1PHP NEWS 2||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| 3?? ??? 2019, PHP 5.6.41 4 510 Jan 2019, PHP 5.6.40 6 7- GD: 8 . Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to 9 use-after-free). (cmb) 10 . Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb) 11 12- Mbstring: 13 . Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas) 14 . Fixed bug #77371 (heap buffer overflow in mb regex functions 15 - compile_string_node). (Stas) 16 . Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas) 17 . Fixed bug #77382 (heap buffer overflow due to incorrect length in 18 expand_case_fold_string). (Stas) 19 . Fixed bug #77385 (buffer overflow in fetch_token). (Stas) 20 . Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas) 21 . Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas) 22 23- Phar: 24 . Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas) 25 26- Xmlrpc: 27 . Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb) 28 . Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas) 29 3006 Dec 2018, PHP 5.6.39 31 32- Core: 33 . Fixed bug #77231 (Segfault when using convert.quoted-printable-encode 34 filter). (Stas) 35 36- IMAP: 37 . Fixed bug #77020 (null pointer dereference in imap_mail). (cmb) 38 . Fixed bug #77153 (imap_open allows to run arbitrary shell commands via 39 mailbox parameter). (Stas) 40 41- Phar: 42 . Fixed bug #77022 (PharData always creates new files with mode 0666). (Stas) 43 . Fixed bug #77143 (Heap Buffer Overflow (READ: 4) in phar_parse_pharfile). 44 (Stas) 45 4613 Sep 2018, PHP 5.6.38 47 48- Apache2 49 . Fixed bug #76582 (XSS due to the header Transfer-Encoding: chunked). (Stas) 50 5119 Jul 2018, PHP 5.6.37 52 53- Exif: 54 . Fixed bug #76423 (Int Overflow lead to Heap OverFlow in 55 exif_thumbnail_extract of exif.c). (Stas) 56 . Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif 57 data). (Stas) 58 59- Win32: 60 . Fixed bug #76459 (windows linkinfo lacks openbasedir check). (Anatol) 61 6226 Apr 2018 PHP 5.6.36 63 64- Exif: 65 . Fixed bug #76130 (Heap Buffer Overflow (READ: 1786) in exif_iif_add_value). 66 (Stas) 67 68- iconv: 69 . Fixed bug #76249 (stream filter convert.iconv leads to infinite loop on 70 invalid sequence). (Stas) 71 72- LDAP: 73 . Fixed bug #76248 (Malicious LDAP-Server Response causes Crash). (Stas) 74 75- Phar: 76 . Fixed bug #76129 (fix for CVE-2018-5712 may not be complete). (Stas) 77 7829 Mar 2018, PHP 5.6.35 79 80- FPM: 81 . Fixed bug #75605 (Dumpable FPM child processes allow bypassing opcache 82 access controls). (Jakub Zelenka) 83 8401 Mar 2018, PHP 5.6.34 85 86- Standard: 87 . Fixed bug #75981 (stack-buffer-overflow while parsing HTTP response). (Stas) 88 8904 Jan 2018, PHP 5.6.33 90 91- GD: 92 . Fixed bug #75571 (Potential infinite loop in gdImageCreateFromGifCtx). (cmb) 93 94- Phar: 95 . Fixed bug #74782 (Reflected XSS in .phar 404 page). (Stas) 96 9726 Sep 2017, PHP 5.6.32 98 99- Date: 100 . Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick) 101 102- mcrypt: 103 . Fixed bug #72535 (arcfour encryption stream filter crashes php). (Leigh) 104 105- PCRE: 106 . Fixed bug #75207 (applied upstream patch for CVE-2016-1283). (Anatol) 107 10806 Jul 2017, PHP 5.6.31 109 110- Core: 111 . Fixed bug #73807 (Performance problem with processing post request over 112 2000000 chars). (Nikita) 113 . Fixed bug #74111 (Heap buffer overread (READ: 1) finish_nested_data from 114 unserialize). (Nikita) 115 . Fixed bug #74603 (PHP INI Parsing Stack Buffer Overflow Vulnerability). 116 (Stas) 117 . Fixed bug #74819 (wddx_deserialize() heap out-of-bound read via 118 php_parse_date()). (Derick) 119 120- GD: 121 . Fixed bug #74435 (Buffer over-read into uninitialized memory). (cmb) 122 123- mbstring: 124 . Add oniguruma upstream fix (CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, 125 CVE-2017-9228, CVE-2017-9229) (Remi, Mamoru TASAKA) 126 127- OpenSSL: 128 . Fixed bug #74651 (negative-size-param (-1) in memcpy in zif_openssl_seal()). 129 (Stas) 130 131- PCRE: 132 . Fixed bug #74087 (Segmentation fault in PHP7.1.1(compiled using the bundled PCRE library)). 133 (Stas) 134 135- WDDX: 136 . Fixed bug #74145 (wddx parsing empty boolean tag leads to SIGSEGV). (Stas) 137 13819 Jan 2017, PHP 5.6.30 139 140- EXIF: 141 . Fixed bug #73737 (FPE when parsing a tag format). (Stas) 142 143- GD: 144 . Fixed bug #73549 (Use after free when stream is passed to imagepng). (cmb) 145 . Fixed bug #73868 (DOS vulnerability in gdImageCreateFromGd2Ctx()). (cmb) 146 . Fixed bug #73869 (Signed Integer Overflow gd_io.c). (cmb) 147 148- Intl: 149 . Fixed bug #68447 (grapheme_extract take an extra trailing character). 150 (SATŌ Kentarō) 151 152- Phar: 153 . Fixed bug #73764 (Crash while loading hostile phar archive). (Stas) 154 . Fixed bug #73768 (Memory corruption when loading hostile phar). (Stas) 155 . Fixed bug #73773 (Seg fault when loading hostile phar). (Stas) 156 157- SQLite3: 158 . Reverted fix for bug #73530 (Unsetting result set may reset other result 159 set). (cmb) 160 161- Standard: 162 . Fixed bug #70213 (Unserialize context shared on double class lookup). 163 (Taoguang Chen) 164 . Fixed bug #73825 (Heap out of bounds read on unserialize in 165 finish_nested_data()). (Stas) 166 16708 Dec 2016, PHP 5.6.29 168 169- Mbstring: 170 . Fixed bug #73505 (string length overflow in mbfl_memory_device_output 171 function). (Stas) 172 173- Mysqlnd: 174 . Fixed bug #64526 (Add missing mysqlnd.* parameters to php.ini-*). (cmb) 175 176- Opcache: 177 . Fixed bug #73402 (Opcache segfault when using class constant to call a 178 method). (Laruence) 179 . Fixed bug #69090 (check cached files permissions) 180 181- OpenSSL 182 . Fixed bug #72776 (Invalid parameter in memcpy function trough 183 openssl_pbkdf2). (Jakub Zelenka) 184 185- Postgres: 186 . Fixed bug #73498 (Incorrect SQL generated for pg_copy_to()). (Craig Duncan) 187 188- SOAP: 189 . Fixed bug #73452 (Segfault (Regression for #69152)). (Dmitry) 190 191- SQLite3: 192 . Fixed bug #73530 (Unsetting result set may reset other result set). (cmb) 193 194- Standard: 195 . Fixed bug #73297 (HTTP stream wrapper should ignore HTTP 100 Continue). 196 (rowan dot collins at gmail dot com) 197 198- WDDX: 199 . Fixed bug #73631 (Memory leak due to invalid wddx stack processing). 200 (bughunter at fosec dot vn). 201 20210 Nov 2016, PHP 5.6.28 203 204- Core: 205 . Fixed bug #73337 (try/catch not working with two exceptions inside a same 206 operation). (Dmitry) 207 208- Bz2: 209 . Fixed bug #73356 (crash in bzcompress function). (Stas) 210 211-GD: 212 . Fixed bug #73213 (Integer overflow in imageline() with antialiasing). (cmb) 213 . Fixed bug #73272 (imagescale() is not affected by, but affects 214 imagesetinterpolation()). (cmb) 215 . Fixed bug #73279 (Integer overflow in gdImageScaleBilinearPalette()). (cmb) 216 . Fixed bug #73280 (Stack Buffer Overflow in GD dynamicGetbuf). (cmb) 217 . Fixed bug #72482 (Illegal write/read access caused by gdImageAALine overflow). 218 (cmb) 219 . Fixed bug #72696 (imagefilltoborder stackoverflow on truecolor images). (cmb) 220 221- Imap: 222 . Fixed bug #73418 (Integer Overflow in "_php_imap_mail" leads Heap Overflow). 223 (Anatol) 224 225- SPL: 226 . Fixed bug #73144 (Use-after-free in ArrayObject Deserialization). (Stas) 227 228- SOAP: 229 . Fixed bug #73037 (SoapServer reports Bad Request when gzipped). (Anatol) 230 231- SQLite3: 232 . Fixed bug #73333 (2147483647 is fetched as string). (cmb) 233 234- Standard: 235 . Fixed bug #73203 (passing additional_parameters causes mail to fail). (cmb) 236 . Fixed bug #73188 (use after free in userspace streams). (Sara) 237 . Fixed bug #73192 (parse_url return wrong hostname). (Nikita) 238 239- Wddx: 240 . Fixed bug #73331 (NULL Pointer Dereference in WDDX Packet Deserialization 241 with PDORow). (Stas) 242 24313 Oct 2016, PHP 5.6.27 244 245- Core: 246 . Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of 247 zend_virtual_cwd.c). (cmb) 248 . Fixed bug #73058 (crypt broken when salt is 'too' long). (Anatol) 249 . Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by 250 password_verify). (Anatol) 251 . Fixed bug #73189 (Memcpy negative size parameter php_resolve_path). (Stas) 252 . Fixed bug #73147 (Use After Free in unserialize()). (Stas) 253 254- BCmath: 255 . Fixed bug #73190 (memcpy negative parameter _bc_new_num_ex). (Stas) 256 257- DOM: 258 . Fixed bug #73150 (missing NULL check in dom_document_save_html). (Stas) 259 260- Ereg: 261 . Fixed bug #73284 (heap overflow in php_ereg_replace function). (Stas) 262 263- Filter: 264 . Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and 265 FILTER_FLAG_NO_PRIV_RANGE). (julien) 266 . Fixed bug #67167 (Wrong return value from FILTER_VALIDATE_BOOLEAN, 267 FILTER_NULL_ON_FAILURE). (levim, cmb) 268 . Fixed bug #73054 (default option ignored when object passed to int filter). 269 (cmb) 270 271- GD: 272 . Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette). 273 (cmb) 274 . Fixed bug #50194 (imagettftext broken on transparent background w/o 275 alphablending). (cmb) 276 . Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c). (trylab, 277 cmb) 278 . Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box). 279 (Mark Plomer, cmb) 280 . Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given). (cmb) 281 . Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries). (cmb) 282 . Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted 283 files). (cmb) 284 . Fixed bug #73161 (imagecreatefromgd2() may leak memory). (cmb) 285 286- Intl: 287 . Fixed bug #73218 (add mitigation for ICU int overflow). (Stas) 288 289- Imap: 290 . Fixed bug #73208 (integer overflow in imap_8bit caused heap corruption). 291 (Stas) 292 293- Mbstring: 294 . Fixed bug #72994 (mbc_to_code() out of bounds read). (Laruence, cmb) 295 . Fixed bug #66964 (mb_convert_variables() cannot detect recursion). (Yasuo) 296 . Fixed bug #72992 (mbstring.internal_encoding doesn't inherit default_charset). 297 (Yasuo) 298 . Fixed bug #73082 (string length overflow in mb_encode_* function). (Stas) 299 300- PCRE: 301 . Fixed bug #73174 (heap overflow in php_pcre_replace_impl). (Stas) 302 303- Opcache: 304 . Fixed bug #72590 (Opcache restart with kill_all_lockers does not work). 305 (Keyur) (julien backport) 306 307- OpenSSL: 308 . Fixed bug #73072 (Invalid path SNI_server_certs causes segfault). 309 (Jakub Zelenka) 310 . Fixed bug #73275 (crash in openssl_encrypt function). (Stas) 311 . Fixed bug #73276 (crash in openssl_random_pseudo_bytes function). (Stas) 312 313- Session: 314 . Fixed bug #68015 (Session does not report invalid uid for files save handler). 315 (Yasuo) 316 . Fixed bug #73100 (session_destroy null dereference in ps_files_path_create). 317 (cmb) 318 319- SimpleXML: 320 . Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()). 321 (Stas) 322 323- SPL: 324 . Fixed bug #73073 (CachingIterator null dereference when convert to string). 325 (Stas) 326 327- Standard: 328 . Fixed bug #73240 (Write out of bounds at number_format). (Stas) 329 . Fixed bug #73017 (memory corruption in wordwrap function). (Stas) 330 331- Stream: 332 . Fixed bug #73069 (readfile() mangles files larger than 2G). (Laruence) 333 334- Zip: 335 . Fixed bug #70752 (Depacking with wrong password leaves 0 length files). 336 (cmb) 337 33815 Sep 2016, PHP 5.6.26 339 340- Core: 341 . Fixed bug #72907 (null pointer deref, segfault in gc_remove_zval_from_buffer 342 (zend_gc.c:260)). (Laruence) 343 344- Dba: 345 . Fixed bug #71514 (Bad dba_replace condition because of wrong API usage). 346 (cmb) 347 . Fixed bug #70825 (Cannot fetch multiple values with group in ini file). 348 (cmb) 349 350- EXIF: 351 . Fixed bug #72926 (Uninitialized Thumbail Data Leads To Memory Leakage in 352 exif_process_IFD_in_TIFF). (Stas) 353 354- FTP: 355 . Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with 356 require_ssl_reuse). (Benedict Singer) 357 358- GD: 359 . Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor 360 images). (cmb) 361 . Fixed bug #72913 (imagecopy() loses single-color transparency on palette 362 images). (cmb) 363 . Fixed bug #68716 (possible resource leaks in _php_image_convert()). (cmb) 364 365- Intl: 366 . Fixed bug #73007 (add locale length check). (Stas) 367 368- JSON: 369 . Fixed bug #72787 (json_decode reads out of bounds). (Jakub Zelenka) 370 371- mbstring: 372 . Fixed bug #66797 (mb_substr only takes 32-bit signed integer). (cmb) 373 . Fixed bug #72910 (Out of bounds heap read in mbc_to_code() / triggered by 374 mb_ereg_match()). (Stas) 375 376- MSSQL: 377 . Fixed bug #72039 (Use of uninitialised value on mssql_guid_string). (Kalle) 378 379- Mysqlnd: 380 . Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields). (Stas) 381 382- Phar: 383 . Fixed bug #72928 (Out of bound when verify signature of zip phar in 384 phar_parse_zipfile). (Stas) 385 . Fixed bug #73035 (Out of bound when verify signature of tar phar in 386 phar_parse_tarfile). (Stas) 387 388- PDO: 389 . Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY 390 returns false). (cmb) 391 392- PDO_pgsql: 393 . Implemented FR #72633 (Postgres PDO lastInsertId() should work without 394 specifying a sequence). (Pablo Santiago Sánchez, Matteo) 395 . Fixed bug #72759 (Regression in pgo_pgsql). (Anatol) 396 397- SPL: 398 . Fixed bug #73029 (Missing type check when unserializing SplArray). (Stas) 399 400- Standard: 401 . Fixed bug #72823 (strtr out-of-bound access). (cmb) 402 . Fixed bug #72278 (getimagesize returning FALSE on valid jpg). (cmb) 403 . Fixed bug #65550 (get_browser() incorrectly parses entries with "+" sign). 404 (cmb) 405 . Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory). 406 (cmb) 407 . Fixed bug #73011 (integer overflow in fgets cause heap corruption). (Stas) 408 . Fixed bug #73017 (memory corruption in wordwrap function). (Stas) 409 . Fixed bug #73045 (integer overflow in fgetcsv caused heap corruption). (Stas) 410 . Fixed bug #73052 (Memory Corruption in During Deserialized-object Destruction) 411 (Stas) 412 413- Streams: 414 . Fixed bug #72853 (stream_set_blocking doesn't work). (Laruence) 415 416- Wddx: 417 . Fixed bug #72860 (wddx_deserialize use-after-free). (Stas) 418 . Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas) 419 420- XML: 421 . Fixed bug #72085 (SEGV on unknown address zif_xml_parse). (cmb) 422 . Fixed bug #72927 (integer overflow in xml_utf8_encode). (Stas) 423 424- ZIP: 425 . Fixed bug #68302 (impossible to compile php with zip support). (cmb) 426 42718 Aug 2016, PHP 5.6.25 428 429- Bz2: 430 . Fixed bug #72837 (integer overflow in bzdecompress caused heap 431 corruption). (Stas) 432 433- Core: 434 . Fixed bug #70436 (Use After Free Vulnerability in unserialize()). 435 (Taoguang Chen) 436 . Fixed bug #72024 (microtime() leaks memory). (maroszek at gmx dot net) 437 . Fixed bug #72581 (previous property undefined in Exception after 438 deserialization). (Laruence) 439 . Implemented FR #72614 (Support "nmake test" on building extensions by 440 phpize). (Yuji Uchiyama) 441 . Fixed bug #72641 (phpize (on Windows) ignores PHP_PREFIX). 442 (Yuji Uchiyama) 443 . Fixed bug #72663 (Create an Unexpected Object and Don't Invoke 444 __wakeup() in Deserialization). (Stas) 445 . Fixed bug #72681 (PHP Session Data Injection Vulnerability). (Stas) 446 . Fixed URL rewriter partially. It would not rewrite '//example.com/' URL 447 unconditionally. Only requested host(HTTP_HOST) is rewritten. (Yasuo) 448 449- Calendar: 450 . Fixed bug #67976 (cal_days_month() fails for final month of the French 451 calendar). (cmb) 452 . Fixed bug #71894 (AddressSanitizer: global-buffer-overflow in 453 zif_cal_from_jd). (cmb) 454 455- Curl: 456 . Fixed bug #71144 (Segmentation fault when using cURL with ZTS). 457 (maroszek at gmx dot net) 458 . Fixed bug #71929 (Certification information (CERTINFO) data parsing error). 459 (Pierrick) 460 . Fixed bug #72807 (integer overflow in curl_escape caused heap 461 corruption). (Stas) 462 463- DOM: 464 . Fixed bug #66502 (DOM document dangling reference). (Sean Heelan, cmb) 465 466- Ereg: 467 . Fixed bug #72838 (Integer overflow lead to heap corruption in 468 sql_regcase). (Stas) 469 470- EXIF: 471 . Fixed bug #72627 (Memory Leakage In exif_process_IFD_in_TIFF). (Stas) 472 . Fixed bug #72735 (Samsung picture thumb not read (zero size)). (Kalle, Remi) 473 474- Filter: 475 . Fixed bug #71745 (FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8 476 range). (bugs dot php dot net at majkl578 dot cz) 477 478- FPM: 479 . Fixed bug #72575 (using --allow-to-run-as-root should ignore missing user). 480 (gooh) 481 482- GD: 483 . Fixed bug #43828 (broken transparency of imagearc for truecolor in 484 blendingmode). (cmb) 485 . Fixed bug #66555 (Always false condition in ext/gd/libgd/gdkanji.c). (cmb) 486 . Fixed bug #68712 (suspicious if-else statements). (cmb) 487 . Fixed bug #70315 (500 Server Error but page is fully rendered). (cmb) 488 . Fixed bug #72596 (imagetypes function won't advertise WEBP support). (cmb) 489 . Fixed bug #72604 (imagearc() ignores thickness for full arcs). (cmb) 490 . Fixed bug #72697 (select_colors write out-of-bounds). (Stas) 491 . Fixed bug #72709 (imagesetstyle() causes OOB read for empty $styles). (cmb) 492 . Fixed bug #72730 (imagegammacorrect allows arbitrary write access). (Stas) 493 . Fixed bug #72494 (imagecropauto out-of-bounds access). (Fernando, Pierre, 494 cmb) 495 496- Intl: 497 . Partially fixed #72506 (idn_to_ascii for UTS #46 incorrect for long domain 498 names). (cmb) 499 500- mbstring: 501 . Fixed bug #72691 (mb_ereg_search raises a warning if a match zero-width). 502 (cmb) 503 . Fixed bug #72693 (mb_ereg_search increments search position when a match 504 zero-width). (cmb) 505 . Fixed bug #72694 (mb_ereg_search_setpos does not accept a string's last 506 position). (cmb) 507 . Fixed bug #72710 (`mb_ereg` causes buffer overflow on regexp compile error). 508 (ju1ius) 509 510- OCI8: 511 . Fixed invalid handle error with Implicit Result Sets. (Chris Jones) 512 513- PCRE: 514 . Fixed bug #72688 (preg_match missing group names in matches). (cmb) 515 516- PDO_pgsql: 517 . Fixed bug #70313 (PDO statement fails to throw exception). (Matteo) 518 519- Reflection: 520 . Fixed bug #72222 (ReflectionClass::export doesn't handle array constants). 521 (Nikita Nefedov) 522 523- SNMP: 524 . Fixed bug #72708 (php_snmp_parse_oid integer overflow in memory 525 allocation). (djodjo at gmail dot com) 526 527- Standard: 528 . Fixed bug #72330 (CSV fields incorrectly split if escape char followed by 529 UTF chars). (cmb) 530 . Fixed bug #72836 (integer overflow in base64_decode). (Stas) 531 . Fixed bug #72848 (integer overflow in quoted_printable_encode). (Stas) 532 . Fixed bug #72849 (integer overflow in urlencode). (Stas) 533 . Fixed bug #72850 (integer overflow in php_uuencode). (Stas) 534 535- Streams: 536 . Fixed bug #41021 (Problems with the ftps wrapper). (vhuk) 537 . Fixed bug #54431 (opendir() does not work with ftps:// wrapper). (vhuk) 538 . Fixed bug #72667 (opendir() with ftp:// attempts to open data stream for 539 non-existent directories). (vhuk) 540 . Fixed bug #72764 (ftps:// opendir wrapper data channel encryption fails 541 with IIS FTP 7.5, 8.5). (vhuk) 542 . Fixed bug #72771 (ftps:// wrapper is vulnerable to protocol downgrade 543 attack). (Stas) 544 545- SPL: 546 . Fixed bug #72122 (IteratorIterator breaks '@' error suppression). (kinglozzer) 547 . Fixed bug #72646 (SplFileObject::getCsvControl does not return the escape 548 character). (cmb) 549 . Fixed bug #72684 (AppendIterator segfault with closed generator). (Pierrick) 550 551- SQLite3: 552 . Implemented FR #72653 (SQLite should allow opening with empty filename). 553 (cmb) 554 555- Wddx: 556 . Fixed bug #72142 (WDDX Packet Injection Vulnerability in 557 wddx_serialize_value()). (Taoguang Chen) 558 . Fixed bug #72749 (wddx_deserialize allows illegal memory access) (Stas) 559 . Fixed bug #72750 (wddx_deserialize null dereference). (Stas) 560 . Fixed bug #72790 (wddx_deserialize null dereference with invalid xml). 561 (Stas) 562 . Fixed bug #72799 (wddx_deserialize null dereference in 563 php_wddx_pop_element). (Stas) 564 56521 Jul 2016, PHP 5.6.24 566 567- Core: 568 . Fixed bug #71936 (Segmentation fault destroying HTTP_RAW_POST_DATA). 569 (mike dot laspina at gmail dot com, Remi) 570 . Fixed bug #72496 (Cannot declare public method with signature incompatible 571 with parent private method). (Pedro Magalhães) 572 . Fixed bug #72138 (Integer Overflow in Length of String-typed ZVAL). (Stas) 573 . Fixed bug #72513 (Stack-based buffer overflow vulnerability in 574 virtual_file_ex). (loianhtuan at gmail dot com) 575 . Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session 576 Deserialization). (taoguangchen at icloud dot com) 577 . Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and 578 applications). (CVE-2016-5385) (Stas) 579 580- bz2: 581 . Fixed bug #72447 (Type Confusion in php_bz2_filter_create()). (gogil at 582 stealien dot com). 583 . Fixed bug #72613 (Inadequate error handling in bzread()). (Stas) 584 585- Date: 586 . Fixed bug #66836 (DateTime::createFromFormat 'U' with pre 1970 dates fails 587 parsing). (derick) 588 589- EXIF: 590 . Fixed bug #50845 (exif_read_data() returns corrupted exif headers). 591 (Bartosz Dziewoński) 592 . Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE). 593 (Stas) 594 . Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment). 595 (Stas) 596 597- GD: 598 . Fixed bug #43475 (Thick styled lines have scrambled patterns). (cmb) 599 . Fixed bug #53640 (XBM images require width to be multiple of 8). (cmb) 600 . Fixed bug #64641 (imagefilledpolygon doesn't draw horizontal line). (cmb) 601 . Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read 602 access). (Pierre) 603 . Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre) 604 . Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()). 605 (CVE-2016-6207) (Pierre) 606 607- Intl: 608 . Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas) 609 610- OpenSSL: 611 . Fixed bug #71915 (openssl_random_pseudo_bytes is not fork-safe). 612 (Jakub Zelenka) 613 . Fixed bug #72336 (openssl_pkey_new does not fail for invalid DSA params). 614 (Jakub Zelenka) 615 616- SNMP: 617 . Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and 618 unserialize()). (taoguangchen at icloud dot com) 619 620- SPL: 621 . Fixed bug #55701 (GlobIterator throws LogicException). (Valentin VĂLCIU) 622 623- SQLite3: 624 . Fixed bug #70628 (Clearing bindings on an SQLite3 statement doesn't work). 625 (cmb) 626 627- Streams: 628 . Fixed bug #72439 (Stream socket with remote address leads to a segmentation 629 fault). (Laruence) 630 631- Xmlrpc: 632 . Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c). 633 (Stas) 634 635- Zip: 636 . Fixed bug #72520 (Stack-based buffer overflow vulnerability in 637 php_stream_zip_opener). (loianhtuan at gmail dot com) 638 63923 Jun 2016, PHP 5.6.23 640 641- Core: 642 . Fixed bug #72268 (Integer Overflow in nl2br()). (Stas) 643 . Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/ 644 json_utf8_to_utf16()). (Stas) 645 . Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas) 646 . Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas) 647 648- Date: 649 . Fixed bug #63740 (strtotime seems to use both sunday and monday as start of 650 week). (Derick) 651 652- GD: 653 . Fixed bug #66387 (Stack overflow with imagefilltoborder). (CVE-2015-8874) 654 (cmb) 655 . Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas) 656 . Fixed bug #72337 (invalid dimensions can lead to crash). (Pierre) 657 . Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in 658 heap overflow). (CVE-2016-5766) (Pierre) 659 . Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas) 660 . Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting 661 in heap overflow). (CVE-2016-5767) (Pierre) 662 663- Intl: 664 . Fixed bug #70484 (selectordinal doesn't work with named parameters). 665 (Anatol) 666 667- mbstring: 668 . Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). 669 (CVE-2016-5768) (Stas) 670 671- mcrypt: 672 . Fixed bug #72455 (Heap Overflow due to integer overflows). (CVE-2016-5769) 673 (Stas) 674 675- OpenSSL: 676 . Fixed bug #72140 (segfault after calling ERR_free_strings()). 677 (Jakub Zelenka) 678 679- Phar: 680 . Fixed bug #72321 (invalid free in phar_extract_file()). 681 (hji at dyntopia dot com) 682 683- SPL: 684 . Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). 685 (CVE-2016-5770) (Stas) 686 . Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and 687 unserialize). (CVE-2016-5771) (Dmitry) 688 689- WDDX: 690 . Fixed bug #72340 (Double Free Courruption in wddx_deserialize). 691 (CVE-2016-5772) (Stas) 692 693- zip: 694 . Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC 695 algorithm and unserialize). (CVE-2016-5773) (Dmitry) 696 69726 May 2016, PHP 5.6.22 698 699- Core: 700 . Fixed bug #72172 (zend_hex_strtod should not use strlen). 701 (bwitz at hotmail dot com ) 702 . Fixed bug #72114 (Integer underflow / arbitrary null write in 703 fread/gzread). (CVE-2016-5096) (Stas) 704 . Fixed bug #72135 (Integer Overflow in php_html_entities). (CVE-2016-5094) 705 (Stas) 706 707- GD: 708 . Fixed bug #72227 (imagescale out-of-bounds read). (CVE-2013-7456) (Stas) 709 710- Intl 711 . Fixed bug #64524 (Add intl.use_exceptions to php.ini-*). (Anatol) 712 . Fixed bug #72241 (get_icu_value_internal out-of-bounds read). 