references).
    ◦ Fixed bug #70211 (php 7 ZEND_HASH_IF_FULL_DO_RESIZE use after
      free).
    ◦ Fixed bug #70208 (Assert breaking access on objects).
    ◦ Fixed bug #70140 (str_ireplace/php_string_tolower - Arbitrary Code
      Execution).
    ◦ Implemented FR #70112 (Allow "dirname" to go up various times).
    ◦ Fixed bug #36365 (scandir duplicates file name at every 65535th
      file).
    ◦ Fixed bug #70096 (Repeated iptcembed() adds superfluous FF bytes).
    ◦ Fixed bug #70018 (exec does not strip all whitespace).
    ◦ Fixed bug #69983 (get_browser fails with user agent of null).
    ◦ Fixed bug #69976 (Unable to parse "all" urls with colon char).
    ◦ Fixed bug #69768 (escapeshell*() doesn't cater to !).
    ◦ Fixed bug #62922 (Truncating entire string should result in
      string).
    ◦ Fixed bug #69723 (Passing parameters by reference and
      array_column).
    ◦ Fixed bug #69523 (Cookie name cannot be empty).
    ◦ Fixed bug #69325 (php_copy_file_ex does not pass the argument).
    ◦ Fixed bug #69299 (Regression in array_filter's $flag argument in
      PHP 7).
    ◦ Removed call_user_method() and call_user_method_array() functions.
    ◦ Fixed user session handlers (See rfc:session.user.return-value).
    ◦ Added intdiv() function.
    ◦ Improved precision of log() function for base 2 and 10.
    ◦ Remove string category support in setlocale().
    ◦ Remove set_magic_quotes_runtime() and its alias
      magic_quotes_runtime().
    ◦ Fixed bug #65272 (flock() out parameter not set correctly in
      windows).
    ◦ Added preg_replace_callback_array function.
    ◦ Deprecated salt option to password_hash.
    ◦ Fixed bug #69686 (password_verify reports back error on PHP7 will
      null string).
    ◦ Added Windows support for getrusage().
    ◦ Removed hardcoded limit on number of pipes in proc_open().
 • Streams:
    ◦ Fixed bug #70361 (HTTP stream wrapper doesn't close keep-alive
      connections).
    ◦ Fixed bug #68532 (convert.base64-encode omits padding bytes).
    ◦ Removed set_socket_blocking() in favor of its alias
      stream_set_blocking().
 • Tokenizer:
    ◦ Fixed bug #69430 (token_get_all has new irrecoverable errors).
 • XMLReader:
    ◦ Fixed bug #70309 (XmlReader read generates extra output).
 • XMLRPC:
    ◦ Fixed bug #70526 (xmlrpc_set_type returns false on success).
 • XSL:
    ◦ Fixed bug #70678 (PHP7 returns true when false is expected).
    ◦ Fixed bug #70535 (XSLT: free(): invalid pointer).
    ◦ Fixed bug #69782 (NULL pointer dereference).
    ◦ Fixed bug #64776 (The XSLT extension is not thread safe).
    ◦ Removed xsl.security_prefs ini option.
 • Zlib:
    ◦ Added deflate_init(), deflate_add(), inflate_init(), inflate_add()
      functions allowing incremental/streaming
      compression/decompression.
 • Zip:
    ◦ Fixed bug #70322 (ZipArchive::close() doesn't indicate errors).
    ◦ Fixed bug #70350 (ZipArchive::extractTo allows for directory
      traversal when creating directories).
    ◦ Added ZipArchive::setCompressionName and
      ZipArchive::setCompressionIndex methods.
    ◦ Update bundled libzip to 1.0.1.
    ◦ Fixed bug #67161 (ZipArchive::getStream() returns NULL for certain
      file).

Change History (2)

comment:1 by Fernando de Oliveira, 9 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:2 by Fernando de Oliveira, 9 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r16708.

Note: See TracTickets for help on using tickets.