713 (CVE-2016-5093) (Stas) 714 715- Postgres: 716 . Fixed bug #72151 (mysqli_fetch_object changed behaviour). (Anatol) 717 71828 Apr 2016, PHP 5.6.21 719 720- Core: 721 . Fixed bug #69537 (__debugInfo with empty string for key gives error). 722 (krakjoe) 723 . Fixed bug #71841 (EG(error_zval) is not handled well). (Laruence) 724 725- BCmath: 726 . Fixed bug #72093 (bcpowmod accepts negative scale and corrupts 727 _one_ definition). (Stas) 728 729- Curl: 730 . Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string). 731 (Michael Sierks) 732 733- Date: 734 . Fixed bug #71889 (DateInterval::format Segmentation fault). (Thomas Punt) 735 736- EXIF: 737 . Fixed bug #72094 (Out of bounds heap read access in exif header processing). (Stas) 738 739- GD: 740 . Fixed bug #71952 (Corruption inside imageaffinematrixget). (Stas) 741 . Fixed bug #71912 (libgd: signedness vulnerability). (CVE-2016-3074) (Stas) 742 743- Intl: 744 . Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative 745 offset). (Stas) 746 747- OCI8: 748 . Fixed bug #71422 (Fix ORA-01438: value larger than specified precision 749 allowed for this column). (Chris Jones) 750 751- ODBC: 752 . Fixed bug #63171 (Script hangs after max_execution_time). (Remi) 753 754- Opcache: 755 . Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER). 756 (Laruence) 757 758- PDO: 759 . Fixed bug #52098 (Own PDOStatement implementation ignore __call()). 760 (Daniel Kalaspuffar, Julien) 761 . Fixed bug #71447 (Quotes inside comments not properly handled). (Matteo) 762 763- Postgres: 764 . Fixed bug #71820 (pg_fetch_object binds parameters before call 765 constructor). (Anatol) 766 767- SPL: 768 . Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails 769 offsetExists()). (Nikita) 770 771- Standard: 772 . Fixed bug #71840 (Unserialize accepts wrongly data). (Ryat, Laruence) 773 . Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or 774 _REENTRANT is not defined). (Nikita) 775 776- XML: 777 . Fixed bug #72099 (xml_parse_into_struct segmentation fault). (Stas) 778 77931 Mar 2016, PHP 5.6.20 780 781- CLI Server: 782 . Fixed bug #69953 (Support MKCALENDAR request method). (Christoph) 783 784- Core: 785 . Fixed bug #71596 (Segmentation fault on ZTS with date function 786 (setlocale)). (Anatol) 787 788- Curl: 789 . Fixed bug #71694 (Support constant CURLM_ADDED_ALREADY). (mpyw) 790 791- Date: 792 . Fixed bug #71635 (DatePeriod::getEndDate segfault). (Thomas Punt) 793 794- Fileinfo: 795 . Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic 796 file). (CVE-2015-8865) (Anatol) 797 798- Mbstring: 799 . Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in 800 mbfl_strcut). (CVE-2016-4073) (Stas) 801 802- ODBC: 803 . Fixed bug #47803, #69526 (Executing prepared statements is succesfull only 804 for the first two statements). (einavitamar at gmail dot com, Anatol) 805 . Fixed bug #71860 (Invalid memory write in phar on filename with \0 in 806 name). (CVE-2016-4072) (Stas) 807 808- PDO_DBlib: 809 . Fixed bug #54648 (PDO::MSSQL forces format of datetime fields). 810 (steven dot lambeth at gmx dot de, Anatol) 811 812- Phar: 813 . Fixed bug #71625 (Crash in php7.dll with bad phar filename). (Anatol) 814 . Fixed bug #71504 (Parsing of tar file with duplicate filenames causes 815 memory leak). (Jos Elstgeest) 816 817- SNMP: 818 . Fixed bug #71704 (php_snmp_error() Format String Vulnerability). 819 (CVE-2016-4071) (andrew at jmpesp dot org) 820 821- Standard: 822 . Fixed bug #71798 (Integer Overflow in php_raw_url_encode). 823 (CVE-2016-4070) (taoguangchen at icloud dot com, Stas) 824 82503 Mar 2016, PHP 5.6.19 826 827- CLI server: 828 . Fixed bug #71559 (Built-in HTTP server, we can download file in web by bug). 829 (Johannes, Anatol) 830 831- CURL: 832 . Fixed bug #71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes 833 while curl_multi_exec). (Laruence) 834 835- Date: 836 . Fixed bug #68078 (Datetime comparisons ignore microseconds). (Willem-Jan 837 Zijderveld) 838 . Fixed bug #71525 (Calls to date_modify will mutate timelib_rel_time, 839 causing date_date_set issues). (Sean DuBois) 840 841- Fileinfo: 842 . Fixed bug #71434 (finfo throws notice for specific python file). (Laruence) 843 844- FPM: 845 . Fixed bug #62172 (FPM not working with Apache httpd 2.4 balancer/fcgi 846 setup). (Matt Haught, Remi) 847 848- Opcache: 849 . Fixed bug #71584 (Possible use-after-free of ZCG(cwd) in Zend Opcache). 850 (Yussuf Khalil) 851 852- PDO MySQL: 853 . Fixed bug #71569 (#70389 fix causes segmentation fault). (Nikita) 854 855- Phar: 856 . Fixed bug #71498 (Out-of-Bound Read in phar_parse_zipfile()). (Stas) 857 858- Standard: 859 . Fixed bug #70720 (strip_tags improper php code parsing). (Julien) 860 861- WDDX: 862 . Fixed bug #71587 (Use-After-Free / Double-Free in WDDX Deserialize). (Stas) 863 864- XSL: 865 . Fixed bug #71540 (NULL pointer dereference in xsl_ext_function_php()). 866 (Stas) 867 868- Zip: 869 . Fixed bug #71561 (NULL pointer dereference in Zip::ExtractTo). (Laruence) 870 87104 Feb 2016, PHP 5.6.18 872 873- Core: 874 . Fixed bug #71039 (exec functions ignore length but look for NULL 875 termination). (Anatol) 876 . Fixed bug #71089 (No check to duplicate zend_extension). (Remi) 877 . Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol) 878 . Added support for new HTTP 451 code. (Julien) 879 . Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash). 880 (Anatol) 881 . Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its 882 input). (Leo Gaspard) 883 . Fixed bug #71459 (Integer overflow in iptcembed()). (Stas) 884 885- Apache2handler: 886 . Fix >2G Content-Length headers in apache2handler. (Adam Harvey) 887 888- FTP: 889 . Implemented FR #55651 (Option to ignore the returned FTP PASV address). 890 (abrender at elitehosts dot com) 891 892- Opcache: 893 . Fixed bug #71127 (Define in auto_prepend_file is overwrite). (Laruence) 894 . Fixed bug #71024 (Unable to use PHP 7.0 x64 side-by-side with PHP 5.6 x32 895 on the same server). (Anatol) 896 897- PCRE: 898 . Upgraded bundled PCRE library to 8.38. (CVE-2015-8383, CVE-2015-8386, 899 CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, 900 CVE-2015-8394) 901 902- Phar: 903 . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (CVE-2016-4342) 904 (Stas) 905 . Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()). 906 (CVE-2016-4343) (Stas) 907 . Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()). 908 (Stas) 909 . Fixed bug #71488 (Stack overflow when decompressing tar archives). 910 (CVE-2016-2554) (Stas) 911 912- Session: 913 . Fixed bug #69111 (Crash in SessionHandler::read()). (Anatol) 914 915- SOAP: 916 . Fixed bug #70979 (crash with bad soap request). (Anatol) 917 918- SPL: 919 . Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading). 920 (Laruence) 921 922- WDDX: 923 . Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas) 924 92507 Jan 2016, PHP 5.6.17 926 927- Core: 928 . Fixed bug #66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky) 929 . Fixed bug #70958 (Invalid opcode while using ::class as trait method 930 paramater default value). (Laruence) 931 . Fixed bug #70957 (self::class can not be resolved with reflection for 932 abstract class). (Laruence) 933 . Fixed bug #70944 (try{ } finally{} can create infinite chains of 934 exceptions). (Laruence) 935 . Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol: 936 php_register_internal_extensions). (Lior Kaplan) 937 938- FPM: 939 . Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas) 940 941- GD: 942 . Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index 943 Out of Bounds). (CVE-2016-1903) (emmanuel dot law at gmail dot com) 944 945- Mysqlnd: 946 . Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction). 947 (Laruence) 948 949- SOAP: 950 . Fixed bug #70900 (SoapClient systematic out of memory error). (Dmitry) 951 952- Standard: 953 . Fixed bug #70960 (ReflectionFunction for array_unique returns wrong number 954 of parameters). (Laruence) 955 956- PDO_Firebird: 957 . Fixed bug #60052 (Integer returned as a 64bit integer on X64_86). (Mariuz) 958 959- WDDX: 960 . Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet 961 Deserialization). (taoguangchen at icloud dot com) 962 . Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion 963 Vulnerability). (taoguangchen at icloud dot com) 964 965- XMLRPC: 966 . Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()). 967 (Julien) 968 96926 Nov 2015, PHP 5.6.16 970 971- Core: 972 . Fixed bug #70828 (php-fpm 5.6 with opcache crashes when referencing a 973 non-existent constant). (Laruence) 974 . Fixed bug #70748 (Segfault in ini_lex () at Zend/zend_ini_scanner.l). 975 (Laruence) 976 977- Mysqlnd: 978 . Fixed bug #68344 (MySQLi does not provide way to disable peer certificate 979 validation) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT 980 connection flag. (Andrey) 981 982- OCI8: 983 . Fixed bug #68298 (OCI int overflow). (Senthil) 984 985- PDO_DBlib: 986 . Fixed bug #69757 (Segmentation fault on nextRowset). 987 (miracle at rpz dot name) 988 989- SOAP: 990 . Fixed bug #70875 (Segmentation fault if wsdl has no targetNamespace 991 attribute). (Matteo) 992 993- SPL: 994 . Fixed bug #70852 (Segfault getting NULL offset of an ArrayObject). 995 (Reeze Xia) 996 99729 Oct 2015, PHP 5.6.15 998 999- Core: 1000 . Fixed bug #70681 (Segfault when binding $this of internal instance method 1001 to null). (Nikita) 1002 . Fixed bug #70685 (Segfault for getClosure() internal method rebind with 1003 invalid $this). (Nikita) 1004 1005- Date: 1006 . Fixed bug #70619 (DateTimeImmutable segfault). (Laruence) 1007 1008- Mcrypt: 1009 . Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV was 1010 specified under RC4). (Nikita) 1011 1012- Mysqlnd: 1013 . Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the server). 1014 (Andrey) 1015 . Fixed bug #70572 segfault in mysqlnd_connect. (Andrey, Remi) 1016 1017- Opcache: 1018 . Fixed bug #70632 (Third one of segfault in gc_remove_from_buffer). 1019 (Laruence) 1020 . Fixed bug #70631 (Another Segfault in gc_remove_from_buffer()). (Laruence) 1021 . Fixed bug #70601 (Segfault in gc_remove_from_buffer()). (Laruence) 1022 . Fixed compatibility with Windows 10 (see also bug #70652). (Anatol) 1023 102401 Oct 2015, PHP 5.6.14 1025 1026- Core: 1027 . Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10 when 1028 building extensions). (Adam) 1029 1030- CLI server: 1031 . Fixed bug #68291 (404 on urls with '+'). (cmb) 1032 1033- DOM: 1034 . Fixed bug #70001 (Assigning to DOMNode::textContent does additional entity 1035 encoding). (cmb) 1036 1037- ldap: 1038 . Fixed bug #70465 (Bug in ldap_search() modifies LDAP_OPT_TIMELIMIT/DEREF's values). (Tyson Andre) 1039 . Fixed bug #69574 (ldap timeouts not enforced). (Côme Bernigaud) 1040 1041- Mysqlnd: 1042 . Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when connecting to 1043 a server). (Sergei Turchanov) 1044 1045- OpenSSL: 1046 . Fixed bug #55259 (openssl extension does not get the DH parameters from 1047 DH key resource). (Jakub Zelenka) 1048 . Fixed bug #70395 (Missing ARG_INFO for openssl_seal()). (cmb) 1049 . Fixed bug #60632 (openssl_seal fails with AES). (Jakub Zelenka) 1050 . Fixed bug #68312 (Lookup for openssl.cnf causes a message box). (Anatol) 1051 1052- PDO: 1053 . Fixed bug #70389 (PDO constructor changes unrelated variables). (Laruence) 1054 1055- Phar: 1056 . Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). 1057 (CVE-2015-7803) (Stas) 1058 . FIxed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip 1059 entry filename is "/"). (CVE-2015-7804) (Stas) 1060 1061- Phpdbg: 1062 . Fix phpdbg_break_next() sometimes not breaking. (Bob) 1063 1064- Standard: 1065 . Fixed bug #67131 (setcookie() conditional for empty values not met). (cmb) 1066 1067- Streams: 1068 . Fixed bug #70361 (HTTP stream wrapper doesn't close keep-alive connections). 1069 (Niklas Keller) 1070 1071- Zip: 1072 . Fixed bug #70322 (ZipArchive::close() doesn't indicate errors). (cmb) 1073 107403 Sep 2015, PHP 5.6.13 1075 1076- Core: 1077 . Fixed bug #69900 (Too long timeout on pipes). (Anatol) 1078 . Fixed bug #69487 (SAPI may truncate POST data). (cmb) 1079 . Fixed bug #70198 (Checking liveness does not work as expected). 1080 (Shafreeck Sea, Anatol Belski) 1081 . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). 1082 (CVE-2015-6834) (Stas) 1083 . Fixed bug #70219 (Use after free vulnerability in session deserializer). 1084 (CVE-2015-6835) (taoguangchen at icloud dot com) 1085 1086- CLI server: 1087 . Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE). 1088 (wusuopu, cmb) 1089 . Fixed bug #70264 (CLI server directory traversal). (cmb) 1090 1091- Date: 1092 . Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to 1093 be optional). (cmb) 1094 . Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte). 1095 (cmb) 1096 1097- EXIF: 1098 . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte 1099 value of 32 bytes). (Stas) 1100 1101- GMP: 1102 . Fixed bug #70284 (Use after free vulnerability in unserialize() with GMP). 1103 (stas) 1104 1105- hash: 1106 . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee 1107 at naver dot com) 1108 1109- MCrypt: 1110 . Fixed bug #69833 (mcrypt fd caching not working). (Anatol) 1111 1112- Opcache: 1113 . Fixed bug #70237 (Empty while and do-while segmentation fault with opcode 1114 on CLI enabled). (Dmitry, Laruence) 1115 1116- PCRE: 1117 . Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string 1118 match). (cmb) 1119 . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). 1120 (Anatol Belski) 1121 1122- SOAP: 1123 . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). 1124 (CVE-2015-6836) (Stas) 1125 1126- SPL: 1127 . Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via 1128 ob_start). (hugh at allthethings dot co dot nz) 1129 . Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). (cmb) 1130 . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with 1131 SplObjectStorage). (CVE-2015-6834) (taoguangchen at icloud dot com) 1132 . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with 1133 SplDoublyLinkedList). (CVE-2015-6834) (taoguangchen at icloud dot com) 1134 1135- Standard: 1136 . Fixed bug #70052 (getimagesize() fails for very large and very small WBMP). 1137 (cmb) 1138 . Fixed bug #70157 (parse_ini_string() segmentation fault with 1139 INI_SCANNER_TYPED). (Tjerk) 1140 1141- XSLT: 1142 . Fixed bug #69782 (NULL pointer dereference). (CVE-2015-6837, CVE-2015-6838) 1143 (Stas) 1144 1145- ZIP: 1146 . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when 1147 creating directories). (CVE-2014-9767) (neal at fb dot com) 1148 114906 Aug 2015, PHP 5.6.12 1150 1151- Core: 1152 . Fixed bug #70012 (Exception lost with nested finally block). (Laruence) 1153 . Fixed bug #70002 (TS issues with temporary dir handling). (Anatol) 1154 . Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive 1155 method calls). (Stas) 1156 . Fixed bug #69892 (Different arrays compare indentical due to integer key 1157 truncation). (Nikita) 1158 . Fixed bug #70121 (unserialize() could lead to unexpected methods execution 1159 / NULL pointer deref). (Stas) 1160 1161- CLI server: 1162 . Fixed bug #69655 (php -S changes MKCALENDAR request method to MKCOL). (cmb) 1163 . Fixed bug #64878 (304 responses return Content-Type header). (cmb) 1164 1165- GD: 1166 . Fixed bug #53156 (imagerectangle problem with point ordering). (cmb) 1167 . Fixed bug #66387 (Stack overflow with imagefilltoborder). (CVE-2015-8874) 1168 (cmb) 1169 . Fixed bug #70102 (imagecreatefromwebm() shifts colors). (cmb) 1170 . Fixed bug #66590 (imagewebp() doesn't pad to even length). (cmb) 1171 . Fixed bug #66882 (imagerotate by -90 degrees truncates image by 1px). (cmb) 1172 . Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory). (cmb) 1173 . Fixed bug #69024 (imagescale segfault with palette based image). (cmb) 1174 . Fixed bug #53154 (Zero-height rectangle has whiskers). (cmb) 1175 . Fixed bug #67447 (imagecrop() add a black line when cropping). (cmb) 1176 . Fixed bug #68714 (copy 'n paste error). (cmb) 1177 . Fixed bug #66339 (PHP segfaults in imagexbm). (cmb) 1178 . Fixed bug #70047 (gd_info() doesn't report WebP support). (cmb) 1179 1180- ODBC: 1181 . Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined 1182 columns). (CVE-2015-8879) (cmb) 1183 1184- OpenSSL: 1185 . Fixed bug #69882 (OpenSSL error "key values mismatch" after 1186 openssl_pkcs12_read with extra cert). (Tomasz Sawicki) 1187 . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically 1188 secure). (CVE-2015-8867) (Stas) 1189 1190- Phar: 1191 . Improved fix for bug #69441. (Anatol Belski) 1192 . Fixed bug #70019 (Files extracted from archive may be placed outside of 1193 destination directory). (CVE-2015-6833) (Anatol Belski) 1194 1195- SOAP: 1196 . Fixed bug #70081 (SoapClient info leak / null pointer dereference via 1197 multiple type confusions). (Stas) 1198 1199- SPL: 1200 . Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject 1201 items). (CVE-2015-6832) (sean.heelan) 1202 . Fixed bug #70166 (Use After Free Vulnerability in unserialize() with 1203 SPLArrayObject). (CVE-2015-6831) (taoguangchen at icloud dot com) 1204 . Fixed bug #70168 (Use After Free Vulnerability in unserialize() with 1205 SplObjectStorage). (CVE-2015-6831) (taoguangchen at icloud dot com) 1206 . Fixed bug #70169 (Use After Free Vulnerability in unserialize() with 1207 SplDoublyLinkedList). (CVE-2015-6831) (taoguangchen at icloud dot com) 1208 1209- Standard: 1210 . Fixed bug #70096 (Repeated iptcembed() adds superfluous FF bytes). (cmb) 1211 121209 Jul 2015, PHP 5.6.11 1213 1214- Core: 1215 . Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb) 1216 . Fixed bug #69703 (Use __builtin_clzl on PowerPC). 1217 (dja at axtens dot net, Kalle) 1218 . Fixed bug #69732 (can induce segmentation fault with basic php code). 1219 (Dmitry) 1220 . Fixed bug #69642 (Windows 10 reported as Windows 8). 1221 (Christian Wenz, Anatol Belski) 1222 . Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation 1223 fault). (Christoph M. Becker) 1224 . Fixed bug #69781 (phpinfo() reports Professional Editions of Windows 1225 7/8/8.1/10 as "Business"). (Christian Wenz) 1226 . Fixed bug #69740 (finally in generator (yield) swallows exception in 1227 iteration). (Nikita) 1228 . Fixed bug #69835 (phpinfo() does not report many Windows SKUs). 1229 (Christian Wenz) 1230 . Fixed bug #69892 (Different arrays compare indentical due to integer key 1231 truncation). (Nikita) 1232 . Fixed bug #69874 (Can't set empty additional_headers for mail()), regression 1233 from fix to bug #68776. (Yasuo) 1234 1235- GD: 1236 . Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb) 1237 1238- GMP: 1239 . Fixed bug #69803 (gmp_random_range() modifies second parameter if GMP 1240 number). (Nikita) 1241 1242- Mysqlnd: 1243 . Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM). (CVE-2015-3152) 1244 (Andrey) 1245 1246- PCRE: 1247 . Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the 1248 string). (cmb) 1249 . Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab) 1250 1251- PDO_pgsql: 1252 . Fixed bug #69752 (PDOStatement::execute() leaks memory with DML 1253 Statements when closeCuror() is u). (Philip Hofstetter) 1254 . Fixed bug #69362 (PDO-pgsql fails to connect if password contains a 1255 leading single quote). (Matteo) 1256 . Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps). 1257 (Matteo) 1258 1259- Phar: 1260 . Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). 1261 (CVE-2015-5589) (Stas) 1262 . Fixed bug #69923 (Buffer overflow and stack smashing error in 1263 phar_fix_filepath). (CVE-2015-5590) (Stas) 1264 1265- SimpleXML: 1266 . Refactored the fix for bug #66084 (simplexml_load_string() mangles empty 1267 node name). (Christoph Michael Becker) 1268 1269- SPL: 1270 . Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error). 1271 (Stas) 1272 . Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga). 1273 . Fixed bug #69970 (Use-after-free vulnerability in 1274 spl_recursive_it_move_forward_ex()). (Laruence) 1275 1276- Sqlite3: 1277 . Fixed bug #69972 (Use-after-free vulnerability in 1278 sqlite3SafetyCheckSickOrOk()). (Laruence) 1279 128011 Jun 2015, PHP 5.6.10 1281 1282- Core: 1283 . Fixed bug #66048 (temp. directory is cached during multiple requests). 1284 (Julien) 1285 . Fixed bug #69566 (Conditional jump or move depends on uninitialised value 1286 in extension trait). (jbboehr at gmail dot com) 1287 . Fixed bug #69599 (Strange generator+exception+variadic crash). (Nikita) 1288 . Fixed bug #69628 (complex GLOB_BRACE fails on Windows). 1289 (Christoph M. Becker) 1290 . Fixed POST data processing slowdown due to small input buffer size 1291 on Windows. (Jorge Oliveira, Anatol) 1292 . Fixed bug #69646 (OS command injection vulnerability in escapeshellarg). 1293 (CVE-2015-4642) (Anatol Belski) 1294 . Fixed bug #69719 (Incorrect handling of paths with NULs). (CVE-2015-4598) 1295 (Stas) 1296 1297- FTP 1298 . Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in 1299 heap overflow). (CVE-2015-4643) (Max Spelsberg) 1300 1301- GD: 1302 . Fixed bug #69479 (GD fails to build with newer libvpx). (Remi) 1303 1304- Iconv: 1305 . Fixed bug #48147 (iconv with //IGNORE cuts the string). (Stas) 1306 1307- Litespeed SAPI: 1308 . Fixed bug #68812 (Unchecked return value). (George Wang) 1309 1310- Mail: 1311 . Fixed bug #68776 (mail() does not have mail header injection prevention for 1312 additional headers). (Yasuo) 1313 1314- MCrypt: 1315 . Added file descriptor caching to mcrypt_create_iv() (Leigh) 1316 1317- Opcache 1318 . Fixed bug #69549 (Memory leak with opcache.optimization_level=0xFFFFFFFF). 1319 (Laruence, Dmitry) 1320 1321- PCRE 1322 . Upgraded pcrelib to 8.37. (CVE-2015-2325, CVE-2015-2326) 1323 1324- Phar: 1325 . Fixed bug #69680 (phar symlink in binary directory broken). 1326 (Matteo Bernardini, Remi) 1327 1328- Postgres: 1329 . Fixed bug #69667 (segfault in php_pgsql_meta_data). (CVE-2015-4644) (Remi) 1330 1331- Sqlite3: 1332 . Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415, 1333 CVE-2015-3416) (Kaplan) 1334 133514 May 2015, PHP 5.6.9 1336 1337- Core: 1338 . Fixed bug #69467 (Wrong checked for the interface by using Trait). 1339 (Laruence) 1340 . Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence) 1341 . Fixed bug #60022 ("use statement [...] has no effect" depends on leading 1342 backslash). (Nikita) 1343 . Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer). 1344 (Dmitry) 1345 . Fixed bug #68652 (segmentation fault in destructor). (Dmitry) 1346 . Fixed bug #69419 (Returning compatible sub generator produces a warning). 1347 (Nikita) 1348 . Fixed bug #69472 (php_sys_readlink ignores misc errors from 1349 GetFinalPathNameByHandleA). (Jan Starke) 1350 . Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). 1351 (CVE-2015-4024) (Stas) 1352 . Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). 1353 (Stas) 1354 . Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (CVE-2015-4025) 1355 (Stas) 1356 . Fixed bug #69522 (heap buffer overflow in unpack()). (Stas) 1357 1358- FTP: 1359 . Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap 1360 overflow). (CVE-2015-4022) (Stas) 1361 1362- ODBC: 1363 . Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0). 1364 (Anatol) 1365 . Fixed bug #69474 (ODBC: Query with same field name from two tables returns 1366 incorrect result). (Anatol) 1367 . Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall, 1368 Anatol Belski) 1369 1370- OpenSSL: 1371 . Fixed bug #69402 (Reading empty SSL stream hangs until timeout). 1372 (Daniel Lowrey) 1373 1374- PCNTL: 1375 . Fixed bug #68598 (pcntl_exec() should not allow null char). (CVE-2015-4026) 1376 (Stas) 1377 1378- Phar: 1379 . Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry 1380 filename starts with null). (CVE-2015-4021) (Stas) 1381 138216 Apr 2015, PHP 5.6.8 1383 1384- Core: 1385 . Fixed bug #66609 (php crashes with __get() and ++ operator in some cases). 1386 (Dmitry, Laruence) 1387 . Fixed bug #68021 (get_browser() browser_name_regex returns non-utf-8 1388 characters). (Tjerk) 1389 . Fixed bug #68917 (parse_url fails on some partial urls). (Wei Dai) 1390 . Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM 1391 configuration options). (Anatol Belski) 1392 . Additional fix for bug #69152 (Type confusion vulnerability in 1393 exception::getTraceAsString). (Stas) 1394 . Fixed bug #69210 (serialize function return corrupted data when sleep has 1395 non-string values). (Juan Basso) 1396 . Fixed bug #69212 (Leaking VIA_HANDLER func when exception thrown in 1397 __call/... arg passing). (Nikita) 1398 . Fixed bug #69221 (Segmentation fault when using a generator in combination 1399 with an Iterator). (Nikita) 1400 . Fixed bug #69337 (php_stream_url_wrap_http_ex() type-confusion 1401 vulnerability). (Stas) 1402 . Fixed bug #69353 (Missing null byte checks for paths in various PHP 1403 extensions). (Stas) 1404 1405- Apache2handler: 1406 . Fixed bug #69218 (potential remote code execution with apache 2.4 1407 apache2handler). (Gerrit Venema) 1408 1409- cURL: 1410 . Implemented FR#69278 (HTTP2 support). (Masaki Kagaya) 1411 . Fixed bug #68739 (Missing break / control flow). (Laruence) 1412 . Fixed bug #69316 (Use-after-free in php_curl related to 1413 CURLOPT_FILE/_INFILE/_WRITEHEADER). (Laruence) 1414 1415- Date: 1416 . Fixed bug #69336 (Issues with "last day of <monthname>"). (Derick Rethans) 1417 1418- Enchant: 1419 . Fixed bug #65406 (Enchant broker plugins are in the wrong place in windows 1420 builds). (Anatol) 1421 1422- Ereg: 1423 . Fixed bug #68740 (NULL Pointer Dereference). (Laruence) 1424 1425- Fileinfo: 1426 . Fixed bug #68819 (Fileinfo on specific file causes spurious OOM and/or 1427 segfault). (Anatol Belski) 1428 1429- Filter: 1430 . Fixed bug #69202 (FILTER_FLAG_STRIP_BACKTICK ignored unless other 1431 flags are used). (Jeff Welch) 1432 . Fixed bug #69203 (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII 127). (Jeff 1433 Welch) 1434 1435- Mbstring: 1436 . Fixed bug #68846 (False detection of CJK Unified Ideographs Extension E). 1437 (Masaki Kagaya) 1438 1439- OPCache: 1440 . Fixed bug #69297 (function_exists strange behavior with OPCache on 1441 disabled function). (Laruence) 1442 . Fixed bug #69281 (opcache_is_script_cached no longer works). (danack) 1443 . Fixed bug #68677 (Use After Free). (CVE-2015-1351) (Laruence) 1444 1445- OpenSSL: 1446 . Fixed bugs #68853, #65137 (Buffered crypto stream data breaks IO polling 1447 in stream_select() contexts) (Chris Wright) 1448 . Fixed bug #69197 (openssl_pkcs7_sign handles default value incorrectly) 1449 (Daniel Lowrey) 1450 . Fixed bug #69215 (Crypto servers should send client CA list) 1451 (Daniel Lowrey) 1452 . Add a check for RAND_egd to allow compiling against LibreSSL (Leigh) 1453 1454- Phar: 1455 . Fixed bug #64343 (PharData::extractTo fails for tarball created by BSD tar). 1456 (Mike) 1457 . Fixed bug #64931 (phar_add_file is too restrictive on filename). (Mike) 1458 . Fixed bug #65467 (Call to undefined method cli_arg_typ_string). (Mike) 1459 . Fixed bug #67761 (Phar::mapPhar fails for Phars inside a path containing 1460 ".tar"). (Mike) 1461 . Fixed bug #69324 (Buffer Over-read in unserialize when parsing Phar). (Stas) 1462 . Fixed bug #69441 (Buffer Overflow when parsing tar/zip/phar in 1463 phar_set_inode). (Stas) 1464 1465- Postgres: 1466 . Fixed bug #68741 (Null pointer dereference). (CVE-2015-1352) (Laruence) 1467 1468- SOAP: 1469 . Fixed bug #69152 (Type Confusion Infoleak Vulnerability in unserialize() 1470 with SoapFault). (Dmitry) 1471 . Fixed bug #69293 (NEW segfault when using SoapClient::__setSoapHeader 1472 (bisected, regression)). (Laruence) 1473 1474- SPL: 1475 . Fixed bug #69227 (Use after free in zval_scan caused by 1476 spl_object_storage_get_gc). (adam dot scarr at 99designs dot com) 1477 1478- Sqlite3: 1479 . Fixed bug #68760 (SQLITE segfaults if custom collator throws an exception). 1480 (Dan Ackroyd) 1481 . Fixed bug #69287 (Upgrade bundled libsqlite to 3.8.8.3). (Anatol) 1482 . Fixed bug #66550 (SQLite prepared statement use-after-free). (Sean Heelan) 1483 148419 Mar 2015, PHP 5.6.7 1485 1486- Core: 1487 . Fixed bug #69174 (leaks when unused inner class use traits precedence). 1488 (Laruence) 1489 . Fixed bug #69139 (Crash in gc_zval_possible_root on unserialize). 1490 (Laruence) 1491 . Fixed bug #69121 (Segfault in get_current_user when script owner is not 1492 in passwd with ZTS build). (dan at syneto dot net) 1493 . Fixed bug #65593 (Segfault when calling ob_start from output buffering 1494 callback). (Mike) 1495 . Fixed bug #68986 (pointer returned by php_stream_fopen_temporary_file 1496 not validated in memory.c). (nayana at ddproperty dot com) 1497 . Fixed bug #68166 (Exception with invalid character causes segv). (Rasmus) 1498 . Fixed bug #69141 (Missing arguments in reflection info for some builtin 1499 functions). (kostyantyn dot lysyy at oracle dot com) 1500 . Fixed bug #68976 (Use After Free Vulnerability in unserialize()). 1501 (CVE-2015-2787) (Stas) 1502 . Fixed bug #69134 (Per Directory Values overrides PHP_INI_SYSTEM 1503 configuration options). (Anatol Belski) 1504 . Fixed bug #69207 (move_uploaded_file allows nulls in path). (CVE-2015-2348) 1505 (Stas) 1506 1507- CGI: 1508 . Fixed bug #69015 (php-cgi's getopt does not see $argv). (Laruence) 1509 1510- CLI: 1511 . Fixed bug #67741 (auto_prepend_file messes up __LINE__). (Reeze Xia) 1512 1513- cURL: 1514 . Fixed bug #69088 (PHP_MINIT_FUNCTION does not fully initialize cURL on 1515 Win32). (Grant Pannell) 1516 . Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported 1517 by libcurl. (Linus Unneback) 1518 1519- Ereg: 1520 . Fixed bug #69248 (heap overflow vulnerability in regcomp.c). (CVE-2015-2305) 1521 (Stas) 1522 1523- FPM: 1524 . Fixed bug #68822 (request time is reset too early). (honghu069 at 163 dot com) 1525 1526- ODBC: 1527 . Fixed bug #68964 (Allowed memory size exhausted with odbc_exec). (Anatol) 1528 1529- Opcache: 1530 . Fixed bug #69159 (Opcache causes problem when passing a variable variable 1531 to a function). (Dmitry, Laruence) 1532 . Fixed bug #69125 (Array numeric string as key). (Laruence) 1533 . Fixed bug #69038 (switch(SOMECONSTANT) misbehaves). (Laruence) 1534 1535- OpenSSL: 1536 . Fixed bug #68912 (Segmentation fault at openssl_spki_new). (Laruence) 1537 . Fixed bug #61285, #68329, #68046, #41631 (encrypted streams don't observe 1538 socket timeouts). (Brad Broerman) 1539 . Fixed bug #68920 (use strict peer_fingerprint input checks) 1540 (Daniel Lowrey) 1541 . Fixed bug #68879 (IP Address fields in subjectAltNames not used) 1542 (Daniel Lowrey) 1543 . Fixed bug #68265 (SAN match fails with trailing DNS dot) (Daniel Lowrey) 1544 . Fixed bug #67403 (Add signatureType to openssl_x509_parse) (Daniel Lowrey) 1545 . Fixed bug (#69195 Inconsistent stream crypto values across versions) 1546 (Daniel Lowrey) 1547 1548- pgsql: 1549 . Fixed bug #68638 (pg_update() fails to store infinite values). 1550 (william dot welter at 4linux dot com dot br, Laruence) 1551 1552- Readline: 1553 . Fixed bug #69054 (Null dereference in readline_(read|write)_history() without 1554 parameters). (Laruence) 1555 1556- SOAP: 1557 . Fixed bug #69085 (SoapClient's __call() type confusion through 1558 unserialize()). (CVE-2015-4147, CVE-2015-4148) (andrea dot palazzo at truel 1559 dot it, Laruence) 1560 1561- SPL: 1562 . Fixed bug #69108 ("Segmentation fault" when (de)serializing 1563 SplObjectStorage). (Laruence) 1564 . Fixed bug #68557 (RecursiveDirectoryIterator::seek(0) broken after 1565 calling getChildren()). (Julien) 1566 1567- ZIP: 1568 . Fixed bug #69253 (ZIP Integer Overflow leads to writing past heap 1569 boundary). (CVE-2015-2331) (Stas) 1570 157119 Feb 2015, PHP 5.6.6 1572 1573- Core: 1574 . Removed support for multi-line headers, as the are deprecated by RFC 7230. 1575 (Stas) 1576 . Fixed bug #67068 (getClosure returns somethings that's not a closure). 1577 (Danack at basereality dot com) 1578 . Fixed bug #68942 (Use after free vulnerability in unserialize() with 1579 DateTimeZone). (CVE-2015-0273) (Stas) 1580 . Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname 1581 buffer overflow). (Stas) 1582 . Fixed Bug #67988 (htmlspecialchars() does not respect default_charset 1583 specified by ini_set) (Yasuo) 1584 . Added NULL byte protection to exec, system and passthru. (Yasuo) 1585 1586- Dba: 1587 . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info) 1588 1589- Enchant: 1590 . Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()). 1591 (CVE-2014-9705) (Antony) 1592 1593- Fileinfo: 1594 . Fixed bug #68827 (Double free with disabled ZMM). (Joshua Rogers) 1595 . Fixed bug #67647 (Bundled libmagic 5.17 does not detect quicktime files 1596 correctly). (Anatol) 1597 . Fixed bug #68731 (finfo_buffer doesn't extract the correct mime with some 1598 gifs). (Anatol) 1599 1600- FPM: 1601 . Fixed bug #66479 (Wrong response to FCGI_GET_VALUES). (Frank Stolle) 1602 . Fixed bug #68571 (core dump when webserver close the socket). 1603 (redfoxli069 at gmail dot com, Laruence) 1604 1605- JSON: 1606 . Fixed bug #50224 (json_encode() does not always encode a float as a float) 1607 by adding JSON_PRESERVE_ZERO_FRACTION. (Juan Basso) 1608 1609- LIBXML: 1610 . Fixed bug #64938 (libxml_disable_entity_loader setting is shared 1611 between threads). (Martin Jansen) 1612 1613- Mysqli: 1614 . Fixed bug #68114 (linker error on some OS X machines with fixed 1615 width decimal support) (Keyur Govande) 1616 . Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient 1617 has rounding errors) (Keyur Govande) 1618 1619- Opcache: 1620 . Fixed bug with try blocks being removed when extended_info opcode 1621 generation is turned on. (Laruence) 1622 1623- PDO_mysql: 1624 . Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of 1625 named pipes). (steffenb198 at aol dot com) 1626 1627- Phar: 1628 . Fixed bug #68901 (use after free). (CVE-2015-2301) 1629 (bugreports at internot dot info) 1630 1631- Pgsql: 1632 . Fixed Bug #65199 (pg_copy_from() modifies input array variable) (Yasuo) 1633 1634- Session: 1635 . Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo) 1636 . Fixed Bug #66623 (no EINTR check on flock) (Yasuo) 1637 . Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo) 1638 1639- Sqlite3: 1640 . Fixed bug #68260 (SQLite3Result::fetchArray declares wrong 1641 required_num_args). (Julien) 1642 1643- Standard: 1644 . Fixed bug #65272 (flock() out parameter not set correctly in windows). 1645 (Daniel Lowrey) 1646 . Fixed bug #69033 (Request may get env. variables from previous requests 1647 if PHP works as FastCGI). (Anatol) 1648 1649- Streams: 1650 . Fixed bug which caused call after final close on streams filter. (Bob) 1651 165222 Jan 2015, PHP 5.6.5 1653 1654- Core: 1655 . Upgraded crypt_blowfish to version 1.3. (Leigh) 1656 . Fixed bug #60704 (unlink() bug with some files path). 1657 . Fixed bug #65419 (Inside trait, self::class != __CLASS__). (Julien) 1658 . Fixed bug #68536 (pack for 64bits integer is broken on bigendian). (Remi) 1659 . Fixed bug #55541 (errors spawn MessageBox, which blocks test automation). 1660 (Anatol) 1661 . Fixed bug #68297 (Application Popup provides too few information). (Anatol) 1662 . Fixed bug #65769 (localeconv() broken in TS builds). (Anatol) 1663 . Fixed bug #65230 (setting locale randomly broken). (Anatol) 1664 . Fixed bug #66764 (configure doesn't define EXPANDED_DATADIR / PHP_DATADIR 1665 correctly). (Ferenc) 1666 . Fixed bug #68583 (Crash in timeout thread). (Anatol) 1667 . Fixed bug #65576 (Constructor from trait conflicts with inherited 1668 constructor). (dunglas at gmail dot com) 1669 . Fixed bug #68676 (Explicit Double Free). (CVE-2014-9425) (Kalle) 1670 . Fixed bug #68710 (Use After Free Vulnerability in PHP's unserialize()). 1671 (CVE-2015-0231) (Stefan Esser) 1672 1673- CGI: 1674 . Fixed bug #68618 (out of bounds read crashes php-cgi). (CVE-2014-9427) 1675 (Stas) 1676 1677- CLI server: 1678 . Fixed bug #68745 (Invalid HTTP requests make web server segfault). (Adam) 1679 1680- cURL: 1681 . Fixed bug #67643 (curl_multi_getcontent returns '' when 1682 CURLOPT_RETURNTRANSFER isn't set). (Jille Timmermans) 1683 1684- Date: 1685 . Implemented FR #68268 (DatePeriod: Getter for start date, end date and 1686 interval). (Marc Bennewitz) 1687 1688- EXIF: 1689 . Fixed bug #68799: Free called on uninitialized pointer. (CVE-2015-0232) 1690 (Stas) 1691 1692- Fileinfo: 1693 . Fixed bug #68398 (msooxml matches too many archives). (Anatol) 1694 . Fixed bug #68665 (invalid free in libmagic). (Joshua Rogers, Anatol Belski) 1695 . Fixed bug #68671 (incorrect expression in libmagic). 1696 (Joshua Rogers, Anatol Belski) 1697 . Removed readelf.c and related code from libmagic sources 1698 (Remi, Anatol) 1699 . Fixed bug #68735 (fileinfo out-of-bounds memory access). (CVE-2014-9652) 1700 (Anatol) 1701 1702- FPM: 1703 . Fixed request #68526 (Implement POSIX Access Control List for UDS). (Remi) 1704 . Fixed bug #68751 (listen.allowed_clients is broken). (Remi) 1705 1706- GD: 1707 . Fixed bug #68601 (buffer read overflow in gd_gif_in.c). (CVE-2014-9709) 1708 (Jan Bee, Remi) 1709 . Fixed request #68656 (Report gd library version). (Remi) 1710 1711- mbstring: 1712 . Fixed bug #68504 (--with-libmbfl configure option not present on Windows). 1713 (Ashesh Vashi) 1714 1715- Opcache: 1716 . Fixed bug #68644 (strlen incorrect : mbstring + func_overload=2 +UTF-8 1717 + Opcache). (Laruence) 1718 . Fixed bug #67111 (Memory leak when using "continue 2" inside two foreach 1719 loops). (Nikita) 1720 1721- OpenSSL: 1722 . Improved handling of OPENSSL_KEYTYPE_EC keys. (Dominic Luechinger) 1723 1724- pcntl: 1725 . Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old handler 1726 when setting SIG_DFL). (Julien) 1727 1728- PCRE: 1729 . Fixed bug #66679 (Alignment Bug in PCRE 8.34 upstream). 1730 (Rainer Jung, Anatol Belski) 1731 1732- pgsql: 1733 . Fixed bug #68697 (lo_export return -1 on failure). (Ondřej Surý) 1734 1735- PDO: 1736 . Fixed bug #68371 (PDO#getAttribute() cannot be called with platform-specifi 1737 attribute names). (Matteo) 1738 1739- PDO_mysql: 1740 . Fixed bug #68424 (Add new PDO mysql connection attr to control multi 1741 statements option). (peter dot wolanin at acquia dot com) 1742 1743- SPL: 1744 . Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME 1745 breaks the RecursiveIterator). (Paul Garvin) 1746 . Fixed bug #68479 (Added escape parameter to SplFileObject::fputcsv). (Salathe) 1747 1748- SQLite: 1749 . Fixed bug #68120 (Update bundled libsqlite to 3.8.7.2). (Anatol) 1750 1751- Streams: 1752 . Fixed bug #68532 (convert.base64-encode omits padding bytes). 1753 (blaesius at krumedia dot de) 1754 175518 Dec 2014, PHP 5.6.4 1756 1757- Core: 1758 . Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks). 1759 (Adam) 1760 . Fixed bug #68104 (Segfault while pre-evaluating a disabled function). 1761 (Laruence) 1762 . Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly 1763 triggered). (Julien) 1764 . Fixed bug #68355 (Inconsistency in example php.ini comments). 1765 (Chris McCafferty) 1766 . Fixed bug #68370 ("unset($this)" can make the program crash). (Laruence) 1767 . Fixed bug #68422 (Incorrect argument reflection info for array_multisort()). 1768 (Alexander Lisachenko) 1769 . Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol) 1770 . Fixed bug #68446 (Array constant not accepted for array parameter default). 1771 (Bob, Dmitry) 1772 . Fixed bug #68594 (Use after free vulnerability in unserialize()). 1773 (CVE-2014-8142) (Stefan Esser) 1774 1775- Date: 1776 . Fixed day_of_week function as it could sometimes return negative values 1777 internally. (Derick) 1778 1779- FPM: 1780 . Fixed bug #68381 (fpm_unix_init_main ignores log_level). 1781 (David Zuelke, Remi) 1782 . Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all 1783 addresses). (Remi) 1784 . Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi) 1785 . Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi) 1786 . Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi) 1787 . Fixed bug #68452 (php-fpm man page is oudated). (Remi) 1788 . Fixed request #68458 (Change pm.start_servers default warning to 1789 notice). (David Zuelke, Remi) 1790 . Fixed bug #68463 (listen.allowed_clients can silently result 1791 in no allowed access). (Remi) 1792 . Fixed request #68391 (php-fpm conf files loading order). 1793 (Florian Margaine, Remi) 1794 . Fixed bug #68478 (access.log don't use prefix). (Remi) 1795 1796- Mcrypt: 1797 . Fixed possible read after end of buffer and use after free. (Dmitry) 1798 1799- GMP: 1800 . Fixed bug #68419 (build error with gmp 4.1). (Remi) 1801 1802- PDO_pgsql: 1803 . Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception 1804 when not in transaction) (Matteo) 1805 . Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving) 1806 (Matteo) 1807 1808- Session: 1809 . Fixed bug #68331 (Session custom storage callable functions not being called) 1810 (Yasuo Ohgaki) 1811 1812- SOAP: 1813 . Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes). 1814 (Laruence) 1815 1816- zlib: 1817 . Fixed bug #53829 (Compiling PHP with large file support will replace 1818 function gzopen by gzopen64) (Sascha Kettler, Matteo) 1819 182013 Nov 2014, PHP 5.6.3 1821 1822- Core: 1823 . Implemented 64-bit format codes for pack() and unpack(). (Leigh) 1824 . Fixed bug #51800 (proc_open on Windows hangs forever). (Anatol) 1825 . Fixed bug #67633 (A foreach on an array returned from a function not doing 1826 copy-on-write). (Nikita) 1827 . Fixed bug #67739 (Windows 8.1/Server 2012 R2 OS build number reported 1828 as 6.2 (instead of 6.3)). (Christian Wenz) 1829 . Fixed bug #67949 (DOMNodeList elements should be accessible through 1830 array notation) (Florian) 1831 . Fixed bug #68095 (AddressSanitizer reports a heap buffer overflow in 1832 php_getopt()). (Stas) 1833 . Fixed bug #68118 ($a->foo .= 'test'; can leave $a->foo undefined). (Nikita) 1834 . Fixed bug #68129 (parse_url() - incomplete support for empty usernames 1835 and passwords) (Tjerk) 1836 . Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in 1837 zend_hash_copy). (Dmitry) 1838 1839- CURL: 1840 . Add CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, and 1841 CURL_SSLVERSION_TLSv1_2 constants if supported by libcurl (Rasmus) 1842 1843- Fileinfo: 1844 . Fixed bug #66242 (libmagic: don't assume char is signed). (ArdB) 1845 . Fixed bug #68224 (buffer-overflow in libmagic/readcdf.c caught by 1846 AddressSanitizer). (Remi) 1847 . Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers). 1848 (CVE-2014-3710) (Remi) 1849 1850- FPM: 1851 . Fixed bug #65641 (PHP-FPM incorrectly defines the SCRIPT_NAME variable 1852 when using Apache, mod_proxy-fcgi and ProxyPass). (Remi) 1853 . Implemented FR #55508 (listen and listen.allowed_clients should take IPv6 1854 addresses). (Robin Gloster) 1855 1856- GD: 1857 . Fixed bug #65171 (imagescale() fails without height param). (Remi) 1858 1859- GMP: 1860 . Implemented gmp_random_range() and gmp_random_bits(). (Leigh) 1861 . Fixed bug #63595 (GMP memory management conflicts with other libraries 1862 using GMP). (Remi) 1863 1864- Mysqli: 1865 . Fixed bug #68114 (linker error on some OS X machines with fixed width 1866 decimal support) (Keyur Govande) 1867 1868- ODBC: 1869 . Fixed bug #68087 (ODBC not correctly reading DATE column when preceded by 1870 a VARCHAR column) (Keyur Govande) 1871 1872- OpenSSL: 1873 . Fixed bug #68074 (Allow to use system cipher list instead of hardcoded 1874 value). (Remi) 1875 1876- PDO_pgsql: 1877 . Fixed bug #68199 (PDO::pgsqlGetNotify doesn't support NOTIFY payloads) 1878 (Matteo, Alain Laporte) 1879 . Fixed bug #66584 (Segmentation fault on statement deallocation) (Matteo) 1880 1881- OpenSSL: 1882 . Revert regression introduced by fix of bug #41631 1883 1884- Reflection: 1885 . Fixed bug #68103 (Duplicate entry in Reflection for class alias). (Remi) 1886 1887- SPL: 1888 . Fixed bug #68128 (Regression in RecursiveRegexIterator) (Tjerk) 1889 189016 Oct 2014, PHP 5.6.2 1891 1892- Core: 1893 . Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). 1894 (CVE-2014-3669) (Stas) 1895 1896- cURL: 1897 . Fixed bug #68089 (NULL byte injection - cURL lib). (Stas) 1898 1899- EXIF: 1900 . Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670) 1901 (Stas) 1902 1903- XMLRPC: 1904 . Fixed bug #68027 (Global buffer overflow in mkgmtime() function). 1905 (CVE-2014-3668) (Stas) 1906 190702 Oct 2014, PHP 5.6.1 1908 1909- Core: 1910 . Implemented FR #38409 (parse_ini_file() looses the type of booleans). (Tjerk) 1911 . Fixed bug #65463 (SIGSEGV during zend_shutdown()). (Keyur Govande) 1912 . Fixed bug #66036 (Crash on SIGTERM in apache process). (Keyur Govande) 1913 . Fixed bug #67878 (program_prefix not honoured in man pages). (Remi) 1914 . Fixed bug #67938 (Segfault when extending interface method with variadic). 1915 (Nikita) 1916 . Fixed bug #67985 (Incorrect last used array index copied to new array after 1917 unset). (Tjerk) 1918 . Fixed bug #68088 (New Posthandler Potential Illegal efree() vulnerability). 1919 (Mike) (CVE-2014-3622) 1920 1921- DOM: 1922 . Made DOMNode::textContent writeable. (Tjerk) 1923 1924- Fileinfo: 1925 . Fixed bug #67731 (finfo::file() returns invalid mime type 1926 for binary files). (Anatol) 1927 1928- GD: 1929 . Made fontFetch's path parser thread-safe. (Sara) 1930 1931- GMP: 1932 . Fixed bug #67917 (Using GMP objects with overloaded operators can cause 1933 memory exhaustion). (Nikita) 1934 . Fixed bug #50175 (gmp_init() results 0 on given base and number starting 1935 with 0x or 0b). (Nikita) 1936 . Implemented gmp_import() and gmp_export(). (Leigh, Nikita) 1937 1938- MySQLi: 1939 . Fixed bug #67839 (mysqli does not handle 4-byte floats correctly). (Keyur) 1940 1941- OpenSSL: 1942 . Fixed bug #67850 (extension won't build if openssl compiled without SSLv3). 1943 (Daniel Lowrey) 1944 1945- phpdbg: 1946 . Fixed issue krakjoe/phpdbg#111 (compile error without ZEND_SIGNALS). (Bob) 1947 1948- SOAP: 1949 . Fixed bug #67955 (SoapClient prepends 0-byte to cookie names). (Philip Hofstetter) 1950 1951- Session: 1952 . Fixed bug #67972 (SessionHandler Invalid memory read create_sid()). (Adam) 1953 1954- Sysvsem: 1955 . Implemented FR #67990 (Add optional nowait argument to sem_acquire). 1956 (Matteo) 1957 195828 Aug 2014, PHP 5.6.0 1959 1960- Apache2 Handler SAPI: 1961 . Fixed Apache log issue caused by APR's lack of support for %zu 1962 (APR issue https://issues.apache.org/bugzilla/show_bug.cgi?id=56120). 1963 (Jeff Trawick) 1964 1965- CLI server: 1966 . Added some MIME types to the CLI web server. (Chris Jones) 1967 . Fixed bug #67079 (Missing MIME types for XML/XSL files). (Anatol) 1968 . Fixed bug #66830 (Empty header causes PHP built-in web server to hang). 1969 (Adam) 1970 . Fixed bug #67594 (Unable to access to apache_request_headers() elements). 1971 (Tjerk) 1972 . Implemented FR #67429 (CLI server is missing some new HTTP response codes). 1973 (Adam) 1974 . Fixed Bug #67406 (built-in web-server segfaults on startup). (Remi) 1975 1976- COM: 1977 . Fixed bug #41577 (DOTNET is successful once per server run) 1978 (Aidas Kasparas) 1979 . Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas). 1980 . Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)). (Anatol) 1981 1982- Core: 1983 . Improved phpinfo() stylesheets. (Colin Viebrock) 1984 . Fixed bug #67693 (incorrect push to the empty array). (Tjerk) 1985 . Removed inconsistency regarding behaviour of array in constants at 1986 run-time. (Bob) 1987 . Fixed bug #67497 (eval with parse error causes segmentation fault in 1988 generator). (Nikita) 1989 . Fixed bug #67151 (strtr with empty array crashes). (Nikita) 1990 . Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server 1991 2012). (Christian Wenz) 1992 . Fixed bug #66608 (Incorrect behavior with nested "finally" blocks). 1993 (Laruence, Dmitry) 1994 . Implemented FR #34407 (ucwords and Title Case). (Tjerk) 1995 . Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0). 1996 (Ferenc) 1997 . Fixed bug #67368 (Memory leak with immediately dereferenced array in class 1998 constant). (Laruence) 1999 . Fixed bug #67468 (Segfault in highlight_file()/highlight_string()). 2000 (Andreas Ferber) 2001 . Fixed bug #67498 (phpinfo() Type Confusion Information Leak Vulnerability). 2002 (Stefan Esser) 2003 . Fixed bug #67551 (php://input temp file will be located in sys_temp_dir 2004 instead of upload_tmp_dir). (Mike) 2005 . Fixed bug #67169 (array_splice all elements, then []= gives wrong index). 2006 (Nikita) 2007 . Fixed bug #67198 (php://input regression). (Mike) 2008 . Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas) 2009 . Fixed bug #67250 (iptcparse out-of-bounds read). (Stas) 2010 . Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas) 2011 . Fixed bug #67249 (printf out-of-bounds read). (Stas) 2012 . Implemented FR #64744 (Differentiate between member function call on a null 2013 and non-null, non-objects). (Boro Sitnikovski) 2014 . Fixed bug #67436 (Autoloader isn't called if two method definitions don't 2015 match). (Bob) 2016 . Fixed bug #66622 (Closures do not correctly capture the late bound class 2017 (static::) in some cases). (Levi Morrison) 2018 . Fixed bug #67390 (insecure temporary file use in the configure script). 2019 (Remi) (CVE-2014-3981) 2020 . Fixed bug #67392 (dtrace breaks argument unpack). (Nikita) 2021 . Fixed bug #67428 (header('Location: foo') will override a 308-399 response 2022 code). (Adam) 2023 . Fixed bug #67433 (SIGSEGV when using count() on an object implementing 2024 Countable). (Matteo) 2025 . Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas) 2026 . Expose get_debug_info class hook as __debugInfo() magic method. (Sara) 2027 . Implemented unified default encoding 2028 (RFC: https://wiki.php.net/rfc/default_encoding). (Yasuo Ohgaki) 2029 . Added T_POW (**) operator 2030 (RFC: https://wiki.php.net/rfc/pow-operator). (Tjerk Meesters) 2031 . Improved IS_VAR operands fetching. (Laruence, Dmitry) 2032 . Improved empty string handling. Now ZE uses an interned string instead of 2033 allocation new empty string each time. (Laruence, Dmitry) 2034 . Implemented internal operator overloading 2035 (RFC: https://wiki.php.net/rfc/operator_overloading_gmp). (Nikita) 2036 . Made calls from incompatible context issue an E_DEPRECATED warning instead 2037 of E_STRICT (phase 1 of RFC: https://wiki.php.net/rfc/incompat_ctx). 2038 (Gustavo) 2039 . Uploads equal or greater than 2GB in size are now accepted. 2040 (Ralf Lang, Mike) 2041 . Reduced POST data memory usage by 200-300%. Changed INI setting 2042 always_populate_raw_post_data to throw a deprecation warning when enabling 2043 and to accept -1 for never populating the $HTTP_RAW_POST_DATA global 2044 variable, which will be the default in future PHP versions. (Mike) 2045 . Implemented dedicated syntax for variadic functions 2046 (RFC: https://wiki.php.net/rfc/variadics). (Nikita) 2047 . Fixed bug #50333 Improving multi-threaded scalability by using 2048 emalloc/efree/estrdup (Anatol, Dmitry) 2049 . Implemented constant scalar expressions (with support for constants) 2050 (RFC: https://wiki.php.net/rfc/const_scalar_exprs). (Bob) 2051 . Fixed bug #65784 (Segfault with finally). (Laruence, Dmitry) 2052 . Fixed bug #66509 (copy() arginfo has changed starting from 5.4). (willfitch) 2053 . Allow zero length comparison in substr_compare() (Tjerk) 2054 . Fixed bug #60602 (proc_open() changes environment array) (Tjerk) 2055 . Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike) 2056 . Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace 2057 UNIX sockets). (Mike) 2058 . Fixed bug #66182 (exit in stream filter produces segfault). (Mike) 2059 . Fixed bug #66736 (fpassthru broken). (Mike) 2060 . Fixed bug #66822 (Cannot use T_POW in const expression) (Tjerk) 2061 . Fixed bug #67043 (substr_compare broke by previous change) (Tjerk) 2062 . Fixed bug #65701 (copy() doesn't work when destination filename is created 2063 by tempnam()). (Boro Sitnikovski) 2064 . Fixed bug #66015 (Unexpected array indexing in class's static property). (Bob) 2065 . Added (constant) string/array dereferencing to static scalar expressions 2066 to complete the set; now possible thanks to bug #66015 being fixed. (Bob) 2067 . Fixed bug #66568 (Update reflection information for unserialize() function). 2068 (Ferenc) 2069 . Fixed bug #66660 (Composer.phar install/update fails). (Ferenc) 2070 . Fixed bug #67024 (getimagesize should recognize BMP files with negative 2071 height). (Gabor Buella) 2072 . Fixed bug #67064 (Countable interface prevents using 2nd parameter 2073 ($mode) of count() function). (Bob) 2074 . Fixed bug #67072 (Echoing unserialized "SplFileObject" crash). (Anatol) 2075 . Fixed bug #67033 (Remove reference to Windows 95). (Anatol) 2076 2077- Curl: 2078 . Implemented FR #65646 (re-enable CURLOPT_FOLLOWLOCATION with open_basedir 2079 or safe_mode). (Adam) 2080 . Check for openssl.cafile ini directive when loading CA certs. (Daniel Lowrey) 2081 . Remove cURL close policy related constants as these have no effect and are 2082 no longer used in libcurl. (Chris Wright) 2083 . Fixed bug #66109 (Can't reset CURLOPT_CUSTOMREQUEST to default behaviour) 2084 (Tjerk) 2085 . Fix compilation on libcurl versions between 7.10.5 and 7.12.2, inclusive. 2086 (Adam) 2087 . Fixed bug #64247 (CURLOPT_INFILE doesn't allow reset). (Mike) 2088 . Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent). 2089 (Freek Lijten) 2090 2091- Date: 2092 . Fixed bug #66060 (Heap buffer over-read in DateInterval). (CVE-2013-6712) 2093 (Remi) 2094 . Fixed bug #66091 (memory leaks in DateTime constructor) (Tjerk). 2095 . Fixed bug #67308 (Serialize of DateTime truncates fractions of second). 2096 (Adam) 2097 . Fixed regression in fix for bug #67118 (constructor can't be called twice). 2098 (Remi) 2099 . Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas) 2100 . Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas) 2101 . Added DateTimeImmutable::createFromMutable to create a DateTimeImmutable 2102 object from an existing DateTime (mutable) object (Derick) 2103 . Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is 2104 supplied). (Boro Sitnikovski) 2105 . Fixed bug #67118 (DateTime constructor crash with invalid data). (Anatol) 2106 2107- DOM: 2108 . Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag, 2109 not only the subset). (Anatol) 2110 2111- Embed: 2112 . Fixed bug #65715 (php5embed.lib isn't provided anymore). (Anatol). 2113 2114- Fileinfo: 2115 . Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi) 2116 . Fixed bug #67705 (extensive backtracking in rule regular expression). 2117 (CVE-2014-3538) (Remi) 2118 . Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS). 2119 (CVE-2014-0238) 2120 . Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in 2121 performance degradation). (CVE-2014-0237) 2122 . Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check). 2123 (CVE-2014-0207) 2124 . Fixed bug #67329 (fileinfo: NULL pointer deference flaw by processing certain 2125 CDF files). (CVE-2014-0236) 2126 . Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal 2127 string size). (CVE-2014-3478) (Francisco Alonso, Jan Kaluza, Remi) 2128 . Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary 2129 check). (CVE-2014-3479) (Francisco Alonso, Jan Kaluza, Remi) 2130 . Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check). 2131 (CVE-2014-3480) (Francisco Alonso, Jan Kaluza, Remi) 2132 . Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary 2133 check). (CVE-2014-3487) (Francisco Alonso, Jan Kaluza, Remi) 2134 . Upgraded to libmagic-5.17 (Anatol) 2135 . Fixed bug #66731 (file: infinite recursion). (CVE-2014-1943) (Remi) 2136 . Fixed bug #66820 (out-of-bounds memory access in fileinfo). 2137 (CVE-2014-2270). (Remi) 2138 . Fixed bug #66946 (fileinfo: extensive backtracking in awk rule regular 2139 expression). (CVE-2013-7345) (Remi) 2140 . Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian). 2141 (Remi) 2142 . Fixed bug #66907 (Solaris 10 is missing strcasestr and needs substitute). 2143 (Anatol) 2144 . Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol) 2145 2146- FPM: 2147 . Fixed bug #67606 (revised fix 67541, broke mod_fastcgi BC). (David Zuelke) 2148 . Fixed bug #67530 (error_log=syslog ignored). (Remi) 2149 . Fixed bug #67635 (php links to systemd libraries without using pkg-config). 2150 (pacho at gentoo dot org, Remi) 2151 . Fixed bug #67531 (syslog cannot be set in pool configuration). (Remi) 2152 . Fixed bug #67541 (Fix Apache 2.4.10+ SetHandler proxy:fcgi:// 2153 incompatibilities). (David Zuelke) 2154 . Included apparmor support in fpm 2155 (RFC: https://wiki.php.net/rfc/fpm_change_hat). (Gernot Vormayr) 2156 . Added clear_env configuration directive to disable clearenv() call. 2157 (Github PR# 598, Paul Annesley) 2158 . Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf). 2159 . Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor). 2160 (Julio Pintos) 2161 . Fixed bug #67060 (sapi/fpm: possible privilege escalation due to insecure 2162 default configuration) (CVE-2014-0185). (Stas) 2163 2164- GD 2165 . Fixed bug #67730 (Null byte injection possible with imagexxx functions). 2166 (CVE-2014-5120) (Ryan Mauger) 2167 . Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference). 2168 (CVE-2014-2497) (Remi) 2169 . Fixed bug #67248 (imageaffinematrixget missing check of parameters). (Stas) 2170 . Fixed imagettftext to load the correct character map rather than the last one. 2171 (Scott) 2172 . Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()). 2173 (CVE-2013-7226) 2174 . Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer). 2175 (CVE-2013-7327). (Tomas Hoger, Remi). 2176 . Fixed bug #66869 (Invalid 2nd argument crashes imageaffinematrixget) (Pierre) 2177 . Fixed bug #66887 (imagescale - poor quality of scaled image). (Remi) 2178 . Fixed bug #66890 (imagescale segfault). (Remi) 2179 . Fixed bug #66893 (imagescale ignore method argument). (Remi) 2180 2181- GMP: 2182 . Fixed bug #66872 (invalid argument crashes gmp_testbit) (Pierre) 2183 . Fixed crashes in serialize/unserialize. (Stas) 2184 . Moved GMP to use object as the underlying structure and implemented various 2185 improvements based on this. 2186 (RFC: https://wiki.php.net/rfc/operator_overloading_gmp). (Nikita) 2187 . Added gmp_root() and gmp_rootrem() functions for calculating nth roots. 2188 (Nikita) 2189 2190- Hash: 2191 . Added gost-crypto (CryptoPro S-box) GOST hash algo. (Manuel Mausz) 2192 . Fixed bug #66698 (Missing FNV1a32 and FNV1a64 hash functions). 2193 (Michael M Slusarz). 2194 . Implemented timing attack safe string comparison function 2195 (RFC: https://wiki.php.net/rfc/timing_attack). (Rouven Weßling) 2196 . hash_pbkdf2() now works correctly if the $length argument is not specified. 2197 (Nikita) 2198 2199- Intl: 2200 . Fixed bug #66873 (A reproductible crash in UConverter when given invalid 2201 encoding) (Stas) 2202 . Fixed bug #66921 (Wrong argument type hint for function 2203 intltz_from_date_time_zone). (Stas) 2204 . Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting). 2205 (Stas) 2206 . Fixed bug #67349 (Locale::parseLocale Double Free). (Stas) 2207 . Fixed bug #67397 (Buffer overflow in locale_get_display_name and 2208 uloc_getDisplayName (libicu 4.8.1)). (Stas) 2209 2210- JSON: 2211 . Fixed case part of bug #64874 ("json_decode handles whitespace and 2212 case-sensitivity incorrectly") 2213 . Fixed bug #65753 (JsonSerializeable couldn't implement on module extension) 2214 (chobieeee@php.net) 2215 . Fixed bug #66021 (Blank line inside empty array/object when 2216 JSON_PRETTY_PRINT is set). (Kevin Israel) 2217 2218- ldap 2219 . Added new function ldap_modify_batch(). (Ondrej Hosek) 2220 . Fixed issue with null bytes in LDAP bindings. (Matthew Daley) 2221 2222- litespeed 2223 . Updated LiteSpeed SAPI code to V6.6 (George Wang) 2224 . Fixed bug #63228 (-Werror=format-security error in lsapi code). 2225 (Elan Ruusamäe, George) 2226 2227- Mail: 2228 . Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk) 2229 2230- Mcrypt: 2231 . No longer allow invalid key sizes, invalid IV sizes or missing required IV 2232 in mcrypt_encrypt, mcrypt_decrypt and the deprecated mode functions. 2233 (Nikita) 2234 . Use /dev/urandom as the default source for mcrypt_create_iv(). (Nikita) 2235 2236- Mbstring: 2237 . Upgraded to oniguruma 5.9.5 (Anatol) 2238 . Fixed bug #67199 (mb_regex_encoding mismatch). (Yasuo) 2239 2240- Milter: 2241 . Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike) 2242 2243- mysqli 2244 . Added new function mysqli_get_links_stats() as well as new INI variable 2245 mysqli.rollback_on_cached_plink of type bool (Andrey) 2246 . Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed) 2247 (Remi) 2248 . Fixed building against an external libmysqlclient. (Adam) 2249 2250- mysqlnd: 2251 . Disabled flag for SP OUT variables for 5.5+ servers as they are not natively 2252 supported by the overlying APIs. (Andrey) 2253 . Added a new fetching mode to mysqlnd. (Andrey) 2254 . Added support for gb18030 from MySQL 5.7. (Andrey) 2255 2256- Network: 2257 . Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi) 2258 . Fixed bug #67432 (Fix potential segfault in dns_get_record()). 2259 (CVE-2014-4049). (Sara) 2260 2261- OCI8 2262 . Fixed Bug #66875 (Improve performance of multi-row OCI_RETURN_LOB queries) 2263 (Perrier, Chris Jones) 2264 2265- ODBC: 2266 . Fixed bug #60616 (odbc_fetch_into returns junk at end of multi-byte char 2267 fields). (Keyur Govande) 2268 2269- OpenSSL: 2270 . Fixed bug #41631 (socket timeouts not honored in blocking SSL reads) 2271 (Daniel Lowrey). 2272 . Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas). 2273 . Fixed bug #67609 (TLS connections fail behind HTTP proxy). (Daniel Lowrey) 2274 . Fixed broken build against OpenSSL older than 0.9.8 where ECDH unavailable. 2275 (Lior Kaplan) 2276 . Fixed bug #67666 (Subject altNames doesn't support wildcard matching). (Tjerk) 2277 . Fixed bug #67224 (Fall back to crypto_type from context if not specified 2278 explicitly in stream_socket_enable_crypto). (Chris Wright) 2279 . Fixed bug #65698 (certificates validity parsing does not work past 2050). 2280 (Paul Oehler) 2281 . Fixed bug #66636 (openssl_x509_parse warning with V_ASN1_GENERALIZEDTIME). 2282 (Paul Oehler) 2283 . Peer certificates now verified by default in client socket operations 2284 (RFC: https://wiki.php.net/rfc/tls-peer-verification). (Daniel Lowrey) 2285 . New openssl.cafile and openssl.capath ini directives. (Daniel Lowrey) 2286 . Added crypto_method option for the ssl stream context. (Martin Jansen) 2287 . Added certificate fingerprint support. (Tjerk Meesters) 2288 . Added explicit TLSv1.1 and TLSv1.2 stream transports. (Daniel Lowrey) 2289 . Fixed bug #65729 (CN_match gives false positive). (Tjerk Meesters) 2290 . Peer name verification matches SAN DNS names for certs using 2291 the Subject Alternative Name x509 extension. (Daniel Lowrey) 2292 . Fixed segfault when built against OpenSSL>=1.0.1 (Daniel Lowrey) 2293 . Added SPKAC support. (Jason Gerfen) 2294 . Fallback to Windows CA cert store for peer verification if no openssl.cafile 2295 ini directive or "cafile" SSL context option specified in Windows. 2296 (Chris Wright) 2297 . The openssl.cafile and openssl.capath ini directives introduced in alpha2 2298 now have PHP_INI_PERDIR accessibility (was PHP_INI_ALL). (Daniel Lowrey) 2299 . New "peer_name" SSL context option replaces "CN_match" (which still works 2300 as before but triggers E_DEPRECATED). (Daniel Lowrey) 2301 . Fixed segfault when accessing non-existent context for client SNI use 2302 (Daniel Lowrey) 2303 . Fixed bug #66501 (Add EC key support to php_openssl_is_private_key). 2304 (Mark Zedwood) 2305 . Fixed Bug #47030 (add new boolean "verify_peer_name" SSL context option 2306 allowing clients to verify cert names separately from the cert itself). 2307 "verify_peer_name" is enabled by default for client streams. 2308 (Daniel Lowrey) 2309 . Fixed Bug #65538 ("cafile" SSL context option now supports stream 2310 wrappers). (Daniel Lowrey) 2311 . New openssl_get_cert_locations() function to aid CA file and peer 2312 verification debugging. (Daniel Lowrey) 2313 . Encrypted stream wrappers now disable TLS compression by default. 2314 (Daniel Lowrey) 2315 . New "capture_session_meta" SSL context option allows encrypted client and 2316 server streams access to negotiated protocol/cipher information. 2317 (Daniel Lowrey) 2318 . New "honor_cipher_order" SSL context option allows servers to prioritize 2319 cipher suites of their choosing when negotiating SSL/TLS handshakes. 2320 (Daniel Lowrey) 2321 . New "single_ecdh_use" and "single_dh_use" SSL context options allow for 2322 improved forward secrecy in encrypted stream servers. (Daniel Lowrey) 2323 . New "dh_param" SSL context option allows stream servers control over 2324 the parameters when negotiating DHE cipher suites. (Daniel Lowrey) 2325 . New "ecdh_curve" SSL context option allowing stream servers to specify 2326 the curve to use when negotiating ephemeral ECDHE ciphers (defaults to 2327 NIST P-256). (Daniel Lowrey) 2328 . New "rsa_key_size" SSL context option gives stream servers control 2329 over the key size (in bits) used for RSA key agreements. (Daniel Lowrey) 2330 . Crypto methods for encrypted client and server streams now use 2331 bitwise flags for fine-grained protocol support. (Daniel Lowrey) 2332 . Added new tlsv1.0 stream wrapper to specify TLSv1 client/server method. 2333 tls wrapper now negotiates TLSv1, TLSv1.1 or TLSv1.2. (Daniel Lowrey) 2334 . Encrypted client streams now enable SNI by default. (Daniel Lowrey) 2335 . Encrypted streams now prioritize ephemeral key agreement and high strength 2336 ciphers by default. (Daniel Lowrey) 2337 . New OPENSSL_DEFAULT_STREAM_CIPHERS constant exposes default cipher 2338 list. (Daniel Lowrey) 2339 . New STREAM_CRYPTO_METHOD_* constants for enhanced control over the crypto 2340 methods negotiated encrypted server/client sessions. (Daniel Lowrey) 2341 . Encrypted stream servers now automatically mitigate potential DoS vector 2342 arising from client-initiated TLS renegotiation. New "reneg_limit", 2343 "reneg_window" and "reneg_limit_callback" SSL context options for custom 2344 renegotiation limiting control. (Daniel Lowrey) 2345 . Fixed memory leak in windows cert verification on verify failure. 2346 (Chris Wright) 2347 . Peer certificate capturing via SSL context options now functions even if 2348 peer verification fails. (Daniel Lowrey) 2349 . Encrypted TLS servers now support the server name indication TLS extension 2350 via the new "SNI_server_certs" SSL context option. (Daniel Lowrey) 2351 . Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1). (Remi) 2352 . Fixed bug #66942 (memory leak in openssl_seal()). (Chuan Ma) 2353 . Fixed bug #66952 (memory leak in openssl_open()). (Chuan Ma) 2354 . Fixed bug #66840 (Fix broken build when extension built separately). 2355 (Daniel Lowrey) 2356 2357- OPcache: 2358 . Added an optimization of class constants and constant calls to some 2359 internal functions (Laruence, Dmitry) 2360 . Added an optimization pass to convert FCALL_BY_NAME into DO_FCALL. 2361 (Laruence, Dmitry) 2362 . Added an optimization pass to merged identical constants (and related 2363 cache_slots) in op_array->literals table. (Laruence, Dmitry) 2364 . Added script level constant replacement optimization pass. (Dmitry) 2365 . Added function opcache_is_script_cached(). (Danack) 2366 . Added information about interned strings usage. (Terry, Julien, Dmitry) 2367 . Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault 2368 happen) (Dmitry, Laruence) 2369 2370- PCRE: 2371 . Fixed bug #67238 (Ungreedy and min/max quantifier bug, applied patch 2372 from the upstream). (Anatol) 2373 . Upgraded to PCRE 8.34. (Anatol) 2374 . Added support for (*MARK) backtracking verbs. (Nikita) 2375 2376- pgsql: 2377 . Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756), 2378 which affected builds against libpq < 7.3. (Adam) 2379 . pg_insert()/pg_select()/pg_update()/pg_delete() are no longer EXPERIMENTAL. 2380 (Yasuo) 2381 . Impremented FR #25854 Return value for pg_insert should be resource instead of bool. 2382 (Yasuo) 2383 . Implemented FR #41146 - Add "description" with exteneded flag pg_meta_data(). 2384 pg_meta_data(resource $conn, string $table [, bool extended]) 2385 It also made pg_meta_data() return "is enum" always. 2386 (Yasuo) 2387 . Read-only access to the socket stream underlying database connections is 2388 exposed via a new pg_socket() function to allow read/write polling when 2389 establishing asynchronous connections and executing queries in non-blocking 2390 applications. (Daniel Lowrey) 2391 . Asynchronous connections are now possible using the PGSQL_CONNECT_ASYNC 2392 flag in conjunction with a new pg_connect_poll() function and connection 2393 polling status constants. (Daniel Lowrey) 2394 . New pg_flush() and pg_consume_input() functions added to manually complete 2395 non-blocking reads/writes to underlying connection sockets. (Daniel Lowrey) 2396 . pg_version() returns full report which obtained by PQparameterStatus(). 2397 (Yasuo) 2398 . Added pg_lo_truncate(). (Yasuo) 2399 . Added 64bit large object support for PostgreSQL 9.3 and later. (Yasuo) 2400 . Fixed bug #67555 (Cannot build against libpq 7.3). (Adam) 2401 2402- phpdbg 2403 . Fixed bug #67575 (Compilation fails for phpdbg when the 2404 build directory != src directory). (Andy Thompson) 2405 . Fixed Bug #67499 (readline feature not enabled when build with libedit). (Remi) 2406 . Fix issue krakjoe/phpdbg#94 (List behavior is inconsistent). (Bob) 2407 . Fix issue krakjoe/phpdbg#97 (The prompt should always ensure it is on a 2408 newline). (Bob) 2409 . Fix issue krakjoe/phpdbg#98 (break if does not seem to work). (Bob) 2410 . Fix issue krakjoe/phpdbg#99 (register function has the same behavior as 2411 run). (Bob) 2412 . Fix issue krakjoe/phpdbg#100 (No way to list the current stack/frames) 2413 (Help entry was missing). (Bob) 2414 . Fixed bug which caused phpdbg to fail immediately on startup in non-debug 2415 builds. (Bob) 2416 . Fixed bug #67212 (phpdbg uses non-standard TIOCGWINSZ). (Ferenc) 2417 . Included phpdbg sapi (RFC: https://wiki.php.net/rfc/phpdbg). 2418 (Felipe Pena, Joe Watkins and Bob Weinand) 2419 . Added watchpoints (watch command). (Bob) 2420 . Renamed some commands (next => continue and how to step). (Joe) 2421 . Fixed issue #85 (https://github.com/krakjoe/phpdbg/issues/85) 2422 (Added stdin/stdout/stderr constants and their php:// wrappers). (Bob) 2423 2424- PDO: 2425 . Fixed bug #66604 ('pdo/php_pdo_error.h' not copied to the include dir). 2426 (Matteo) 2427 2428- PDO-ODBC: 2429 . Fixed bug #50444 (PDO-ODBC changes for 64-bit). 2430 2431- PDO_pgsql: 2432 . Fixed Bug #42614 (PDO_pgsql: add pg_get_notify support). (Matteo) 2433 . Fixed Bug #63657 (pgsqlCopyFromFile, pgsqlCopyToArray use Postgres < 7.3 2434 syntax). (Matteo) 2435 . Cleaned up code by increasing the requirements to libpq versions providing 2436 PQexecParams, PQprepare, PQescapeStringConn, PQescapeByteaConn. According 2437 to the release notes that means 8.0.8+ or 8.1.4+. (Matteo) 2438 . Deprecated PDO::PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT, an 2439 undocument constant effectively equivalent to PDO::ATTR_EMULATE_PREPARES. 2440 (Matteo) 2441 . Added PDO::PGSQL_ATTR_DISABLE_PREPARES constant to execute the queries 2442 without preparing them, while still passing parameters separately from 2443 the command text using PQexecParams. (Matteo) 2444 2445- PDO_firebird: 2446 . Fixed Bug #66071 (memory corruption in error handling) (Popa) 2447 2448- Phar: 2449 . Fixed bug #64498 ($phar->buildFromDirectory can't compress file with an accent 2450 in its name). (PR #588) 2451 . Fixed bug #67587 (Redirection loop on nginx with FPM). (Christian Weiske) 2452 2453- readline: 2454 . Fixed bug #55496 (Interactive mode doesn't force a newline before the 2455 prompt). (Bob, Johannes) 2456 . Fixed bug #67496 (Save command history when exiting interactive shell 2457 with control-c). (Dmitry Saprykin, Johannes) 2458 2459- Reflection: 2460 . Implemented FR #67713 (loosen the restrictions on 2461 ReflectionClass::newInstanceWithoutConstructor()). (Ferenc) 2462 2463- Session: 2464 . Fixed bug #67694 (Regression in session_regenerate_id()). (Tjerk) 2465 . Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas). 2466 . Fixed bug #66827 (Session raises E_NOTICE when session name variable is array). 2467 (Yasuo) 2468 . Fixed Bug #65315 (session.hash_function silently fallback to default md5) 2469 (Yasuo) 2470 . Implemented Request #17860 (Session write short circuit). (Yasuo) 2471 . Implemented Request #20421 (session_abort() and session_reset() function). 2472 (Yasuo) 2473 . Remove session_gc() and session_serializer_name() wich were introduced in the first 5.6.0 alpha. 2474 2475- SimpleXML: 2476 . Fixed bug #66084 (simplexml_load_string() mangles empty node name) 2477 (Anatol) 2478 2479- SQLite: 2480 . Updated the bundled libsqlite to the version 3.8.3.1 (Anatol) 2481 . Fixed bug #66967 (Updated bundled libsqlite to 3.8.4.3). (Anatol) 2482 2483- SOAP: 2484 . Implemented FR #49898 (Add SoapClient::__getCookies()). (Boro Sitnikovski) 2485 2486- SPL: 2487 . Revert fix for bug #67064 (BC issues). (Bob) 2488 . Fixed bug #67539 (ArrayIterator use-after-free due to object change during 2489 sorting). (CVE-2014-4698) (research at insighti dot org, Laruence) 2490 . Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) (Laruence) 2491 . Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type 2492 Confusion) (CVE-2014-3515). (Stefan Esser) 2493 . Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence) 2494 . Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas) 2495 . Fixed request #67453 (Allow to unserialize empty data). (Remi) 2496 . Added feature #65545 (SplFileObject::fread()) (Tjerk) 2497 . Fixed bug #66834 (empty() does not work on classes that extend ArrayObject) (Tjerk) 2498 . Fixed bug #66702 (RegexIterator::INVERT_MATCH does not invert). (Joshua 2499 Thijssen) 2500 2501- Standard: 2502 . Implemented FR #65634 (HTTP wrapper is very slow with protocol_version 2503 1.1). (Adam) 2504 . Implemented Change crypt() behavior w/o salt RFC. (Yasuo) 2505 https://wiki.php.net/rfc/crypt_function_salt 2506 . Implemented request #49824 (Change array_fill() to allow creating empty 2507 array). (Nikita) 2508 2509- Streams: 2510 . Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects). (Adam) 2511 2512- Tokenizer: 2513 . Fixed bug #67395 (token_name() does not return name for T_POW and T_POW_EQUAL 2514 token). (Ferenc) 2515 2516- XMLReader: 2517 . Fixed bug #55285 (XMLReader::getAttribute/No/Ns methods inconsistency). 2518 (Mike) 2519 2520- XSL: 2521 . Fixed bug #53965 (<xsl:include> cannot find files with relative paths 2522 when loaded with "file://"). (Anatol) 2523 2524- Zip: 2525 . update libzip to version 1.11.2. 2526 PHP don't use any ilibzip private symbol anymore. (Pierre, Remi) 2527 . new method ZipArchive::setPassword($password). (Pierre) 2528 . add --with-libzip option to build with system libzip. (Remi) 2529 . new methods: 2530 ZipArchive::setExternalAttributesName($name, $opsys, $attr [, $flags]) 2531 ZipArchive::setExternalAttributesIndex($idx, $opsys, $attr [, $flags]) 2532 ZipArchive::getExternalAttributesName($name, &$opsys, &$attr [, $flags]) 2533 ZipArchive::getExternalAttributesIndex($idx, &$opsys, &$attr [, $flags]) 2534 2535- Zlib: 2536 . Fixed bug #67865 (internal corruption phar error). Mike 2537 . Fixed bug #67724 (chained zlib filters silently fail with large amounts of 2538 data). (Mike) 2539 254021 Aug 2014, PHP 5.5.16 2541 2542- COM: 2543 . Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas). 2544 2545- Fileinfo: 2546 . Fixed bug #67705 (extensive backtracking in rule regular expression). 2547 (CVE-2014-3538) (Remi) 2548 . Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi) 2549 2550- FPM: 2551 . Fixed bug #67635 (php links to systemd libraries without using pkg-config). 2552 (pacho at gentoo dot org, Remi) 2553 2554- GD: 2555 . Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference). 2556 (CVE-2014-2497) (Remi) 2557 . Fixed bug #67730 (Null byte injection possible with imagexxx functions). 2558 (CVE-2014-5120) (Ryan Mauger) 2559 2560- Milter: 2561 . Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike) 2562 2563- Network: 2564 . Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi) 2565 2566- OpenSSL: 2567 . Fixed missing type checks in OpenSSL options. (Yussuf Khalil, Stas) 2568 2569- readline: 2570 . Fixed bug #55496 (Interactive mode doesn't force a newline before the 2571 prompt). (Bob, Johannes) 2572 . Fixed bug #67496 (Save command history when exiting interactive shell 2573 with control-c). (Dmitry Saprykin, Johannes) 2574 2575- Sessions: 2576 . Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas). 2577 2578- Core: 2579 . Fixed bug #67693 (incorrect push to the empty array) (Tjerk) 2580 2581- ODBC: 2582 . Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte 2583 char fields). (Keyur) 2584 258524 Jul 2014, PHP 5.5.15 2586 2587- Core: 2588 . Fixed bug #67428 (header('Location: foo') will override a 308-399 response 2589 code). (Adam) 2590 . Fixed bug #67436 (Autoloader isn't called if two method definitions don't 2591 match). (Bob) 2592 . Fixed bug #67091 (make install fails to install libphp5.so on FreeBSD 10.0). 2593 (Ferenc) 2594 . Fixed bug #67497 (eval with parse error causes segmentation fault in 2595 generator). (Nikita) 2596 . Fixed bug #67151 (strtr with empty array crashes). (Nikita) 2597 . Fixed bug #67407 (Windows 8.1/Server 2012 R2 reported as Windows 8/Server 2598 2012). (Christian Wenz) 2599 . Fixed bug #66608 (Incorrect behavior with nested "finally" blocks). 2600 (Laruence, Dmitry) 2601 . Implemented FR #34407 (ucwords and Title Case). (Tjerk) 2602 2603- CLI server: 2604 . Implemented FR #67429 (CLI server is missing some new HTTP response codes). 2605 (Adam) 2606 . Fixed bug #66830 (Empty header causes PHP built-in web server to hang). 2607 (Adam) 2608 . Fixed bug #67594 (Unable to access to apache_request_headers() elements). 2609 (Tjerk) 2610 2611- FPM: 2612 . Fixed bug #67530 (error_log=syslog ignored). (Remi) 2613 . Fixed bug #67531 (syslog cannot be set in pool configuration). (Remi) 2614 2615- Intl: 2616 . Fixed bug #66921 (Wrong argument type hint for function 2617 intltz_from_date_time_zone). (Stas) 2618 . Fixed bug #67052 (NumberFormatter::parse() resets LC_NUMERIC setting). 2619 (Stas) 2620 2621- OPCache: 2622 . Fixed bug #67215 (php-cgi work with opcache, may be segmentation fault 2623 happen) (Dmitry, Laruence) 2624 2625- pgsql: 2626 . Fixed bug #67550 (Error in code "form" instead of "from", pgsql.c, line 756), 2627 which affected builds against libpq < 7.3. (Adam) 2628 2629- Phar: 2630 . Fixed bug #67587 (Redirection loop on nginx with FPM). (Christian Weiske) 2631 2632- SPL: 2633 . Fixed bug #67539 (ArrayIterator use-after-free due to object change during 2634 sorting). (CVE-2014-4698) (research at insighti dot org, Laruence) 2635 . Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670) (Laruence) 2636 2637- Streams: 2638 . Fixed bug #67430 (http:// wrapper doesn't follow 308 redirects). (Adam) 2639 2640- Session: 2641 . Fixed bug #66827 (Session raises E_NOTICE when session name variable is array). 2642 (Yasuo) 2643 264427 Jun 2014, PHP 5.5.14 2645 2646- Core: 2647 . Fixed BC break introduced by patch for bug #67072. (Anatol, Stas) 2648 . Fixed bug #66622 (Closures do not correctly capture the late bound class 2649 (static::) in some cases). (Levi Morrison) 2650 . Fixed bug #67390 (insecure temporary file use in the configure script). 2651 (Remi) (CVE-2014-3981) 2652 . Fixed bug #67399 (putenv with empty variable may lead to crash). (Stas) 2653 2654- CLI server: 2655 . Fixed Bug #67406 (built-in web-server segfaults on startup). (Remi) 2656 2657- Date: 2658 . Fixed bug #67308 (Serialize of DateTime truncates fractions of second). 2659 (Adam) 2660 . Fixed regression in fix for bug #67118 (constructor can't be called twice). 2661 (Remi) 2662 2663- Fileinfo: 2664 . Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check). 2665 . Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal 2666 string size). (Francisco Alonso, Jan Kaluza, Remi) 2667 . Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary 2668 check). (Francisco Alonso, Jan Kaluza, Remi) 2669 . Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check). 2670 (Francisco Alonso, Jan Kaluza, Remi) 2671 . Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary 2672 check). (Francisco Alonso, Jan Kaluza, Remi) 2673 2674- Network: 2675 . Fixed bug #67432 (Fix potential segfault in dns_get_record()). 2676 (CVE-2014-4049). (Sara) 2677 2678- OPCache: 2679 . Fixed issue #183 (TMP_VAR is not only used once). (Dmitry, Laruence) 2680 2681- OpenSSL: 2682 . Fixed bug #65698 (certificates validity parsing does not work past 2050). 2683 (Paul Oehler) 2684 . Fixed bug #66636 (openssl_x509_parse warning with V_ASN1_GENERALIZEDTIME). 2685 (Paul Oehler) 2686 2687- PDO-ODBC: 2688 . Fixed bug #50444 (PDO-ODBC changes for 64-bit). 2689 2690- SOAP: 2691 . Implemented FR #49898 (Add SoapClient::__getCookies()). (Boro Sitnikovski) 2692 2693- SPL: 2694 . Fixed bug #66127 (Segmentation fault with ArrayObject unset). (Stas) 2695 . Fixed bug #67359 (Segfault in recursiveDirectoryIterator). (Laruence) 2696 . Fixed bug #67360 (Missing element after ArrayObject::getIterator). (Adam) 2697 . Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type 2698 Confusion). (CVE-2014-3515) (Stefan Esser) 2699 270029 May 2014, PHP 5.5.13 2701 2702- CLI server: 2703 . Fixed bug #67079 (Missing MIME types for XML/XSL files). (Anatol) 2704 2705- COM: 2706 . Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)). (Anatol) 2707 2708- Core: 2709 . Fixed bug #65701 (copy() doesn't work when destination filename is created 2710 by tempnam()). (Boro Sitnikovski) 2711 . Fixed bug #67072 (Echoing unserialized "SplFileObject" crash). (Anatol) 2712 . Fixed bug #67245 (usage of memcpy() with overlapping src and dst in 2713 zend_exceptions.c). (Bob) 2714 . Fixed bug #67247 (spl_fixedarray_resize integer overflow). (Stas) 2715 . Fixed bug #67249 (printf out-of-bounds read). (Stas) 2716 . Fixed bug #67250 (iptcparse out-of-bounds read). (Stas) 2717 . Fixed bug #67252 (convert_uudecode out-of-bounds read). (Stas) 2718 2719- Curl: 2720 . Fixed bug #64247 (CURLOPT_INFILE doesn't allow reset). (Mike) 2721 2722- Date: 2723 . Fixed bug #67118 (DateTime constructor crash with invalid data). (Anatol) 2724 . Fixed bug #67251 (date_parse_from_format out-of-bounds read). (Stas) 2725 . Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read). (Stas) 2726 2727- DOM: 2728 . Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag, 2729 not only the subset). (Anatol) 2730 2731- Fileinfo: 2732 . Fixed bug #66307 (Fileinfo crashes with powerpoint files). (Anatol) 2733 . Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS) (CVE-2014-0238). 2734 . Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in 2735 performance degradation) (CVE-2014-0237). 2736 2737- FPM: 2738 . Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor). 2739 (Julio Pintos) 2740 2741- GD: 2742 . Fixed bug #67248 (imageaffinematrixget missing check of parameters). (Stas) 2743 2744- PCRE: 2745 . Fixed bug #67238 (Ungreedy and min/max quantifier bug, applied patch 2746 from the upstream). (Anatol) 2747 2748- Phar: 2749 . Fix bug #64498 ($phar->buildFromDirectory can't compress file with an accent 2750 in its name). (PR #588) 2751 275230 Apr 2014, PHP 5.5.12 2753- Core: 2754 . Fixed bug #61019 (Out of memory on command stream_get_contents). (Mike) 2755 . Fixed bug #64330 (stream_socket_server() creates wrong Abstract Namespace 2756 UNIX sockets). (Mike) 2757 . Fixed bug #66182 (exit in stream filter produces segfault). (Mike) 2758 . Fixed bug #66736 (fpassthru broken). (Mike) 2759 . Fixed bug #67024 (getimagesize should recognize BMP files with negative 2760 height). (Gabor Buella) 2761 . Fixed bug #67043 (substr_compare broke by previous change) (Tjerk) 2762 . Fixed bug #67033 (Remove reference to Windows 95). (Anatol) 2763 2764- cURL: 2765 . Fixed bug #66562 (curl_exec returns differently than curl_multi_getcontent). 2766 (Freek Lijten) 2767 2768- Date: 2769 . Fixed bug #66721 (__wakeup of DateTime segfaults when invalid object data is 2770 supplied). (Boro Sitnikovski) 2771 2772- Embed: 2773 . Fixed bug #65715 (php5embed.lib isn't provided anymore). (Anatol). 2774 2775- Fileinfo: 2776 . Fixed bug #66987 (Memory corruption in fileinfo ext / bigendian). 2777 (Remi) 2778 2779- FPM: 2780 . Fixed bug #66482 (unknown entry 'priority' in php-fpm.conf). 2781 . Fixed bug #67060 (sapi/fpm: possible privilege escalation due to insecure 2782 default configuration) (CVE-2014-0185). (Stas) 2783 2784- JSON: 2785 . Fixed bug #66021 (Blank line inside empty array/object when 2786 JSON_PRETTY_PRINT is set). (Kevin Israel) 2787 2788- LDAP: 2789 . Fixed issue with null bytes in LDAP bindings. (Matthew Daley) 2790 2791- mysqli: 2792 . Fixed problem in mysqli_commit()/mysqli_rollback() with second parameter 2793 (extra comma) and third parameters (lack of escaping). (Andrey) 2794 2795- OpenSSL: 2796 . Fix bug #66942 (memory leak in openssl_seal()). (Chuan Ma) 2797 . Fix bug #66952 (memory leak in openssl_open()). (Chuan Ma) 2798 2799- SimpleXML: 2800 . Fixed bug #66084 (simplexml_load_string() mangles empty node name) 2801 (Anatol) 2802 2803- SQLite: 2804 . Fixed bug #66967 (Updated bundled libsqlite to 3.8.4.3). (Anatol) 2805 2806- XSL: 2807 . Fixed bug #53965 (<xsl:include> cannot find files with relative paths 2808 when loaded with "file://"). (Anatol) 2809 2810- Apache2 Handler SAPI: 2811 . Fixed Apache log issue caused by APR's lack of support for %zu 2812 (APR issue https://issues.apache.org/bugzilla/show_bug.cgi?id=56120). 2813 (Jeff Trawick) 2814 281503 Apr 2014, PHP 5.5.11 2816 2817- Core: 2818 . Allow zero length comparison in substr_compare() (Tjerk) 2819 . Fixed bug #60602 (proc_open() changes environment array) (Tjerk) 2820 2821- SPL: 2822 . Added feature #65545 (SplFileObject::fread()) (Tjerk) 2823 . Fixed bug #66702 (RegexIterator::INVERT_MATCH does not invert). (Joshua 2824 Thijssen) 2825 2826- cURL: 2827 . Fixed bug #66109 (Can't reset CURLOPT_CUSTOMREQUEST to default behaviour) (Tjerk) 2828 . Fix compilation on libcurl versions between 7.10.5 and 7.12.2, inclusive. 2829 (Adam) 2830 2831- Fileinfo: 2832 . Fixed bug #66946i (fileinfo: extensive backtracking in awk rule regular 2833 expression). (CVE-2013-7345) (Remi) 2834 2835- FPM: 2836 . Added clear_env configuration directive to disable clearenv() call. 2837 (Github PR# 598, Paul Annesley) 2838 2839- GD: 2840 . Fixed bug #66714 (imageconvolution breakage). (Brad Daily) 2841 . Fixed bug #66869 (Invalid 2nd argument crashes imageaffinematrixget) (Pierre) 2842 . Fixed bug #66887 (imagescale - poor quality of scaled image). (Remi) 2843 . Fixed bug #66890 (imagescale segfault). (Remi) 2844 . Fixed bug #66893 (imagescale ignore method argument). (Remi) 2845 2846- Hash: 2847 . hash_pbkdf2() now works correctly if the $length argument is not specified. 2848 (Nikita) 2849 2850- Intl: 2851 . Fixed bug #66873 (A reproductible crash in UConverter when given invalid 2852 encoding) (Stas) 2853 2854- Mail: 2855 . Fixed bug #66535 (Don't add newline after X-PHP-Originating-Script) (Tjerk) 2856 2857- MySQLi: 2858 . Fixed bug #66762 (Segfault in mysqli_stmt::bind_result() when link closed) 2859 (Remi) 2860 2861- OPCache 2862 . Added function opcache_is_script_cached(). (Danack) 2863 . Added information about interned strings usage. (Terry, Julien, Dmitry) 2864 2865- Openssl: 2866 . Fixed bug #66833 (Default disgest algo is still MD5, switch to SHA1). (Remi) 2867 2868- GMP 2869 . Fixed bug #66872 (invalid argument crashes gmp_testbit) (Pierre) 2870 2871- SQLite: 2872 . Updated bundled libsqlite to 3.8.3.1 (Anatol) 2873 287406 Mar 2014, PHP 5.5.10 2875 2876- Core: 2877 . Fixed Request #66574i (Allow multiple paths in php_ini_scanned_path). (Remi) 2878 2879- Date: 2880 . Fixed bug #45528 (Allow the DateTimeZone constructor to accept timezones 2881 per offset too). (Derick) 2882 2883- Fileinfo: 2884 . Bug #66731 (file: infinite recursion) (CVE-2014-1943). (Remi) 2885 . Fixed bug #66820 (out-of-bounds memory access in fileinfo) 2886 (CVE-2014-2270). (Remi) 2887 2888- GD 2889 . Fixed Bug #66815 (imagecrop(): insufficient fix for NULL defer 2890 CVE-2013-7327). (Tomas Hoger, Remi) 2891 2892- JSON: 2893 . Fixed bug #65753 (JsonSerializeable couldn't implement on module extension) 2894 (chobieeee@php.net) 2895 2896- LDAP: 2897 . Implemented ldap_modify_batch (https://wiki.php.net/rfc/ldap_modify_batch). 2898 (Ondřej Hošek) 2899 2900- Openssl: 2901 . Fixed bug #66501 (Add EC key support to php_openssl_is_private_key). 2902 (Mark Zedwood) 2903 2904- PCRE: 2905 . Upgraded to PCRE 8.34. (Anatol) 2906 2907- Pgsql: 2908 . Added warning for dangerous client encoding and remove possible injections 2909 for pg_insert()/pg_update()/pg_delete()/pg_select(). (Yasuo) 2910 2911 291206 Feb 2014, PHP 5.5.9 2913 2914- Core: 2915 . Fixed bug #66509 (copy() arginfo has changed starting from 5.4). (willfitch) 2916 2917- GD: 2918 . Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()). 2919 (Laruence, Remi) 2920 2921- OPCache: 2922 . Fixed bug #66474 (Optimizer bug in constant string to boolean conversion). 2923 (Dmitry) 2924 . Fixed bug #66461 (PHP crashes if opcache.interned_strings_buffer=0). 2925 (Dmitry) 2926 . Fixed bug #66298 (ext/opcache/Optimizer/zend_optimizer.c has dos-style 2927 ^M as lineend). (Laruence) 2928 2929- PDO_pgsql: 2930 . Fixed bug #62479 (PDO-psql cannot connect if password contains 2931spaces) (willfitch, iliaa) 2932 2933- Readline 2934 . Fixed Bug #66412 (readline_clear_history() with libedit causes segfault after 2935 #65714). (Remi) 2936 2937- Session 2938 . Fixed bug #66469 (Session module is sending multiple set-cookie headers when 2939 session.use_strict_mode=1) (Yasuo) 2940 . Fixed bug #66481 (Segfaults on session_name()). 2941 (cmcdermottroe at engineyard dot com, Yasuo) 2942 2943- Standard 2944 . Fixed bug #66395 (basename function doesn't remove drive letter). (Anatol) 2945 2946- Sockets: 2947 . Fixed bug #66381 (__ss_family was changed on AIX 5.3). (Felipe) 2948 2949- Zend Engine 2950 . Fixed bug #66009 (Failed compilation of PHP extension with C++ std 2951 library using VS 2012). (Anatol) 2952 295309 Jan 2014, PHP 5.5.8 2954 2955- Core: 2956 . Disallowed JMP into a finally block. (Laruence) 2957 . Added validation of class names in the autoload process. (Dmitry) 2958 . Fixed invalid C code in zend_strtod.c. (Lior Kaplan) 2959 . Fixed ZEND_MM_MEM_TYPE=mmap_zero. (Dmitry, Tony) 2960 . Fixed bug #66041 (list() fails to unpack yielded ArrayAccess object). 2961 (Nikita) 2962 . Fixed bug #65764 (generators/throw_rethrow FAIL with 2963 ZEND_COMPILE_EXTENDED_INFO). (Nikita) 2964 . Fixed bug #61645 (fopen and O_NONBLOCK). (Mike) 2965 . Fixed bug #66218 (zend_register_functions breaks reflection). (Remi) 2966 2967- Date: 2968 . Fixed bug #66060 (Heap buffer over-read in DateInterval) (CVE-2013-6712). 2969 (Remi) 2970 . Fixed bug #65768 (DateTimeImmutable::diff does not work). (Nikita Nefedov) 2971 2972- DOM: 2973 . Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML() 2974 Produces invalid Markup). (Mike) 2975 2976- Exif: 2977 . Fixed bug #65873 (Integer overflow in exif_read_data()). (Stas) 2978 2979- Filter: 2980 . Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer). (Adam) 2981 2982- GD: 2983 . Fixed bug #64405 (Use freetype-config for determining freetype2 dir(s)). 2984 (Adam) 2985 2986- PDO_odbc: 2987 . Fixed bug #66311 (Stack smashing protection kills PDO/ODBC queries). 2988 (michael at orlitzky dot com) 2989 2990- MySQLi: 2991 . Fixed bug #65486 (mysqli_poll() is broken on win x64). (Anatol) 2992 2993- OPCache: 2994 . Fixed revalidate_path=1 behavior to avoid caching of symlinks values. 2995 (Dmitry) 2996 . Fixed Issue #140: "opcache.enable_file_override" doesn't respect 2997 "opcache.revalidate_freq". (Dmitry). 2998 2999- SNMP: 3000 . Fixed SNMP_ERR_TOOBIG handling for bulk walk operations. (Boris Lytochkin) 3001 3002- SOAP 3003 . Fixed bug #66112 (Use after free condition in SOAP extension). 3004 (martin dot koegler at brz dot gv dot at) 3005 3006- Sockets: 3007 . Fixed bug #65923 (ext/socket assumes AI_V4MAPPED is defined). (Felipe) 3008 3009- XSL 3010 . Fixed bug #49634 (Segfault throwing an exception in a XSL registered 3011 function). (Mike) 3012 3013- ZIP: 3014 . Fixed Bug #66321 (ZipArchive::open() ze_obj->filename_len not real). (Remi) 3015 301612 Dec 2013, PHP 5.5.7 3017 3018- CLI server: 3019 . Added some MIME types to the CLI web server (Chris Jones) 3020 . Implemented FR #65917 (getallheaders() is not supported by the built-in web 3021 server) - also implements apache_response_headers() (Andrea Faulds) 3022 3023- Core: 3024 . Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a 3025 string). (Laruence) 3026 . Fixed bug #65969 (Chain assignment with T_LIST failure). (Dmitry) 3027 3028- OPCache 3029 . Fixed bug #66176 (Invalid constant substitution). (Dmitry) 3030 . Fixed bug #65915 (Inconsistent results with require return value). (Dmitry) 3031 . Fixed bug #65559 (Opcache: cache not cleared if changes occur while 3032 running). (Dmitry) 3033 3034- readline 3035 . Fixed Bug #65714 (PHP cli forces the tty to cooked mode). (Remi) 3036 3037- Openssl: 3038 . Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). 3039 (Stefan Esser). 3040 304114 Nov 2013, PHP 5.5.6 3042 3043- Core: 3044 . Fixed bug #65947 (basename is no more working after fgetcsv in certain 3045 situation). (Laruence) 3046 . Improved performance of array_merge() and func_get_args() by eliminating 3047 useless copying. (Dmitry) 3048 . Fixed bug #65939 (Space before ";" breaks php.ini parsing). 3049 (brainstorm at nopcode dot org) 3050 . Fixed bug #65911 (scope resolution operator - strange behavior with $this). 3051 (Bob Weinand) 3052 . Fixed bug #65936 (dangling context pointer causes crash). (Tony) 3053 3054- FPM: 3055 . Changed default listen() backlog to 65535. (Tony) 3056 3057- JSON 3058 . Fixed whitespace part of bug #64874 ("json_decode handles whitespace and 3059 case-sensitivity incorrectly"). (Andrea Faulds) 3060 3061- MySQLi: 3062 . Fixed bug #66043 (Segfault calling bind_param() on mysqli). (Laruence) 3063 3064- OPcache 3065 . Increased limit for opcache.max_accelerated_files to 1,000,000. (Chris) 3066 . Fixed issue #115 (path issue when using phar). (Dmitry) 3067 . Fixed issue #149 (Phar mount points not working with OPcache enabled). 3068 (Dmitry) 3069 3070- ODBC 3071 . Fixed bug #65950 (Field name truncation if the field name is bigger than 3072 32 characters). (patch submitted by: michael dot y at zend dot com, Yasuo) 3073 3074- PDO: 3075 . Fixed bug #66033 (Segmentation Fault when constructor of PDO statement 3076 throws an exception). (Laruence) 3077 . Fixed bug 65946 (sql_parser permanently converts values bound to strings) 3078 3079- Standard: 3080 . Fixed bug #64760 (var_export() does not use full precision for floating-point 3081 numbers) (Yasuo) 3082 3083 308417 Oct 2013, PHP 5.5.5 3085 3086- Core: 3087 . Fixed bug #64979 (Wrong behavior of static variables in closure generators). 3088 (Nikita) 3089 . Fixed bug #65322 (compile time errors won't trigger auto loading). (Nikita) 3090 . Fixed bug #65821 (By-ref foreach on property access of string offset 3091 segfaults). (Nikita) 3092 3093- CLI server: 3094 . Fixed bug #65633 (built-in server treat some http headers as 3095 case-sensitive). (Adam) 3096 . Fixed bug #65818 (Segfault with built-in webserver and chunked transfer 3097 encoding). (Felipe) 3098 . Added application/pdf to PHP CLI Web Server mime types (Chris Jones) 3099 3100- Datetime: 3101 . Fixed bug #64157 (DateTime::createFromFormat() reports confusing error 3102 message). (Boro Sitnikovski) 3103 . Fixed bug #65502 (DateTimeImmutable::createFromFormat returns DateTime). 3104 (Boro Sitnikovski) 3105 . Fixed bug #65548 (Comparison for DateTimeImmutable doesn't work). 3106 (Boro Sitnikovski) 3107 3108- DBA extension: 3109 . Fixed bug #65708 (dba functions cast $key param to string in-place, 3110 bypassing copy on write). (Adam) 3111 3112- Filter: 3113 . Add RFC 6598 IPs to reserved addresses. (Sebastian Nohn) 3114 . Fixed bug #64441 (FILTER_VALIDATE_URL rejects fully qualified domain names). 3115 (Syra) 3116 3117- FTP: 3118 . Fixed bug #65667 (ftp_nb_continue produces segfault). (Philip Hofstetter) 3119 3120- GD 3121 . Ensure that the defined interpolation method is used with the generic 3122 scaling methods. (Pierre) 3123 3124- IMAP: 3125 . Fixed bug #65721 (configure script broken in 5.5.4 and 5.4.20 when enabling 3126 imap). (ryotakatsuki at gmail dot com) 3127 3128- OPcache: 3129 . Added support for GNU Hurd. (Svante Signell) 3130 . Added function opcache_compile_file() to load PHP scripts into cache 3131 without execution. (Julien) 3132 . Fixed bug #65845 (Error when Zend Opcache Optimizer is fully enabled). 3133 (Dmitry) 3134 . Fixed bug #65665 (Exception not properly caught when opcache enabled). 3135 (Laruence) 3136 . Fixed bug #65510 (5.5.2 crashes in _get_zval_ptr_ptr_var). (Dmitry) 3137 . Fixed issue #135 (segfault in interned strings if initial memory is too 3138 low). (Julien) 3139 3140- Sockets: 3141 . Fixed bug #65808 (the socket_connect() won't work with IPv6 address). 3142 (Mike) 3143 3144- SPL: 3145 . Fix bug #64782 (SplFileObject constructor make $context optional / give it 3146 a default value). (Nikita) 3147 3148- Standard: 3149 . Fixed bug #61548 (content-type must appear at the end of headers for 201 3150 Location to work in http). (Mike) 3151 3152- XMLReader: 3153 . Fixed bug #51936 (Crash with clone XMLReader). (Mike) 3154 . Fixed bug #64230 (XMLReader does not suppress errors). (Mike) 3155 3156- Build system: 3157 . Fixed bug #51076 (race condition in shtool's mkdir -p implementation). 3158 (Mike, Raphael Geissert) 3159 . Fixed bug #62396 ('make test' crashes starting with 5.3.14 (missing 3160 gzencode())). (Mike) 3161 3162 316319 Sep 2013, PHP 5.5.4 3164 3165- Core: 3166 . Fixed bug #60598 (cli/apache sapi segfault on objects manipulation). 3167 (Laruence) 3168 . Improved fputcsv() to allow specifying escape character. 3169 . Fixed bug #65490 (Duplicate calls to get lineno & filename for 3170 DTRACE_FUNCTION_*). (Chris Jones) 3171 . Fixed bug #65483 (quoted-printable encode stream filter incorrectly encoding 3172 spaces). (Michael M Slusarz) 3173 . Fixed bug #65481 (shutdown segfault due to serialize) (Mike) 3174 . Fixed bug #65470 (Segmentation fault in zend_error() with 3175 --enable-dtrace). (Chris Jones, Kris Van Hees) 3176 . Fixed bug #65225 (PHP_BINARY incorrectly set). (Patrick Allaert) 3177 . Fixed bug #62692 (PHP fails to build with DTrace). (Chris Jones, Kris Van Hees) 3178 . Fixed bug #61759 (class_alias() should accept classes with leading 3179 backslashes). (Julien) 3180 . Fixed bug #46311 (Pointer aliasing issue results in miscompile on gcc4.4). 3181 (Nikita Popov) 3182 3183- cURL: 3184 . Fixed bug #65458 (curl memory leak). (Adam) 3185 3186- Datetime: 3187 . Fixed bug #65554 (createFromFormat broken when weekday name is followed 3188 by some delimiters). (Valentin Logvinskiy, Stas). 3189 . Fixed bug #65564 (stack-buffer-overflow in DateTimeZone stuff caught 3190 by AddressSanitizer). (Remi). 3191 3192- OPCache: 3193 . Fixed bug #65561 (Zend Opcache on Solaris 11 x86 needs ZEND_MM_ALIGNMENT=4). 3194 (Terry Ellison) 3195 3196- Openssl: 3197 . Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in 3198 some cases). (Mark Jones) 3199 3200- PDO: 3201 . Fixed bug #64953 (Postgres prepared statement positional parameter 3202 casting). (Mike) 3203 3204- Session: 3205 . Fixed bug #65475 (Session ID is not initialized properly when strict session 3206 is enabled). (Yasuo) 3207 . Fixed bug #51127/#65359 Request #25630/#43980/#54383 (Added php_serialize 3208 session serialize handler that uses plain serialize()). (Yasuo) 3209 3210- Standard: 3211 . Fix issue with return types of password API helper functions. Found via 3212 static analysis by cjones. (Anthony Ferrara) 3213 3214- Zlib: 3215 . Fixed bug #65391 (Unable to send vary header user-agent when 3216 ob_start('ob_gzhandler') is called) (Mike) 3217 321822 Aug 2013, PHP 5.5.3 3219 3220- Openssl: 3221 . Fixed UMR in fix for CVE-2013-4248. 3222 322315 Aug 2013, PHP 5.5.2 3224 3225- Core: 3226 . Fixed bug #65372 (Segfault in gc_zval_possible_root when return reference 3227 fails). (Laruence) 3228 . Fixed value of FILTER_SANITIZE_FULL_SPECIAL_CHARS constant (previously was 3229 erroneously set to FILTER_SANITIZE_SPECIAL_CHARS value). (Andrey 3230 avp200681 gmail com). 3231 . Fixed bug #65304 (Use of max int in array_sum). (Laruence) 3232 . Fixed bug #65291 (get_defined_constants() causes PHP to crash in a very 3233 limited case). (Arpad) 3234 . Fixed bug #62691 (solaris sed has no -i switch). (Chris Jones) 3235 . Fixed bug #61345 (CGI mode - make install don't work). (Michael Heimpold) 3236 . Fixed bug #61268 (--enable-dtrace leads make to clobber 3237 Zend/zend_dtrace.d) (Chris Jones) 3238 3239- DOM: 3240 . Added flags option to DOMDocument::schemaValidate() and 3241 DOMDocument::schemaValidateSource(). Added LIBXML_SCHEMA_CREATE flag. 3242 (Chris Wright) 3243 3244- OPcache: 3245 . Added opcache.restrict_api configuration directive that may limit 3246 usage of OPcache API functions only to particular script(s). (Dmitry) 3247 . Added support for glob symbols in blacklist entries (?, *, **). 3248 (Terry Elison, Dmitry) 3249 . Fixed bug #65338 (Enabling both php_opcache and php_wincache AVs on 3250 shutdown). (Dmitry) 3251 3252- Openssl: 3253 . Fixed handling null bytes in subjectAltName (CVE-2013-4248). 3254 (Christian Heimes) 3255 3256- PDO_mysql: 3257 . Fixed bug #65299 (pdo mysql parsing errors). (Johannes) 3258 3259- Pgsql: 3260 . Fixed bug #62978 (Disallow possible SQL injections with pg_select()/pg_update() 3261 /pg_delete()/pg_insert()). (Yasuo) 3262 3263- Phar: 3264 . Fixed bug #65028 (Phar::buildFromDirectory creates corrupt archives for 3265 some specific contents). (Stas) 3266 3267- Sessions: 3268 . Implemented strict sessions RFC (https://wiki.php.net/rfc/strict_sessions) 3269 which protects against session fixation attacks and session collisions. 3270 (CVE-2011-4718). (Yasuo Ohgaki) 3271 . Fixed possible buffer overflow under Windows. Note: Not a security fix. 3272 (Yasuo) 3273 . Changed session.auto_start to PHP_INI_PERDIR. (Yasuo) 3274 3275- SOAP: 3276 . Fixed bug #65018 (SoapHeader problems with SoapServer). (Dmitry) 3277 3278- SPL: 3279 . Fixed bug #65328 (Segfault when getting SplStack object Value). (Laruence) 3280 . Added RecursiveTreeIterator setPostfix and getPostifx methods. (Joshua 3281 Thijssen) 3282 . Fixed bug #61697 (spl_autoload_functions returns lambda functions 3283 incorrectly). (Laruence) 3284 3285- Streams: 3286 . Fixed bug #65268 (select() implementation uses outdated tick API). (Anatol) 3287 3288- Pgsql: 3289 . Fixed bug #65336 (pg_escape_literal/identifier() scilently returns false). 3290 (Yasuo) 3291 329218 Jul 2013, PHP 5.5.1 3293 3294- Core: 3295 . Fixed bug #65254 (Exception not catchable when exception thrown in autoload 3296 with a namespace). (Laruence) 3297 . Fixed bug #65088 (Generated configure script is malformed on OpenBSD). 3298 (Adam) 3299 . Fixed bug #65108 (is_callable() triggers Fatal Error). 3300 (David Soria Parra, Laruence) 3301 . Fixed bug #65035 (yield / exit segfault). (Nikita) 3302 . Fixed bug #65161 (Generator + autoload + syntax error = segfault). (Nikita) 3303 . hex2bin() raises E_WARNING for invalid hex string. (Yasuo) 3304 . Fixed bug #65226 (chroot() does not get enabled). (Anatol) 3305 3306- OPcache 3307 . Fixed bug #64827 (Segfault in zval_mark_grey (zend_gc.c)). (Laruence) 3308 . OPcache must be compatible with LiteSpeed SAPI (Dmitry) 3309 3310- CGI: 3311 . Fixed Bug #65143 (Missing php-cgi man page). (Remi) 3312 3313- CLI server: 3314 . Fixed bug #65066 (Cli server not responsive when responding with 422 http 3315 status code). (Adam) 3316 3317- DateTime 3318 . Fixed fug #65184 (strftime() returns insufficient-length string under 3319 multibyte locales). (Anatol) 3320 3321- GD 3322 . Fixed #65070 (bgcolor does not use the same format as the input image with 3323 imagerotate). (Pierre) 3324 . Fixed Bug #65060 (imagecreatefrom... crashes with user streams). (Remi) 3325 . Fixed Bug #65084 (imagecreatefromjpeg fails with URL). (Remi) 3326 . Fix gdImageCreateFromWebpCtx and use same logic to load WebP image 3327 that other formats. (Remi) 3328 3329- Intl: 3330 . Add IntlCalendar::setMinimalDaysInFirstWeek()/ 3331 intlcal_set_minimal_days_in_first_week(). 3332 . Fixed trailing space in name of constant IntlCalendar::FIELD_FIELD_COUNT. 3333 . Fixed bug #62759 (Buggy grapheme_substr() on edge case). (Stas) 3334 . Fixed bug #61860 (Offsets may be wrong for grapheme_stri* functions). 3335 (Stas) 3336 3337- OCI8: 3338 . Bump PECL package info version check to allow PECL installs with PHP 5.5+ 3339 3340- PDO: 3341 . Allowed PDO_OCI to compile with Oracle Database 12c client libraries. 3342 (Chris Jones) 3343 3344- Pgsql 3345 . pg_unescape_bytea() raises E_WARNING for invalid inputs. (Yasuo) 3346 3347- Phar: 3348 . Fixed Bug #65142 (Missing phar man page). (Remi) 3349 3350- Session: 3351 . Added optional create_sid() argument to session_set_save_handler(), 3352 SessionHandler and new SessionIdInterface. (Leigh, Arpad) 3353 3354- Sockets: 3355 . Implemented FR #63472 (Setting SO_BINDTODEVICE with socket_set_option). 3356 (Damjan Cvetko) 3357 . Allowed specifying paths in the abstract namespace for the functions 3358 socket_bind(), socket_connect() and socket_sendmsg(). (Gustavo) 3359 . Fixed bug #65260 (sendmsg() ancillary data construction for SCM_RIGHTS is 3360 faulty). (Gustavo) 3361 3362- SPL: 3363 . Fixed bug #65136 (RecursiveDirectoryIterator segfault). (Laruence) 3364 . Fixed bug #61828 (Memleak when calling Directory(Recursive)Iterator 3365 /Spl(Temp)FileObject ctor twice). (Laruence) 3366 3367- CGI/FastCGI SAPI: 3368 . Added PHP_FCGI_BACKLOG, overrides the default listen backlog. (Arnaud Le 3369 Blanc) 3370 337120 Jun 2013, PHP 5.5.0 3372 3373- Core: 3374 . Added Zend Opcache extension and enable building it by default. 3375 More details here: https://wiki.php.net/rfc/optimizerplus. (Dmitry) 3376 . Added generators and coroutines (https://wiki.php.net/rfc/generators). 3377 (Nikita Popov) 3378 . Added "finally" keyword (https://wiki.php.net/rfc/finally). (Laruence) 3379 . Added simplified password hashing API 3380 (https://wiki.php.net/rfc/password_hash). (Anthony Ferrara) 3381 . Added support for constant array/string dereferencing. (Laruence) 3382 . Added array_column function which returns a column in a multidimensional 3383 array. https://wiki.php.net/rfc/array_column. (Ben Ramsey) 3384 . Added boolval(). (Jille Timmermans) 3385 . Added "Z" option to pack/unpack. (Gustavo) 3386 . Added Generator::throw() method. (Nikita Popov) 3387 . Added Class Name Resolution As Scalar Via "class" Keyword. 3388 (Ralph Schindler, Nikita Popov, Lars) 3389 . Added optional second argument for assert() to specify custom message. Patch 3390 by Lonny Kapelushnik (lonny@lonnylot.com). (Lars) 3391 . Added support for using empty() on the result of function calls and 3392 other expressions (https://wiki.php.net/rfc/empty_isset_exprs). 3393 (Nikita Popov) 3394 . Added support for non-scalar Iterator keys in foreach 3395 (https://wiki.php.net/rfc/foreach-non-scalar-keys). (Nikita Popov) 3396 . Added support for list in foreach (https://wiki.php.net/rfc/foreachlist). 3397 (Laruence) 3398 . Added support for changing the process's title in CLI/CLI-Server SAPIs. 3399 The implementation is more robust that the proctitle PECL module. More 3400 details here: https://wiki.php.net/rfc/cli_process_title. (Keyur) 3401 . Added ARMv7/v8 versions of various Zend arithmetic functions that are 3402 implemented using inline assembler (Ard Biesheuvel) 3403 . Added systemtap support by enabling systemtap compatible dtrace probes on 3404 linux. (David Soria Parra) 3405 . Optimized access to temporary and compiled VM variables. 8% less memory 3406 reads. (Dmitry) 3407 . The VM stacks for passing function arguments and syntaticaly nested calls 3408 were merged into a single stack. The stack size needed for op_array 3409 execution is calculated at compile time and preallocated at once. As result 3410 all the stack push operatins don't require checks for stack overflow 3411 any more. (Dmitry) 3412 . Improve set_exception_handler while doing reset. (Laruence) 3413 . Return previous handler when passing NULL to set_error_handler and 3414 set_exception_handler. (Nikita Popov) 3415 . Remove php_logo_guid(), php_egg_logo_guid(), php_real_logo_guid(), 3416 zend_logo_guid(). (Adnrew Faulds) 3417 . Drop Windows XP and 2003 support. (Pierre) 3418 . Implemented FR #64175 (Added HTTP codes as of RFC 6585). (Jonh Wendell) 3419 . Implemented FR #60738 (Allow 'set_error_handler' to handle NULL). 3420 (Laruence, Nikita Popov) 3421 . Implemented FR #60524 (specify temp dir by php.ini). (ALeX Kazik). 3422 . Implemented FR #46487 (Dereferencing process-handles no longer waits on 3423 those processes). (Jille Timmermans) 3424 . Fixed bug #65051 (count() off by one inside unset()). (Nikita) 3425 . Fixed bug #64988 (Class loading order affects E_STRICT warning). (Laruence) 3426 . Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC). (Laruence) 3427 . Fixed bug #64960 (Segfault in gc_zval_possible_root). (Laruence) 3428 . Fixed bug #64936 (doc comments picked up from previous scanner run). (Stas, 3429 Jonathan Oddy) 3430 . Fixed bug #64934 (Apache2 TS crash with get_browser()). (Anatol) 3431 . Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode, 3432 CVE 2013-2110). (Stas) 3433 . Fixed bug #64853 (Use of no longer available ini directives causes crash 3434 on TS build). (Anatol) 3435 . Fixed bug #64821 (Custom Exceptions crash when internal properties overridden). 3436 (Anatol) 3437 . Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry) 3438 . Fixed bug #64677 (execution operator `` stealing surrounding arguments). 3439 . Fixed bug #64660 (Segfault on memory exhaustion within function definition). 3440 (Stas, reported by Juha Kylmänen) 3441 . Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap: 3442 segfault). (Laruence) 3443 . Fixed bug #64565 (copy doesn't report failure on partial copy). (Remi) 3444 . Fixed bug #64555 (foreach no longer copies keys if they are interned). 3445 (Nikita Popov) 3446 . Fixed bugs #47675 and #64577 (fd leak on Solaris) 3447 . Fixed bug #64544 (Valgrind warnings after using putenv). (Laruence) 3448 . Fixed bug #64515 (Memoryleak when using the same variablename 2times in 3449 function declaration). (Laruence) 3450 . Fixed bug #64503 (Compilation fails with error: conflicting types for 3451 'zendparse'). (Laruence) 3452 . Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or 5.4.11). 3453 (Dmitry, Laruence) 3454 . Fixed bug #64523, allow XOR in php.ini. (Dejan Marjanovic, Lars) 3455 . Fixed bug #64354 (Unserialize array of objects whose class can't 3456 be autoloaded fail). (Laruence) 3457 . Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']). 3458 (Anatol) 3459 . Fixed bug #64166 (quoted-printable-encode stream filter incorrectly 3460 discarding whitespace). (Michael M Slusarz) 3461 (Laruence) 3462 . Fixed bug #64142 (dval to lval different behavior on ppc64). (Remi) 3463 . Fixed bug #64135 (Exceptions from set_error_handler are not always 3464 propagated). (Laruence) 3465 . Fixed bug #63980 (object members get trimmed by zero bytes). (Laruence) 3466 . Fixed bug #63874 (Segfault if php_strip_whitespace has heredoc). (Pierrick) 3467 . Fixed bug #63830 (Segfault on undefined function call in nested generator). 3468 (Nikita Popov) 3469 . Fixed bug #63822 (Crash when using closures with ArrayAccess). 3470 (Nikita Popov) 3471 . Fixed bug #61681 (Malformed grammar). (Nikita Popov, Etienne, Laruence) 3472 . Fixed bug #61038 (unpack("a5", "str\0\0") does not work as expected). 3473 (srgoogleguy, Gustavo) 3474 . Fixed bug #61025 (__invoke() visibility not honored). (Laruence) 3475 . Fixed bug #60833 (self, parent, static behave inconsistently 3476 case-sensitive). (Stas, mario at include-once dot org) 3477 . Fixed Bug #52126: timestamp for mail.log (Martin Jansen, Lars) 3478 . Fixed bug #49348 (Uninitialized ++$foo->bar; does not cause a notice). 3479 (Stas) 3480 . Fixed Bug #23955: allow specifying Max-Age attribute in setcookie() (narfbg, Lars) 3481 . Fixed bug #18556 (Engine uses locale rules to handle class names). (Stas) 3482 . Fix undefined behavior when converting double variables to integers. 3483 The double is now always rounded towards zero, the remainder of its division 3484 by 2^32 or 2^64 (depending on sizeof(long)) is calculated and it's made 3485 signed assuming a two's complement representation. (Gustavo) 3486 . Drop support for bison < 2.4 when building PHP from GIT source. 3487 (Laruence) 3488 3489- Apache2 Handler SAPI: 3490 . Enabled Apache 2.4 configure option for Windows (Pierre, Anatoliy) 3491 3492- Calendar: 3493 . Fixed bug #64895 (Integer overflow in SndToJewish). (Remi) 3494 . Fixed bug #54254 (cal_from_jd returns month = 6 when there is only one Adar) 3495 (Stas, Eitan Mosenkis) 3496 3497- CLI server: 3498 . Fixed bug #64128 (buit-in web server is broken on ppc64). (Remi) 3499 3500- CURL: 3501 . Remove curl stream wrappers. (Pierrick) 3502 . Implemented FR #46439 - added CURLFile for safer file uploads. 3503 (Stas) 3504 . Added support for CURLOPT_FTP_RESPONSE_TIMEOUT, CURLOPT_APPEND, 3505 CURLOPT_DIRLISTONLY, CURLOPT_NEW_DIRECTORY_PERMS, CURLOPT_NEW_FILE_PERMS, 3506 CURLOPT_NETRC_FILE, CURLOPT_PREQUOTE, CURLOPT_KRBLEVEL, CURLOPT_MAXFILESIZE, 3507 CURLOPT_FTP_ACCOUNT, CURLOPT_COOKIELIST, CURLOPT_IGNORE_CONTENT_LENGTH, 3508 CURLOPT_CONNECT_ONLY, CURLOPT_LOCALPORT, CURLOPT_LOCALPORTRANGE, 3509 CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_SSL_SESSIONID_CACHE, 3510 CURLOPT_FTP_SSL_CCC, CURLOPT_HTTP_CONTENT_DECODING, 3511 CURLOPT_HTTP_TRANSFER_DECODING, CURLOPT_PROXY_TRANSFER_MODE, 3512 CURLOPT_ADDRESS_SCOPE, CURLOPT_CRLFILE, CURLOPT_ISSUERCERT, 3513 CURLOPT_USERNAME, CURLOPT_PASSWORD, CURLOPT_PROXYUSERNAME, 3514 CURLOPT_PROXYPASSWORD, CURLOPT_NOPROXY, CURLOPT_SOCKS5_GSSAPI_NEC, 3515 CURLOPT_SOCKS5_GSSAPI_SERVICE, CURLOPT_TFTP_BLKSIZE, 3516 CURLOPT_SSH_KNOWNHOSTS, CURLOPT_FTP_USE_PRET, CURLOPT_MAIL_FROM, 3517 CURLOPT_MAIL_RCPT, CURLOPT_RTSP_CLIENT_CSEQ, CURLOPT_RTSP_SERVER_CSEQ, 3518 CURLOPT_RTSP_SESSION_ID, CURLOPT_RTSP_STREAM_URI, CURLOPT_RTSP_TRANSPORT, 3519 CURLOPT_RTSP_REQUEST, CURLOPT_RESOLVE, CURLOPT_ACCEPT_ENCODING, 3520 CURLOPT_TRANSFER_ENCODING, CURLOPT_DNS_SERVERS and CURLOPT_USE_SSL. 3521 (Pierrick) 3522 . Added new functions curl_escape, curl_multi_setopt, curl_multi_strerror 3523 curl_pause, curl_reset, curl_share_close, curl_share_init, 3524 curl_share_setopt curl_strerror and curl_unescape. (Pierrick) 3525 . Addes new curl options CURLOPT_TELNETOPTIONS, CURLOPT_GSSAPI_DELEGATION, 3526 CURLOPT_ACCEPTTIMEOUT_MS, CURLOPT_SSL_OPTIONS, CURLOPT_TCP_KEEPALIVE, 3527 CURLOPT_TCP_KEEPIDLE and CURLOPT_TCP_KEEPINTVL. (Pierrick) 3528 . Fixed bug #55635 (CURLOPT_BINARYTRANSFER no longer used. The constant 3529 still exists for backward compatibility but is doing nothing). (Pierrick) 3530 . Fixed bug #54995 (Missing CURLINFO_RESPONSE_CODE support). (Pierrick) 3531 3532- DateTime 3533 . Added DateTimeImmutable - a variant of DateTime that only returns the 3534 modified state instead of changing itself. (Derick) 3535 . Fixed bug #64825 (Invalid free when unserializing DateTimeZone). 3536 (Anatol) 3537 . Fixed bug #64359 (strftime crash with VS2012). (Anatol) 3538 . Fixed bug #62852 (Unserialize Invalid Date causes crash). (Anatol) 3539 . Fixed bug #61642 (modify("+5 weekdays") returns Sunday). 3540 (Dmitri Iouchtchenko) 3541 . Fixed bug #60774 (DateInterval::format("%a") is always zero when an 3542 interval is created using the createFromDateString method) (Lonny 3543 Kapelushnik, Derick) 3544 . Fixed bug #54567 (DateTimeZone serialize/unserialize) (Lonny 3545 Kapelushnik, Derick) 3546 . Fixed bug #53437 (Crash when using unserialized DatePeriod instance). 3547 (Gustavo, Derick, Anatol) 3548 3549- dba: 3550 . Bug #62489: dba_insert not working as expected. 3551 (marc-bennewitz at arcor dot de, Lars) 3552 3553- Filter: 3554 . Implemented FR #49180 - added MAC address validation. (Martin) 3555 3556- Fileinfo: 3557 . Upgraded libmagic to 5.14. (Anatol) 3558 . Fixed bug #64830 (mimetype detection segfaults on mp3 file). (Anatol) 3559 . Fixed bug #63590 (Different results in TS and NTS under Windows). 3560 (Anatoliy) 3561 . Fixed bug #63248 (Load multiple magic files from a directory under Windows). 3562 (Anatoliy) 3563 3564- FPM: 3565 . Add --with-fpm-systemd option to report health to systemd, and 3566 systemd_interval option to configure this. The service can now use 3567 Type=notify in the systemd unit file. (Remi) 3568 . Ignore QUERY_STRING when sent in SCRIPT_FILENAME. (Remi) 3569 . Log a warning when a syscall fails. (Remi) 3570 . Implemented FR #64764 (add support for FPM init.d script). (Lior Kaplan) 3571 . Fixed Bug #64915 (error_log ignored when daemonize=0). (Remi) 3572 . Fixed bug #63999 (php with fpm fails to build on Solaris 10 or 11). (Adam) 3573 . Fixed some possible memory or resource leaks and possible null dereference 3574 detected by code coverity scan. (Remi) 3575 3576- GD: 3577 . Fixed Bug #64962 (imagerotate produces corrupted image). (Remi) 3578 . Fixed Bug #64961 (segfault in imagesetinterpolation). (Remi) 3579 . Fix build with system libgd >= 2.1 which is now the minimal 3580 version required (as build with previous version is broken). 3581 No change when bundled libgd is used. (Ondrej Sury, Remi) 3582 3583- Hash: 3584 . Added support for PBKDF2 via hash_pbkdf2(). (Anthony Ferrara) 3585 . Fixed Bug #64745 (hash_pbkdf2() truncates data when using default length 3586 and hex output). (Anthony Ferrara) 3587 3588- Intl: 3589 . Added UConverter wrapper. 3590 . The intl extension now requires ICU 4.0+. 3591 . Added intl.use_exceptions INI directive, which controls what happens when 3592 global errors are set together with intl.error_level. (Gustavo) 3593 . MessageFormatter::format() and related functions now accepted named 3594 arguments and mixed numeric/named arguments in ICU 4.8+. (Gustavo) 3595 . MessageFormatter::format() and related functions now don't error out when 3596 an insufficient argument count is provided. Instead, the placeholders will 3597 remain unsubstituted. (Gustavo) 3598 . MessageFormatter::parse() and MessageFormat::format() (and their static 3599 equivalents) don't throw away better than second precision in the arguments. 3600 (Gustavo) 3601 . IntlDateFormatter::__construct and datefmt_create() now accept for the 3602 $timezone argument time zone identifiers, IntlTimeZone objects, DateTimeZone 3603 objects and NULL. (Gustavo) 3604 . IntlDateFormatter::__construct and datefmt_create() no longer accept invalid 3605 timezone identifiers or empty strings. (Gustavo) 3606 . The default time zone used in IntlDateFormatter::__construct and 3607 datefmt_create() (when the corresponding argument is not passed or NULL is 3608 passed) is now the one given by date_default_timezone_get(), not the 3609 default ICU time zone. (Gustavo) 3610 . The time zone passed to the IntlDateFormatter is ignored if it is NULL and 3611 if the calendar passed is an IntlCalendar object -- in this case, the 3612 IntlCalendar's time zone will be used instead. Otherwise, the time zone 3613 specified in the $timezone argument is used instead. This does not affect 3614 old code, as IntlCalendar was introduced in this version. (Gustavo) 3615 . IntlDateFormatter::__construct and datefmt_create() now accept for the 3616 $calendar argument also IntlCalendar objects. (Gustavo) 3617 . IntlDateFormatter::getCalendar() and datefmt_get_calendar() return false 3618 if the IntlDateFormatter was set up with an IntlCalendar instead of the 3619 constants IntlDateFormatter::GREGORIAN/TRADITIONAL. IntlCalendar did not 3620 exist before this version. (Gustavo) 3621 . IntlDateFormatter::setCalendar() and datefmt_set_calendar() now also accept 3622 an IntlCalendar object, in which case its time zone is taken. Passing a 3623 constant is still allowed, and still keeps the time zone. (Gustavo) 3624 . IntlDateFormatter::setTimeZoneID() and datefmt_set_timezone_id() are 3625 deprecated. Use IntlDateFormatter::setTimeZone() or datefmt_set_timezone() 3626 instead. (Gustavo) 3627 . IntlDateFormatter::format() and datefmt_format() now also accept an 3628 IntlCalendar object for formatting. (Gustavo) 3629 . Added the classes: IntlCalendar, IntlGregorianCalendar, IntlTimeZone, 3630 IntlBreakIterator, IntlRuleBasedBreakIterator and 3631 IntlCodePointBreakIterator. (Gustavo) 3632 . Added the functions: intlcal_get_keyword_values_for_locale(), 3633 intlcal_get_now(), intlcal_get_available_locales(), intlcal_get(), 3634 intlcal_get_time(), intlcal_set_time(), intlcal_add(), 3635 intlcal_set_time_zone(), intlcal_after(), intlcal_before(), intlcal_set(), 3636 intlcal_roll(), intlcal_clear(), intlcal_field_difference(), 3637 intlcal_get_actual_maximum(), intlcal_get_actual_minimum(), 3638 intlcal_get_day_of_week_type(), intlcal_get_first_day_of_week(), 3639 intlcal_get_greatest_minimum(), intlcal_get_least_maximum(), 3640 intlcal_get_locale(), intlcal_get_maximum(), 3641 intlcal_get_minimal_days_in_first_week(), intlcal_get_minimum(), 3642 intlcal_get_time_zone(), intlcal_get_type(), 3643 intlcal_get_weekend_transition(), intlcal_in_daylight_time(), 3644 intlcal_is_equivalent_to(), intlcal_is_lenient(), intlcal_is_set(), 3645 intlcal_is_weekend(), intlcal_set_first_day_of_week(), 3646 intlcal_set_lenient(), intlcal_equals(), 3647 intlcal_get_repeated_wall_time_option(), 3648 intlcal_get_skipped_wall_time_option(), 3649 intlcal_set_repeated_wall_time_option(), 3650 intlcal_set_skipped_wall_time_option(), intlcal_from_date_time(), 3651 intlcal_to_date_time(), intlcal_get_error_code(), 3652 intlcal_get_error_message(), intlgregcal_create_instance(), 3653 intlgregcal_set_gregorian_change(), intlgregcal_get_gregorian_change() and 3654 intlgregcal_is_leap_year(). (Gustavo) 3655 . Added the functions: intltz_create_time_zone(), intltz_create_default(), 3656 intltz_get_id(), intltz_get_gmt(), intltz_get_unknown(), 3657 intltz_create_enumeration(), intltz_count_equivalent_ids(), 3658 intltz_create_time_zone_id_enumeration(), intltz_get_canonical_id(), 3659 intltz_get_region(), intltz_get_tz_data_version(), 3660 intltz_get_equivalent_id(), intltz_use_daylight_time(), intltz_get_offset(), 3661 intltz_get_raw_offset(), intltz_has_same_rules(), intltz_get_display_name(), 3662 intltz_get_dst_savings(), intltz_from_date_time_zone(), 3663 intltz_to_date_time_zone(), intltz_get_error_code(), 3664 intltz_get_error_message(). (Gustavo) 3665 . Added the methods: IntlDateFormatter::formatObject(), 3666 IntlDateFormatter::getCalendarObject(), IntlDateFormatter::getTimeZone(), 3667 IntlDateFormatter::setTimeZone(). (Gustavo) 3668 . Added the functions: datefmt_format_object(), datefmt_get_calendar_object(), 3669 datefmt_get_timezone(), datefmt_set_timezone(), 3670 datefmt_get_calendar_object(), intlcal_create_instance(). (Gustavo) 3671 3672- mbstring: 3673 . Fixed bug #64769 (mbstring PHPTs crash on Windows x64). (Anatol) 3674 3675- MCrypt 3676 . mcrypt_ecb(), mcrypt_cbc(), mcrypt_cfb() and mcrypt_ofb() now throw 3677 E_DEPRECATED. (GoogleGuy) 3678 3679- mysql 3680 . This extension is now deprecated, and deprecation warnings will be generated 3681 when connections are established to databases via mysql_connect(), 3682 mysql_pconnect(), or through implicit connection: use MySQLi or PDO_MySQL 3683 instead (https://wiki.php.net/rfc/mysql_deprecation). (Adam) 3684 . Dropped support for LOAD DATA LOCAL INFILE handlers when using libmysql. 3685 Known for stability problems. (Andrey) 3686 . Added support for SHA256 authentication available with MySQL 5.6.6+. 3687 (Andrey) 3688 3689- mysqli: 3690 . Added mysqli_begin_transaction()/mysqli::begin_transaction(). Implemented 3691 all options, per MySQL 5.6, which can be used with START TRANSACTION, COMMIT 3692 and ROLLBACK through options to mysqli_commit()/mysqli_rollback() and their 3693 respective OO counterparts. They work in libmysql and mysqlnd mode. (Andrey) 3694 . Added mysqli_savepoint(), mysqli_release_savepoint(). (Andrey) 3695 . Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB 3696 pointer has closed). (Laruence) 3697 . Fixed bug #64394 (MYSQL_OPT_CAN_HANDLE_EXPIRED_PASSWORDS undeclared when 3698 using Connector/C). (Andrey) 3699 3700- mysqlnd 3701 . Add new begin_transaction() call to the connection object. Implemented all 3702 options, per MySQL 5.6, which can be used with START TRANSACTION, COMMIT 3703 and ROLLBACK. (Andrey) 3704 . Added mysqlnd_savepoint(), mysqlnd_release_savepoint(). (Andrey) 3705 . Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc 3706 for stmt->param_bind). (Andrey) 3707 . Fixed return value of mysqli_stmt_affected_rows() in the time after 3708 prepare() and before execute(). (Andrey) 3709 3710- PCRE: 3711 . Merged PCRE 8.32. (Anatol) 3712 . Deprecated the /e modifier 3713 (https://wiki.php.net/rfc/remove_preg_replace_eval_modifier). (Nikita Popov) 3714 . Fixed bug #63284 (Upgrade PCRE to 8.31). (Anatoliy) 3715 3716- PDO: 3717 . Fixed bug #63176 (Segmentation fault when instantiate 2 persistent PDO to 3718 the same db server). (Laruence) 3719 3720- PDO_DBlib: 3721 . Fixed bug #63638 (Cannot connect to SQL Server 2008 with PDO dblib). 3722 (Stanley Sufficool) 3723 . Fixed bug #64338 (pdo_dblib can't connect to Azure SQL). (Stanley 3724 Sufficool) 3725 . Fixed bug #64808 (FreeTDS PDO getColumnMeta on a prepared but not executed 3726 statement crashes). (Stanley Sufficool) 3727 3728- PDO_pgsql: 3729 . Fixed Bug #64949 (Buffer overflow in _pdo_pgsql_error). (Remi) 3730 3731- PDO_mysql: 3732 . Fixed bug #48724 (getColumnMeta() doesn't return native_type for BIT, 3733 TINYINT and YEAR). (Antony, Daniel Beardsley) 3734 3735- pgsql: 3736 . Added pg_escape_literal() and pg_escape_identifier() (Yasuo) 3737 . Bug #46408: Locale number format settings can cause pg_query_params to 3738 break with numerics. (asmecher, Lars) 3739 3740- Phar: 3741 . Fixed timestamp update on Phar contents modification. (Dmitry) 3742 3743- Readline: 3744 . Implement FR #55694 (Expose additional readline variable to prevent 3745 default filename completion). (Hartmel) 3746 3747- Reflection: 3748 . Fixed bug #64007 (There is an ability to create instance of Generator by 3749 hand). (Laruence) 3750 3751- Sockets: 3752 . Added recvmsg() and sendmsg() wrappers. (Gustavo) 3753 See https://wiki.php.net/rfc/sendrecvmsg 3754 . Fixed bug #64508 (Fails to build with --disable-ipv6). (Gustavo) 3755 . Fixed bug #64287 (sendmsg/recvmsg shutdown handler causes segfault). 3756 (Gustavo) 3757 3758- SPL: 3759 . Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on 3760 64-bits systems). (Laruence) 3761 . Fixed bug #64264 (SPLFixedArray toArray problem). (Laruence) 3762 . Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS). 3763 (patch by kriss@krizalys.com, Laruence) 3764 . Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended). 3765 (Nikita Popov) 3766 . Fix bug #60560 (SplFixedArray un-/serialize, getSize(), count() return 0, 3767 keys are strings). (Adam) 3768 . Fixed bug #52861 (unset fails with ArrayObject and deep arrays). 3769 (Mike Willbanks) 3770 . Implement FR #48358 (Add SplDoublyLinkedList::add() to insert an element 3771 at a given offset). (Mark Baker, David Soria Parra) 3772 3773- SNMP: 3774 . Fixed bug #64765 (Some IPv6 addresses get interpreted wrong). 3775 (Boris Lytochkin) 3776 . Fixed bug #64159 (Truncated snmpget). (Boris Lytochkin) 3777 . Fixed bug #64124 (IPv6 malformed). (Boris Lytochkin) 3778 . Fixed bug #61981 (OO API, walk: $suffix_as_key is not working correctly). 3779 (Boris Lytochkin) 3780 3781- SOAP: 3782 . Added SoapClient constructor option 'ssl_method' to specify ssl method. 3783 (Eric Iversen) 3784 3785- Streams: 3786 . Fixed bug #64770 (stream_select() fails with pipes returned by proc_open() 3787 on Windows x64). (Anatol) 3788 . Fixed Windows x64 version of stream_socket_pair() and improved error 3789 handling. (Anatol Belski) 3790 3791- Tokenizer: 3792 . Fixed bug #60097 (token_get_all fails to lex nested heredoc). (Nikita Popov) 3793 3794- Zip: 3795 . Upgraded libzip to 0.10.1 (Anatoliy) 3796 . Bug #64452 (Zip crash intermittently). (Anatol) 3797 . Fixed bug #64342 (ZipArchive::addFile() has to check for file existence). 3798 (Anatol) 3799 380006 Jun 2013, PHP 5.4.16 3801 3802- Core: 3803 . Fixed bug #64879 (Heap based buffer overflow in quoted_printable_encode, 3804 CVE 2013-2110). (Stas) 3805 . Fixed bug #64853 (Use of no longer available ini directives causes crash on 3806 TS build). (Anatol) 3807 . Fixed bug #64729 (compilation failure on x32). (Gustavo) 3808 . Fixed bug #64720 (SegFault on zend_deactivate). (Dmitry) 3809 . Fixed bug #64660 (Segfault on memory exhaustion within function definition). 3810 (Stas, reported by Juha Kylmänen) 3811 3812- Calendar: 3813 . Fixed bug #64895 (Integer overflow in SndToJewish). (Remi) 3814 3815- Fileinfo: 3816 . Fixed bug #64830 (mimetype detection segfaults on mp3 file). (Anatol) 3817 3818- FPM: 3819 . Ignore QUERY_STRING when sent in SCRIPT_FILENAME. (Remi) 3820 . Fixed some possible memory or resource leaks and possible null dereference 3821 detected by code coverity scan. (Remi) 3822 . Log a warning when a syscall fails. (Remi) 3823 . Add --with-fpm-systemd option to report health to systemd, and 3824 systemd_interval option to configure this. The service can now use 3825 Type=notify in the systemd unit file. (Remi) 3826 3827- MySQLi 3828 . Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB 3829 pointer has closed). (Laruence) 3830 3831- Phar 3832 . Fixed bug #64214 (PHAR PHPTs intermittently crash when run on DFS, SMB or 3833 with non std tmp dir). (Pierre) 3834 3835- SNMP: 3836 . Fixed bug #64765 (Some IPv6 addresses get interpreted wrong). 3837 (Boris Lytochkin) 3838 . Fixed bug #64159 (Truncated snmpget). (Boris Lytochkin) 3839 3840- Streams: 3841 . Fixed bug #64770 (stream_select() fails with pipes returned by proc_open() 3842 on Windows x64). (Anatol) 3843 3844- Zend Engine: 3845 . Fixed bug #64821 (Custom Exceptions crash when internal properties 3846 overridden). (Anatol) 3847 384809 May 2013, PHP 5.4.15 3849- Core: 3850 . Fixed bug #64578 (debug_backtrace in set_error_handler corrupts zend heap: 3851 segfault). (Laruence) 3852 . Fixed bug #64458 (dns_get_record result with string of length -1). (Stas) 3853 . Fixed bug #64433 (follow_location parameter of context is ignored for most 3854 response codes). (Sergey Akbarov) 3855 . Fixed bugs #47675 and #64577 (fd leak on Solaris) 3856 3857- Fileinfo: 3858 . Upgraded libmagic to 5.14. (Anatol) 3859 3860- MySQLi: 3861 . Fixed bug #64726 (Segfault when calling fetch_object on a use_result and DB 3862 pointer has closed). (Laruence) 3863 3864- Zip: 3865 . Fixed bug #64342 (ZipArchive::addFile() has to check for file existence). 3866 (Anatol) 3867 3868- Streams: 3869 . Fixed Windows x64 version of stream_socket_pair() and improved error 3870 handling. (Anatol Belski) 3871 . Fixed bug #64770 (stream_select() fails with pipes returned by proc_open() 3872 on Windows x64). (Anatol) 3873 387411 Apr 2013, PHP 5.4.14 3875 3876- Core: 3877 . Fixed bug #64529 (Ran out of opcode space). (Dmitry) 3878 . Fixed bug #64515 (Memoryleak when using the same variablename two times in 3879 function declaration). (Laruence) 3880 . Fixed bug #64432 (more empty delimiter warning in strX methods). (Laruence) 3881 . Fixed bug #64417 (ArrayAccess::&offsetGet() in a trait causes fatal error). 3882 (Dmitry) 3883 . Fixed bug #64370 (microtime(true) less than $_SERVER['REQUEST_TIME_FLOAT']). 3884 (Anatol) 3885 . Fixed bug #64239 (Debug backtrace changed behavior since 5.4.10 or 5.4.11). 3886 (Dmitry, Laruence) 3887 . Fixed bug #63976 (Parent class incorrectly using child constant in class 3888 property). (Dmitry) 3889 . Fixed bug #63914 (zend_do_fcall_common_helper_SPEC does not handle 3890 exceptions properly). (Jeff Welch) 3891 . Fixed bug #62343 (Show class_alias In get_declared_classes()) (Dmitry) 3892 3893- PCRE: 3894 . Merged PCRE 8.32. (Anatol) 3895 3896- SNMP: 3897 . Fixed bug #61981 (OO API, walk: $suffix_as_key is not working correctly). 3898 (Boris Lytochkin) 3899 3900- Zip: 3901 . Bug #64452 (Zip crash intermittently). (Anatol) 3902 390314 Mar 2013, PHP 5.4.13 3904 3905- Core: 3906 . Fixed bug #64354 (Unserialize array of objects whose class can't 3907 be autoloaded fail). (Laruence) 3908 . Fixed bug #64235 (Insteadof not work for class method in 5.4.11). 3909 (Laruence) 3910 . Fixed bug #64197 (_Offsetof() macro used but not defined on ARM/Clang). 3911 (Ard Biesheuvel) 3912 . Implemented FR #64175 (Added HTTP codes as of RFC 6585). (Jonh Wendell) 3913 . Fixed bug #64142 (dval to lval different behavior on ppc64). (Remi) 3914 . Fixed bug #64070 (Inheritance with Traits failed with error). (Dmitry) 3915 3916- CLI server: 3917 . Fixed bug #64128 (buit-in web server is broken on ppc64). (Remi) 3918 3919- Mbstring: 3920 . mb_split() can now handle empty matches like preg_split() does. (Moriyoshi) 3921 3922- mysqlnd 3923 . Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses wrong alloc 3924 for stmt->param_bind). (Andrey) 3925 3926- OpenSSL: 3927 . New SSL stream context option to prevent CRIME attack vector. (Daniel Lowrey, 3928 Lars) 3929 . Fixed bug #61930 (openssl corrupts ssl key resource when using 3930 openssl_get_publickey()). (Stas) 3931 3932- PDO_mysql: 3933 . Fixed bug #60840 (undefined symbol: mysqlnd_debug_std_no_trace_funcs). 3934 (Johannes) 3935 3936- Phar: 3937 . Fixed timestamp update on Phar contents modification. (Dmitry) 3938 3939- SOAP 3940 . Added check that soap.wsdl_cache_dir conforms to open_basedir 3941 (CVE-2013-1635). (Dmitry) 3942 . Disabled external entities loading (CVE-2013-1643, CVE-2013-1824). 3943 (Dmitry) 3944 3945- Phar: 3946 . Fixed timestamp update on Phar contents modification. (Dmitry) 3947 3948- SPL: 3949 . Fixed bug #64264 (SPLFixedArray toArray problem). (Laruence) 3950 . Fixed bug #64228 (RecursiveDirectoryIterator always assumes SKIP_DOTS). 3951 (patch by kriss@krizalys.com, Laruence) 3952 . Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended). 3953 (Nikita Popov) 3954 . Fixed bug #52861 (unset fails with ArrayObject and deep arrays). 3955 (Mike Willbanks) 3956 3957- SNMP: 3958 . Fixed bug #64124 (IPv6 malformed). (Boris Lytochkin) 3959 396021 Feb 2013, PHP 5.4.12 3961 3962- Core: 3963 . Fixed bug #64099 (Wrong TSRM usage in zend_Register_class alias). (Johannes) 3964 . Fixed bug #64011 (get_html_translation_table() output incomplete with 3965 HTML_ENTITIES and ISO-8859-1). (Gustavo) 3966 . Fixed bug #63982 (isset() inconsistently produces a fatal error on 3967 protected property). (Stas) 3968 . Fixed bug #63943 (Bad warning text from strpos() on empty needle). 3969 (Laruence) 3970 . Fixed bug #63899 (Use after scope error in zend_compile). (Laruence) 3971 . Fixed bug #63893 (Poor efficiency of strtr() using array with keys of very 3972 different length). (Gustavo) 3973 . Fixed bug #63882 (zend_std_compare_objects crash on recursion). (Dmitry) 3974 . Fixed bug #63462 (Magic methods called twice for unset protected 3975 properties). (Stas) 3976 . Fixed bug #62524 (fopen follows redirects for non-3xx statuses). 3977 (Wes Mason) 3978 . Support BITMAPV5HEADER in getimagesize(). (AsamK, Lars) 3979 3980- Date: 3981 . Fixed bug #63699 (Performance improvements for various ext/date functions). 3982 (Lars, original patch by njaguar at gmail dot com) 3983 . Fixed bug #55397: Comparsion of incomplete DateTime causes SIGSEGV. 3984 (Derick) 3985 3986- FPM: 3987 . Fixed bug #63999 (php with fpm fails to build on Solaris 10 or 11). (Adam) 3988 3989- Litespeed: 3990 . Fixed bug #63228 (-Werror=format-security error in lsapi code). 3991 (Elan Ruusamäe, George) 3992 3993- ext/sqlite3: 3994 . Fixed bug #63921 (sqlite3::bindvalue and relative PHP functions aren't 3995 using sqlite3_*_int64 API). (srgoogleguy, Lars) 3996 3997- PDO_OCI 3998 . Fixed bug #57702 (Multi-row BLOB fetches). (hswong3i, Laruence) 3999 . Fixed bug #52958 (Segfault in PDO_OCI on cleanup after running a long 4000 testsuite). (hswong3i, Lars) 4001 4002- PDO_sqlite: 4003 . Fixed bug #63916 (PDO::PARAM_INT casts to 32bit int internally even 4004 on 64bit builds in pdo_sqlite). (srgoogleguy, Lars) 4005 400617 Jan 2013, PHP 5.4.11 4007 4008- Core: 4009 . Fixed bug #63762 (Sigsegv when Exception::$trace is changed by user). 4010 (Johannes) 4011 . Fixed bug #43177 (Errors in eval()'ed code produce status code 500). 4012 (Todd Ruth, Stas). 4013 4014- Filter: 4015 . Fixed bug #63757 (getenv() produces memory leak with CGI SAPI). (Dmitry) 4016 . Fixed bug #54096 (FILTER_VALIDATE_INT does not accept +0 and -0). 4017 (martin at divbyzero dot net, Lars) 4018 4019- JSON: 4020 . Fixed bug #63737 (json_decode does not properly decode with options 4021 parameter). (Adam) 4022 4023- CLI server 4024 . Update list of common mime types. Added webm, ogv, ogg. (Lars, 4025 pascalc at gmail dot com) 4026 4027- cURL extension: 4028 . Fixed bug (segfault due to libcurl connection caching). (Pierrick) 4029 . Fixed bug #63859 (Memory leak when reusing curl-handle). (Pierrick) 4030 . Fixed bug #63795 (CURL >= 7.28.0 no longer support value 1 for 4031 CURLOPT_SSL_VERIFYHOST). (Pierrick) 4032 . Fixed bug #63352 (Can't enable hostname validation when using curl stream 4033 wrappers). (Pierrick) 4034 . Fixed bug #55438 (Curlwapper is not sending http header randomly). 4035 (phpnet@lostreality.org, Pierrick) 4036 403720 Dec 2012, PHP 5.4.10 4038 4039- Core: 4040 . Fixed bug #63726 (Memleak with static properties and internal/user 4041 classes). (Laruence) 4042 . Fixed bug #63635 (Segfault in gc_collect_cycles). (Dmitry) 4043 . Fixed bug #63512 (parse_ini_file() with INI_SCANNER_RAW removes quotes 4044 from value). (Pierrick) 4045 . Fixed bug #63468 (wrong called method as callback with inheritance). 4046 (Laruence) 4047 . Fixed bug #63451 (config.guess file does not have AIX 7 defined, 4048 shared objects are not created). (kemcline at au1 dot ibm dot com) 4049 . Fixed bug #61557 (Crasher in tt-rss backend.php). 4050 (i dot am dot jack dot mail at gmail dot com) 4051 . Fixed bug #61272 (ob_start callback gets passed empty string). 4052 (Mike, casper at langemeijer dot eu) 4053 4054- Date: 4055 . Fixed bug #63666 (Poor date() performance). (Paul Taulborg). 4056 . Fixed bug #63435 (Datetime::format('u') sometimes wrong by 1 microsecond). 4057 (Remi) 4058 4059- Imap: 4060 . Fixed bug #63126 (DISABLE_AUTHENTICATOR ignores array). (Remi) 4061 4062- Json: 4063 . Fixed bug #63588 (use php_next_utf8_char and remove duplicate 4064 implementation). (Remi) 4065 4066- MySQLi: 4067 . Fixed bug #63361 (missing header). (Remi) 4068 4069- MySQLnd: 4070 . Fixed bug #63398 (Segfault when polling closed link). (Laruence) 4071 4072- Fileinfo: 4073 . Fixed bug #63590 (Different results in TS and NTS under Windows). 4074 (Anatoliy) 4075 4076- FPM: 4077 . Fixed bug #63581 Possible null dereference and buffer overflow (Remi) 4078 4079- Pdo_sqlite: 4080 . Fixed Bug #63149 getColumnMeta should return the table name 4081 when system SQLite used. (Remi) 4082 4083- Apache2 Handler SAPI: 4084 . Enabled Apache 2.4 configure option for Windows (Pierre, Anatoliy) 4085 4086- Reflection: 4087 . Fixed Bug #63614 (Fatal error on Reflection). (Laruence) 4088 4089- SOAP 4090 . Fixed bug #63271 (SOAP wsdl cache is not enabled after initial requests). 4091 (John Jawed, Dmitry) 4092 4093- Sockets 4094 . Fixed bug #49341 (Add SO_REUSEPORT support for socket_set_option()). 4095 (Igor Wiedler, Lars) 4096 4097- SPL 4098 . Fixed bug #63680 (Memleak in splfixedarray with cycle reference). (Laruence) 4099 410022 Nov 2012, PHP 5.4.9 4101 4102- Core: 4103 . Fixed bug #63305 (zend_mm_heap corrupted with traits). (Dmitry, Laruence) 4104 . Fixed bug #63369 ((un)serialize() leaves dangling pointers, causes crashes). 4105 (Tony, Andrew Sitnikov) 4106 . Fixed bug #63241 (PHP fails to open Windows deduplicated files). 4107 (daniel dot stelter-gliese at innogames dot de) 4108 . Fixed bug #62444 (Handle leak in is_readable on windows). 4109 (krazyest at seznam dot cz) 4110 4111- Curl: 4112 . Fixed bug #63363 (Curl silently accepts boolean true for SSL_VERIFYHOST). 4113 Patch by John Jawed GitHub PR #221 (Anthony) 4114 4115- Fileinfo: 4116 . Fixed bug #63248 (Load multiple magic files from a directory under Windows). 4117 (Anatoliy) 4118 4119- Libxml 4120 . Fixed bug #63389 (Missing context check on libxml_set_streams_context() 4121 causes memleak). (Laruence) 4122 4123- Mbstring: 4124 . Fixed bug #63447 (max_input_vars doesn't filter variables when 4125 mbstring.encoding_translation = On). (Laruence) 4126 4127- OCI8: 4128 . Fixed bug #63265 (Add ORA-00028 to the PHP_OCI_HANDLE_ERROR macro) 4129 (Chris Jones) 4130 4131- PCRE: 4132 . Fixed bug #63180 (Corruption of hash tables). (Dmitry) 4133 . Fixed bug #63055 (Segfault in zend_gc with SF2 testsuite). 4134 (Dmitry, Laruence) 4135 . Fixed bug #63284 (Upgrade PCRE to 8.31). (Anatoliy) 4136 4137- PDO: 4138 . Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec). 4139 (Martin Osvald, Remi) 4140 4141- PDO_pgsql: 4142 . Fixed bug #62593 (Emulate prepares behave strangely with PARAM_BOOL). 4143 (Will Fitch) 4144 4145- Phar: 4146 . Fixed bug #63297 (Phar fails to write an openssl based signature). 4147 (Anatoliy) 4148 4149- Streams: 4150 . Fixed bug #63240 (stream_get_line() return contains delimiter string). 4151 (Tjerk, Gustavo) 4152 4153- Reflection: 4154 . Fixed bug #63399 (ReflectionClass::getTraitAliases() incorrectly resolves 4155 traitnames). (Laruence) 4156 415718 Oct 2012, PHP 5.4.8 4158 4159- CLI server: 4160 . Implemented FR #63242 (Default error page in PHP built-in web server uses 4161 outdated html/css). (pascal.chevrel@free.fr) 4162 . Changed response to unknown HTTP method to 501 according to RFC. 4163 (Niklas Lindgren). 4164 . Support HTTP PATCH method. Patch by Niklas Lindgren, GitHub PR #190. 4165 (Lars) 4166 4167- Core: 4168 . Fixed bug #63219 (Segfault when aliasing trait method when autoloader 4169 throws excpetion). (Laruence) 4170 . Added optional second argument for assert() to specify custom message. Patch 4171 by Lonny Kapelushnik (lonny@lonnylot.com). (Lars) 4172 . Support building PHP with the native client toolchain. (Stuart Langley) 4173 . Added --offline option for tests. (Remi) 4174 . Fixed bug #63162 (parse_url does not match password component). (husman) 4175 . Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry) 4176 . Fixed bug #63093 (Segfault while load extension failed in zts-build). 4177 (Laruence) 4178 . Fixed bug #62976 (Notice: could not be converted to int when comparing 4179 some builtin classes). (Laruence) 4180 . Fixed bug #62955 (Only one directive is loaded from "Per Directory Values" 4181 Windows registry). (aserbulov at parallels dot com) 4182 . Fixed bug #62907 (Double free when use traits). (Dmitry) 4183 . Fixed bug #61767 (Shutdown functions not called in certain error 4184 situation). (Dmitry) 4185 . Fixed bug #60909 (custom error handler throwing Exception + fatal error 4186 = no shutdown function). (Dmitry) 4187 . Fixed bug #60723 (error_log error time has changed to UTC ignoring default 4188 timezone). (Laruence) 4189 4190- cURL: 4191 . Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will 4192 cause cpu Soaring). (Pierrick) 4193 4194- Date: 4195 . Fixed bug #62896 ("DateTime->modify('+0 days')" modifies DateTime object) 4196 (Lonny Kapelushnik) 4197 . Fixed bug #62561 (DateTime add 'P1D' adds 25 hours). (Lonny Kapelushnik) 4198 4199- DOM: 4200 . Fixed bug #63015 (Incorrect arginfo for DOMErrorHandler). (Rob) 4201 4202- FPM: 4203 . Fixed bug #62954 (startup problems fpm / php-fpm). (fat) 4204 . Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat) 4205 . Fixed bug #63085 (Systemd integration and daemonize). (remi, fat) 4206 . Fixed bug #62947 (Unneccesary warnings on FPM). (fat) 4207 . Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat) 4208 . Fixed bug #62216 (Add PID to php-fpm init.d script). (fat) 4209 4210- OCI8: 4211 . Fixed bug #60901 (Improve "tail" syntax for AIX installation) (Chris Jones) 4212 4213- OpenSSL: 4214 . Implemented FR #61421 (OpenSSL signature verification missing RMD160, 4215 SHA224, SHA256, SHA384, SHA512). (Mark Jones) 4216 4217- PDO: 4218 . Fixed bug #63258 (seg fault with PDO and dblib using DBSETOPT(H->link, 4219 DBQUOTEDIDENT, 1)). (Laruence) 4220 . Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec). 4221 (Martin Osvald, Remi) 4222 4223- PDO Firebird: 4224 . Fixed bug #63214 (Large PDO Firebird Queries). 4225 (james at kenjim dot com) 4226 4227- SOAP 4228 . Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). 4229 (Dmitry) 4230 4231- SPL: 4232 . Bug #62987 (Assigning to ArrayObject[null][something] overrides all 4233 undefined variables). (Laruence) 4234 4235- mbstring: 4236 . Allow passing null as a default value to mb_substr() and mb_strcut(). Patch 4237 by Alexander Moskaliov via GitHub PR #133. (Lars) 4238 4239- Filter extension: 4240 . Bug #49510: Boolean validation fails with FILTER_NULL_ON_FAILURE with empty 4241 string or false. (Lars) 4242 4243- Sockets 4244 . Fixed bug #63000 (MCAST_JOIN_GROUP on OSX is broken, merge of PR 185 by 4245 Igor Wiedler). (Lars) 4246 424713 Sep 2012, PHP 5.4.7 4248 4249- Core: 4250 . Fixed bug (segfault while build with zts and GOTO vm-kind). (Laruence) 4251 . Fixed bug #62844 (parse_url() does not recognize //). (Andrew Faulds). 4252 . Fixed bug #62829 (stdint.h included on platform where HAVE_STDINT_H is not 4253 set). (Felipe) 4254 . Fixed bug #62763 (register_shutdown_function and extending class). 4255 (Laruence) 4256 . Fixed bug #62725 (Calling exit() in a shutdown function does not return 4257 the exit value). (Laruence) 4258 . Fixed bug #62744 (dangling pointers made by zend_disable_class). (Laruence) 4259 . Fixed bug #62716 (munmap() is called with the incorrect length). 4260 (slangley@google.com) 4261 . Fixed bug #62358 (Segfault when using traits a lot). (Laruence) 4262 . Fixed bug #62328 (implementing __toString and a cast to string fails) 4263 (Laruence) 4264 . Fixed bug #51363 (Fatal error raised by var_export() not caught by error 4265 handler). (Lonny Kapelushnik) 4266 . Fixed bug #40459 (Stat and Dir stream wrapper methods do not call 4267 constructor). (Stas) 4268 4269- CURL: 4270 . Fixed bug #62912 (CURLINFO_PRIMARY_* AND CURLINFO_LOCAL_* not exposed). 4271 (Pierrick) 4272 . Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE). (Pierrick) 4273 4274- Intl: 4275 . Fixed Spoofchecker not being registered on ICU 49.1. (Gustavo) 4276 . Fix bug #62933 (ext/intl compilation error on icu 3.4.1). (Gustavo) 4277 . Fix bug #62915 (defective cloning in several intl classes). (Gustavo) 4278 4279- Installation: 4280 . Fixed bug #62460 (php binaries installed as binary.dSYM). (Reeze Xia) 4281 4282- PCRE: 4283 . Fixed bug #55856 (preg_replace should fail on trailing garbage). 4284 (reg dot php at alf dot nu) 4285 4286- PDO: 4287 . Fixed bug #62685 (Wrong return datatype in PDO::inTransaction()). (Laruence) 4288 4289- Reflection: 4290 . Fixed bug #62892 (ReflectionClass::getTraitAliases crashes on importing 4291 trait methods as private). (Felipe) 4292 . Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong 4293 result). (Laruence) 4294 4295- Session: 4296 . Fixed bug (segfault due to retval is not initialized). (Laruence) 4297 . Fixed bug (segfault due to PS(mod_user_implemented) not be reseted 4298 when close handler call exit). (Laruence) 4299 4300- SOAP 4301 . Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice). 4302 (Dmitry) 4303 4304- SPL: 4305 . Fixed bug #62904 (Crash when cloning an object which inherits SplFixedArray) 4306 (Laruence) 4307 . Implemented FR #62840 (Add sort flag to ArrayObject::ksort). (Laruence) 4308 4309- Standard: 4310 . Fixed bug #62836 (Seg fault or broken object references on unserialize()). 4311 (Laruence) 4312 4313- FPM: 4314 . Merged PR 121 by minitux to add support for slow request counting on PHP 4315 FPM status page. (Lars) 4316 431716 Aug 2012, PHP 5.4.6 4318 4319- CLI Server: 4320 . Implemented FR #62700 (have the console output 'Listening on 4321 http://localhost:8000'). (pascal.chevrel@free.fr) 4322 4323- Core: 4324 . Fixed bug #62661 (Interactive php-cli crashes if include() is used in 4325 auto_prepend_file). (Laruence) 4326 . Fixed bug #62653: (unset($array[$float]) causes a crash). (Nikita Popov, 4327 Laruence) 4328 . Fixed bug #62565 (Crashes due non-initialized internal properties_table). 4329 (Felipe) 4330 . Fixed bug #60194 (--with-zend-multibyte and --enable-debug reports LEAK 4331 with run-test.php). (Laruence) 4332 4333- CURL: 4334 . Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, "") returns false). 4335 (r.hampartsumyan@gmail.com, Laruence) 4336 4337- DateTime: 4338 . Fixed Bug #62500 (Segfault in DateInterval class when extended). (Laruence) 4339 4340- Fileinfo: 4341 . Fixed bug #61964 (finfo_open with directory causes invalid free). 4342 (reeze.xia@gmail.com) 4343 4344- Intl: 4345 . Fixed bug #62564 (Extending MessageFormatter and adding property causes 4346 crash). (Felipe) 4347 4348- MySQLnd: 4349 . Fixed bug #62594 (segfault in mysqlnd_res_meta::set_mode). (Laruence) 4350 4351- readline: 4352 . Fixed bug #62612 (readline extension compilation fails with 4353 sapi/cli/cli.h: No such file). (Johannes) 4354 4355- Reflection: 4356 . Implemented FR #61602 (Allow access to name of constant used as default 4357 value). (reeze.xia@gmail.com) 4358 4359- SimpleXML: 4360 . Implemented FR #55218 Get namespaces from current node. (Lonny) 4361 4362- SPL: 4363 . Fixed bug #62616 (ArrayIterator::count() from IteratorIterator instance 4364 gives Segmentation fault). (Laruence, Gustavo) 4365 . Fixed bug #61527 (ArrayIterator gives misleading notice on next() when 4366 moved to the end). (reeze.xia@gmail.com) 4367 4368- Streams: 4369 . Fixed bug #62597 (segfault in php_stream_wrapper_log_error with ZTS build). 4370 (Laruence) 4371 4372- Zlib: 4373 . Fixed bug #55544 (ob_gzhandler always conflicts with 4374 zlib.output_compression). (Laruence) 4375 437619 Jul 2012, PHP 5.4.5 4377 4378- Core: 4379 . Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed 4380 Salt). (Anthony Ferrara) 4381 . Fixed bug #62432 (ReflectionMethod random corrupt memory on high 4382 concurrent). (Johannes) 4383 . Fixed bug #62373 (serialize() generates wrong reference to the object). 4384 (Moriyoshi) 4385 . Fixed bug #62357 (compile failure: (S) Arguments missing for built-in 4386 function __memcmp). (Laruence) 4387 . Fixed bug #61998 (Using traits with method aliases appears to result in 4388 crash during execution). (Dmitry) 4389 . Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that 4390 includes a semi-colon). (Pierrick) 4391 . Fixed potential overflow in _php_stream_scandir (CVE-2012-2688). 4392 (Jason Powell, Stas) 4393 4394- EXIF: 4395 . Fixed information leak in ext exif (discovered by Martin Noga, 4396 Matthew "j00ru" Jurczyk, Gynvael Coldwind) 4397 4398- FPM: 4399 . Fixed bug #62205 (php-fpm segfaults (null passed to strstr)). (fat) 4400 . Fixed bug #62160 (Add process.priority to set nice(2) priorities). (fat) 4401 . Fixed bug #62153 (when using unix sockets, multiples FPM instances 4402 . Fixed bug #62033 (php-fpm exits with status 0 on some failures to start). 4403 (fat) 4404 . Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm). (fat) 4405 . Fixed bug #61835 (php-fpm is not allowed to run as root). (fat) 4406 . Fixed bug #61295 (php-fpm should not fail with commented 'user' 4407 . Fixed bug #61218 (FPM drops connection while receiving some binary values 4408 in FastCGI requests). (fat) 4409 . Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat) 4410 for non-root start). (fat) 4411 . Fixed bug #61026 (FPM pools can listen on the same address). (fat) 4412 can be launched without errors). (fat) 4413 4414- Iconv: 4415 . Fix bug #55042 (Erealloc in iconv.c unsafe). (Stas) 4416 4417- Intl: 4418 . Fixed bug #62083 (grapheme_extract() memory leaks). (Gustavo) 4419 . ResourceBundle constructor now accepts NULL for the first two arguments. 4420 (Gustavo) 4421 . Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called 4422 twice). (Gustavo) 4423 . Fixed bug #62070 (Collator::getSortKey() returns garbage). (Gustavo) 4424 . Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks 4425 pattern). (Gustavo) 4426 . Fixed bug #60785 (memory leak in IntlDateFormatter constructor). (Gustavo) 4427 4428- JSON: 4429 . Fixed bug #61359 (json_encode() calls too many reallocs). (Stas) 4430 4431- libxml: 4432 . Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM 4433 SAPI). (Gustavo) 4434 4435- Phar: 4436 . Fixed bug #62227 (Invalid phar stream path causes crash). (Felipe) 4437 4438- Readline: 4439 . Fixed bug #62186 (readline fails to compile - void function should not 4440 return a value). (Johannes) 4441 4442- Reflection: 4443 . Fixed bug #62384 (Attempting to invoke a Closure more than once causes 4444 segfault). (Felipe) 4445 . Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks 4446 with constant). (Laruence) 4447 4448- Sockets: 4449 . Fixed bug #62025 (__ss_family was changed on AIX 5.3). (Felipe) 4450 4451- SPL: 4452 . Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to 4453 dot files). (Laruence) 4454 . Fixed bug #62262 (RecursiveArrayIterator does not implement Countable). 4455 (Nikita Popov) 4456 4457- XML Writer: 4458 . Fixed bug #62064 (memory leak in the XML Writer module). 4459 (jean-pierre dot lozi at lip6 dot fr) 4460 4461- Zip: 4462 . Upgraded libzip to 0.10.1 (Anatoliy) 4463 446414 Jun 2012, PHP 5.4.4 4465 4466- COM: 4467 . Fixed bug #62146 com_dotnet cannot be built shared. (Johannes) 4468 4469- CLI Server: 4470 . Implemented FR #61977 (Need CLI web-server support for files with .htm & 4471 svg extensions). (Sixd, Laruence) 4472 . Improved performance while sending error page, this also fixed 4473 bug #61785 (Memory leak when access a non-exists file without router). 4474 (Laruence) 4475 . Fixed bug #61546 (functions related to current script failed when chdir() 4476 in cli sapi). (Laruence, reeze.xia@gmail.com) 4477 4478- Core: 4479 . Fixed missing bound check in iptcparse(). (chris at chiappa.net) 4480 . Fixed CVE-2012-2143. (Solar Designer) 4481 . Fixed bug #62097 (fix for for bug #54547). (Gustavo) 4482 . Fixed bug #62005 (unexpected behavior when incrementally assigning to a 4483 member of a null object). (Laruence) 4484 . Fixed bug #61978 (Object recursion not detected for classes that implement 4485 JsonSerializable). (Felipe) 4486 . Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy) 4487 . Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config). 4488 (Laruence) 4489 . Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy) 4490 . Fixed bug #61782 (__clone/__destruct do not match other methods when checking 4491 access controls). (Stas) 4492 . Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo) 4493 . Fixed bug #61761 ('Overriding' a private static method with a different 4494 signature causes crash). (Laruence) 4495 . Fixed bug #61730 (Segfault from array_walk modifying an array passed by 4496 reference). (Laruence) 4497 . Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown 4498 phase). (Laruence) 4499 . Fixed bug #61713 (Logic error in charset detection for htmlentities). 4500 (Anatoliy) 4501 . Fixed bug #61660 (bin2hex(hex2bin($data)) != $data). (Nikita Popov) 4502 . Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables 4503 (without apache2)). (Laruence) 4504 . Fixed bug #61605 (header_remove() does not remove all headers). (Laruence) 4505 . Fixed bug #54547 (wrong equality of string numbers). (Gustavo) 4506 . Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename 4507 set to null). (Anatoliy) 4508 . Changed php://fd to be available only for CLI. 4509 4510- CURL: 4511 . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction). 4512 (Laruence) 4513 4514- Fileinfo 4515 . Fixed bug #61812 (Uninitialised value used in libmagic). 4516 (Laruence, Gustavo) 4517 . Fixed bug #61566 failure caused by the posix lseek and read versions 4518 under windows in cdf_read(). (Anatoliy) 4519 . Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a 4520 directory descriptor under windows. (Anatoliy) 4521 4522- Intl 4523 . Fixed bug #62082 (Memory corruption in internal function 4524 get_icu_disp_value_src_php()). (Gustavo) 4525 4526- Libxml: 4527 . Fixed bug #61617 (Libxml tests failed(ht is already destroyed)). 4528 (Laruence) 4529 4530- PDO: 4531 . Fixed bug #61755 (A parsing bug in the prepared statements can lead to 4532 access violations). (Johannes) 4533 4534- Phar: 4535 . Fixed bug #61065 (Secunia SA44335, CVE-2012-2386). (Rasmus) 4536 4537- Pgsql: 4538 . Added pg_escape_identifier/pg_escape_literal. (Yasuo Ohgaki) 4539 4540- Streams: 4541 . Fixed bug #61961 (file_get_contents leaks when access empty file with 4542 maxlen set). (Reeze) 4543 4544- Zlib: 4545 . Fixed bug #61820 (using ob_gzhandler will complain about headers already 4546 sent when no compression). (Mike) 4547 . Fixed bug #61443 (can't change zlib.output_compression on the fly). (Mike) 4548 . Fixed bug #60761 (zlib.output_compression fails on refresh). (Mike) 4549 455008 May 2012, PHP 5.4.3 4551 4552- CGI 4553 . Re-Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. 4554 (Stas) 4555 . Fix bug #61807 - Buffer Overflow in apache_request_headers. 4556 (nyt-php at countercultured dot net). 4557 455803 May 2012, PHP 5.4.2 4559 4560- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus) 4561 456226 Apr 2012, PHP 5.4.1 4563 4564- CLI Server: 4565 . Fixed bug #61461 (missing checks around malloc() calls). (Ilia) 4566 . Implemented FR #60850 (Built in web server does not set 4567 $_SERVER['SCRIPT_FILENAME'] when using router). (Laruence) 4568 . "Connection: close" instead of "Connection: closed" (Gustavo) 4569 4570- Core: 4571 . Fixed crash in ZTS using same class in many threads. (Johannes) 4572 . Fixed bug #61374 (html_entity_decode tries to decode code points that don't 4573 exist in ISO-8859-1). (Gustavo) 4574 . Fixed bug #61273 (call_user_func_array with more than 16333 arguments 4575 leaks / crashes). (Laruence) 4576 . Fixed bug #61225 (Incorrect lexing of 0b00*+<NUM>). (Pierrick) 4577 . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) 4578 . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita 4579 Popov) 4580 . Fixed bug #61087 (Memory leak in parse_ini_file when specifying 4581 invalid scanner mode). (Nikic, Laruence) 4582 . Fixed bug #61072 (Memory leak when restoring an exception handler). 4583 (Nikic, Laruence) 4584 . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX). 4585 (Laruence) 4586 . Fixed bug #61052 (Missing error check in trait 'insteadof' clause). (Stefan) 4587 . Fixed bug #61011 (Crash when an exception is thrown by __autoload 4588 accessing a static property). (Laruence) 4589 . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical 4590 vars). (Laruence) 4591 . Fixed bug #60978 (exit code incorrect). (Laruence) 4592 . Fixed bug #60911 (Confusing error message when extending traits). (Stefan) 4593 . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam) 4594 . Fixed bug #60717 (Order of traits in use statement can cause a fatal 4595 error). (Stefan) 4596 . Fixed bug #60573 (type hinting with "self" keyword causes weird errors). 4597 (Laruence) 4598 . Fixed bug #60569 (Nullbyte truncates Exception $message). (Ilia) 4599 . Fixed bug #52719 (array_walk_recursive crashes if third param of the 4600 function is by reference). (Nikita Popov) 4601 . Improve performance of set_exception_handler while doing reset (Laruence) 4602 4603- fileinfo: 4604 . Fix fileinfo test problems. (Anatoliy Belsky) 4605 4606- FPM 4607 . Fixed bug #61430 (Transposed memset() params in sapi/fpm/fpm/fpm_shm.c). 4608 (michaelhood at gmail dot com, Ilia) 4609 4610- Ibase 4611 . Fixed bug #60947 (Segmentation fault while executing ibase_db_info). 4612 (Ilia) 4613 4614- Installation 4615 . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones) 4616 4617- Intl: 4618 . Fixed bug #61487 (Incorrent bounds checking in grapheme_strpos). 4619 (Stas) 4620 4621- mbstring: 4622 . MFH mb_ereg_replace_callback() for security enhancements. (Rui) 4623 4624- mysqli 4625 . Fixed bug #61003 (mysql_stat() require a valid connection). (Johannes). 4626 4627- mysqlnd 4628 . Fixed bug #61704 (Crash apache, phpinfo() threading issue). (Johannes) 4629 . Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled). 4630 (Johannes) 4631 4632- PDO 4633 . Fixed bug #61292 (Segfault while calling a method on an overloaded PDO 4634 object). (Laruence) 4635 4636- PDO_mysql 4637 . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't 4638 always work). (Johannes) 4639 . Fixed bug #61194 (PDO should export compression flag with myslqnd). 4640 (Johannes) 4641 4642- PDO_odbc 4643 . Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO). (Ilia) 4644 4645- Phar 4646 . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL 4647 bytes). (Nikita Popov) 4648 4649- Readline: 4650 . Fixed bug #61088 (Memory leak in readline_callback_handler_install). 4651 (Nikic, Laruence) 4652 4653- Reflection: 4654 . Implemented FR #61602 (Allow access to the name of constant 4655 used as function/method parameter's default value). (reeze.xia@gmail.com) 4656 . Fixed bug #60968 (Late static binding doesn't work with 4657 ReflectionMethod::invokeArgs()). (Laruence) 4658 4659- Session 4660 . Fixed bug #60634 (Segmentation fault when trying to die() in 4661 SessionHandler::write()). (Ilia) 4662 4663- SOAP 4664 . Fixed bug #61423 (gzip compression fails). (Ilia) 4665 . Fixed bug #60887 (SoapClient ignores user_agent option and sends no 4666 User-Agent header). (carloschilazo at gmail dot com) 4667 . Fixed bug #60842, #51775 (Chunked response parsing error when 4668 chunksize length line is > 10 bytes). (Ilia) 4669 . Fixed bug #49853 (Soap Client stream context header option ignored). 4670 (Dmitry) 4671 4672- SPL: 4673 . Fixed bug #61453 (SplObjectStorage does not identify objects correctly). 4674 (Gustavo) 4675 . Fixed bug #61347 (inconsistent isset behavior of Arrayobject). (Laruence) 4676 4677- Standard: 4678 . Fixed memory leak in substr_replace. (Pierrick) 4679 . Make max_file_uploads ini directive settable outside of php.ini (Rasmus) 4680 . Fixed bug #61409 (Bad formatting on phpinfo()). (Jakub Vrana) 4681 . Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia) 4682 . Fixed bug #60106 (stream_socket_server silently truncates long unix socket 4683 paths). (Ilia) 4684 4685- XMLRPC: 4686 . Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary 4687 variable). (Nikita Popov) 4688 . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita 4689 Popov) 4690 4691- Zlib: 4692 . Fixed bug #61306 (initialization of global inappropriate for ZTS). (Gustavo) 4693 . Fixed bug #61287 (A particular string fails to decompress). (Mike) 4694 . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov) 4695 469601 Mar 2012, PHP 5.4.0 4697 4698- Installation: 4699 . autoconf 2.59+ is now supported (and required) for generating the 4700 configure script with ./buildconf. Autoconf 2.60+ is desirable 4701 otherwise the configure help order may be incorrect. (Rasmus, Chris Jones) 4702 4703- Removed legacy features: 4704 . break/continue $var syntax. (Dmitry) 4705 . Safe mode and all related php.ini options. (Kalle) 4706 . register_globals and register_long_arrays php.ini options. (Kalle) 4707 . import_request_variables(). (Kalle) 4708 . allow_call_time_pass_reference. (Pierrick) 4709 . define_syslog_variables php.ini option and its associated function. (Kalle) 4710 . highlight.bg php.ini option. (Kalle) 4711 . safe_mode, safe_mode_gid, safe_mode_include_dir, 4712 safe_mode_exec_dir, safe_mode_allowed_env_vars and 4713 safe_mode_protected_env_vars php.ini options. 4714 . zend.ze1_compatibility_mode php.ini option. 4715 . Session bug compatibility mode (session.bug_compat_42 and 4716 session.bug_compat_warn php.ini options). (Kalle) 4717 . session_is_registered(), session_register() and session_unregister() 4718 functions. (Kalle) 4719 . y2k_compliance php.ini option. (Kalle) 4720 . magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase 4721 php.ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept 4722 but always return false, set_magic_quotes_runtime raises an 4723 E_CORE_ERROR. (Pierrick, Pierre) 4724 . Removed support for putenv("TZ=..") for setting the timezone. (Derick) 4725 . Removed the timezone guessing algorithm in case the timezone isn't set with 4726 date.timezone or date_default_timezone_set(). Instead of a guessed 4727 timezone, "UTC" is now used instead. (Derick) 4728 4729- Moved extensions to PECL: 4730 . ext/sqlite. (Note: the ext/sqlite3 and ext/pdo_sqlite extensions are 4731 not affected) (Johannes) 4732 4733- General improvements: 4734 . Added short array syntax support ([1,2,3]), see UPGRADING guide for full 4735 details. (rsky0711 at gmail . com, sebastian.deutsch at 9elements . com, 4736 Pierre) 4737 . Added binary number format (0b001010). (Jonah dot Harris at gmail dot com) 4738 . Added support for Class::{expr}() syntax (Pierrick) 4739 . Added multibyte support by default. Previously PHP had to be compiled 4740 with --enable-zend-multibyte. Now it can be enabled or disabled through 4741 the zend.multibyte directive in php.ini. (Dmitry) 4742 . Removed compile time dependency from ext/mbstring (Dmitry) 4743 . Added support for Traits. (Stefan, with fixes by Dmitry and Laruence) 4744 . Added closure $this support back. (Stas) 4745 . Added array dereferencing support. (Felipe) 4746 . Added callable typehint. (Hannes) 4747 . Added indirect method call through array. FR #47160. (Felipe) 4748 . Added DTrace support. (David Soria Parra) 4749 . Added class member access on instantiation (e.g. (new foo)->bar()) support. 4750 (Felipe) 4751 . <?= is now always available regardless of the short_open_tag setting. (Rasmus) 4752 . Implemented Zend Signal Handling (configurable option --enable-zend-signals, 4753 off by default). (Lucas Nealan, Arnaud Le Blanc, Brian Shire, Ilia) 4754 . Improved output layer, see README.NEW-OUTPUT-API for internals. (Mike) 4755 . Improved UNIX build system to allow building multiple PHP binary SAPIs and 4756 one SAPI module the same time. FR #53271, FR #52419. (Jani) 4757 . Implemented closure rebinding as parameter to bindTo. (Gustavo Lopes) 4758 . Improved the warning message of incompatible arguments. (Laruence) 4759 . Improved ternary operator performance when returning arrays. (Arnaud, Dmitry) 4760 . Changed error handlers to only generate docref links when the docref_root 4761 php.ini setting is not empty. (Derick) 4762 . Changed silent conversion of array to string to produce a notice. (Patrick) 4763 . Changed default encoding from ISO-8859-1 to UTF-8 when not specified in 4764 htmlspecialchars and htmlentities. (Rasmus) 4765 . Changed casting of null/''/false into an Object when adding a property 4766 from E_STRICT into a warning. (Scott) 4767 . Changed E_ALL to include E_STRICT. (Stas) 4768 . Disabled Windows CRT warning by default, can be enabled again using the 4769 php.ini directive windows_show_crt_warnings. (Pierre) 4770 . Fixed bug #55378: Binary number literal returns float number though its 4771 value is small enough. (Derick) 4772 4773- Improved Zend Engine memory usage: (Dmitry) 4774 . Improved parse error messages. (Felipe) 4775 . Replaced zend_function.pass_rest_by_reference by 4776 ZEND_ACC_PASS_REST_BY_REFERENCE in zend_function.fn_flags. 4777 . Replaced zend_function.return_reference by ZEND_ACC_RETURN_REFERENCE 4778 in zend_function.fn_flags. 4779 . Removed zend_arg_info.required_num_args as it was only needed for internal 4780 functions. Now the first arg_info for internal functions (which has special 4781 meaning) is represented by the zend_internal_function_info structure. 4782 . Moved zend_op_array.size, size_var, size_literal, current_brk_cont, 4783 backpatch_count into CG(context) as they are used only during compilation. 4784 . Moved zend_op_array.start_op into EG(start_op) as it's used only for 4785 'interactive' execution of a single top-level op-array. 4786 . Replaced zend_op_array.done_pass_two by ZEND_ACC_DONE_PASS_TWO in 4787 zend_op_array.fn_flags. 4788 . op_array.vars array is trimmed (reallocated) during pass_two. 4789 . Replaced zend_class_entry.constants_updated by ZEND_ACC_CONSTANTS_UPDATED 4790 in zend_class_entry.ce_flags. 4791 . Reduced the size of zend_class_entry by sharing the same memory space 4792 by different information for internal and user classes. 4793 See zend_class_entry.info union. 4794 . Reduced size of temp_variable. 4795 4796- Improved Zend Engine - performance tweaks and optimizations: (Dmitry) 4797 . Inlined most probable code-paths for arithmetic operations directly into 4798 executor. 4799 . Eliminated unnecessary iterations during request startup/shutdown. 4800 . Changed $GLOBALS into a JIT autoglobal, so it's initialized only if used. 4801 (this may affect opcode caches!) 4802 . Improved performance of @ (silence) operator. 4803 . Simplified string offset reading. Given $str="abc" then $str[1][0] is now 4804 a legal construct. 4805 . Added caches to eliminate repeatable run-time bindings of functions, 4806 classes, constants, methods and properties. 4807 . Added concept of interned strings. All strings constants known at compile 4808 time are allocated in a single copy and never changed. 4809 . ZEND_RECV now always has IS_CV as its result. 4810 . ZEND_CATCH now has to be used only with constant class names. 4811 . ZEND_FETCH_DIM_? may fetch array and dimension operands in different order. 4812 . Simplified ZEND_FETCH_*_R operations. They can't be used with the 4813 EXT_TYPE_UNUSED flag any more. This is a very rare and useless case. 4814 ZEND_FREE might be required after them instead. 4815 . Split ZEND_RETURN into two new instructions ZEND_RETURN and 4816 ZEND_RETURN_BY_REF. 4817 . Optimized access to global constants using values with pre-calculated 4818 hash_values from the literals table. 4819 . Optimized access to static properties using executor specialization. 4820 A constant class name may be used as a direct operand of ZEND_FETCH_* 4821 instruction without previous ZEND_FETCH_CLASS. 4822 . zend_stack and zend_ptr_stack allocation is delayed until actual usage. 4823 4824- Other improvements to Zend Engine: 4825 . Added an optimization which saves memory and emalloc/efree calls for empty 4826 HashTables. (Stas, Dmitry) 4827 . Added ability to reset user opcode handlers (Yoram). 4828 . Changed the structure of op_array.opcodes. The constant values are moved from 4829 opcode operands into a separate literal table. (Dmitry) 4830 . Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods. 4831 (Dmitry) 4832 4833- Improved core functions: 4834 . Enforce an extended class' __construct arguments to match the 4835 abstract constructor in the base class. 4836 . Disallow reusing superglobal names as parameter names. 4837 . Added optional argument to debug_backtrace() and debug_print_backtrace() 4838 to limit the amount of stack frames returned. (Sebastian, Patrick) 4839 . Added hex2bin() function. (Scott) 4840 . number_format() no longer truncates multibyte decimal points and thousand 4841 separators to the first byte. FR #53457. (Adam) 4842 . Added support for object references in recursive serialize() calls. 4843 FR #36424. (Mike) 4844 . Added support for SORT_NATURAL and SORT_FLAG_CASE in array 4845 sort functions (sort, rsort, ksort, krsort, asort, arsort and 4846 array_multisort). FR#55158 (Arpad) 4847 . Added stream metadata API support and stream_metadata() stream class 4848 handler. (Stas) 4849 . User wrappers can now define a stream_truncate() method that responds 4850 to truncation, e.g. through ftruncate(). FR #53888. (Gustavo) 4851 . Improved unserialize() performance. 4852 (galaxy dot mipt at gmail dot com, Kalle) 4853 . Changed array_combine() to return empty array instead of FALSE when both 4854 parameter arrays are empty. FR #34857. (joel.perras@gmail.com) 4855 . Fixed bug #61095 (Incorect lexing of 0x00*+<NUM>). (Etienne) 4856 . Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with 4857 $double=false). (Gustavo) 4858 . Fixed bug #60895 (Possible invalid handler usage in windows random 4859 functions). (Pierre) 4860 . Fixed bug #60879 (unserialize() Does not invoke __wakeup() on object). 4861 (Pierre, Steve) 4862 . Fixed bug #60825 (Segfault when running symfony 2 tests). 4863 (Dmitry, Laruence) 4864 . Fixed bug #60627 (httpd.worker segfault on startup with php_value). 4865 . Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry) 4866 . Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence) 4867 (Laruence) 4868 . Fixed bug #60558 (Invalid read and writes). (Laruence) 4869 . Fixed bug #60444 (Segmentation fault with include & class extending). 4870 (Laruence, Dmitry). 4871 . Fixed bug #60362 (non-existent sub-sub keys should not have values). 4872 (Laruence, alan_k, Stas) 4873 . Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e). 4874 (php at mickweiss dot com) 4875 . Fixed bug #60321 (ob_get_status(true) no longer returns an array when 4876 buffer is empty). (Pierrick) 4877 . Fixed bug #60282 (Segfault when using ob_gzhandler() with open buffers). 4878 (Laruence) 4879 . Fixed bug #60240 (invalid read/writes when unserializing specially crafted 4880 strings). (Mike) 4881 . Fixed bug #60227 (header() cannot detect the multi-line header with 4882 CR(0x0D)). (rui) 4883 . Fixed bug #60174 (Notice when array in method prototype error). 4884 (Laruence) 4885 . Fixed bug #60169 (Conjunction of ternary and list crashes PHP). 4886 (Laruence) 4887 . Fixed bug #60038 (SIGALRM cause segfault in php_error_cb). (Laruence) 4888 (klightspeed at netspace dot net dot au) 4889 . Fixed bug #55871 (Interruption in substr_replace()). (Stas) 4890 . Fixed bug #55801 (Behavior of unserialize has changed). (Mike) 4891 . Fixed bug #55758 (Digest Authenticate missed in 5.4) . (Laruence) 4892 . Fixed bug #55748 (multiple NULL Pointer Dereference with zend_strndup()) 4893 (CVE-2011-4153). (Stas) 4894 . Fixed bug #55124 (recursive mkdir fails with current (dot) directory in path). 4895 (Pierre) 4896 . Fixed bug #55084 (Function registered by header_register_callback is 4897 called only once per process). (Hannes) 4898 . Implement FR #54514 (Get php binary path during script execution). 4899 (Laruence) 4900 . Fixed bug #52211 (iconv() returns part of string on error). (Felipe) 4901 . Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry) 4902 4903- Improved generic SAPI support: 4904 . Added $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision. 4905 (Patrick) 4906 . Added header_register_callback() which is invoked immediately 4907 prior to the sending of headers and after default headers have 4908 been added. (Scott) 4909 . Added http_response_code() function. FR #52555. (Paul Dragoonis, Kalle) 4910 . Fixed bug #55500 (Corrupted $_FILES indices lead to security concern). 4911 (CVE-2012-1172). (Stas) 4912 . Fixed bug #54374 (Insufficient validating of upload name leading to 4913 corrupted $_FILES indices). (CVE-2012-1172). (Stas, lekensteyn at gmail dot com) 4914 4915- Improved CLI SAPI: 4916 . Added built-in web server that is intended for testing purpose. 4917 (Moriyoshi, Laruence, and fixes by Pierre, Derick, Arpad, 4918 chobieee at gmail dot com) 4919 . Added command line option --rz <name> which shows information of the 4920 named Zend extension. (Johannes) 4921 . Interactive readline shell improvements: (Johannes) 4922 . Added "cli.pager" php.ini setting to set a pager for output. 4923 . Added "cli.prompt" php.ini setting to configure the shell prompt. 4924 . Added shortcut #inisetting=value to change php.ini settings at run-time. 4925 . Changed shell not to terminate on fatal errors. 4926 . Interactive shell works with shared readline extension. FR #53878. 4927 4928- Improved CGI/FastCGI SAPI: (Dmitry) 4929 . Added apache compatible functions: apache_child_terminate(), 4930 getallheaders(), apache_request_headers() and apache_response_headers() 4931 . Improved performance of FastCGI request parsing. 4932 . Fixed reinitialization of SAPI callbacks after php_module_startup(). 4933 (Dmitry) 4934 4935- Improved PHP-FPM SAPI: 4936 . Removed EXPERIMENTAL flag. (fat) 4937 . Fixed bug #60659 (FPM does not clear auth_user on request accept). 4938 (bonbons at linux-vserver dot org) 4939 4940- Improved Litespeed SAPI: 4941 . Fixed bug #55769 (Make Fails with "Missing Separator" error). (Adam) 4942 4943- Improved Date extension: 4944 . Added the + modifier to parseFromFormat to allow trailing text in the 4945 string to parse without throwing an error. (Stas, Derick) 4946 4947- Improved DBA extension: 4948 . Added Tokyo Cabinet abstract DB support. (Michael Maclean) 4949 . Added Berkeley DB 5 support. (Johannes, Chris Jones) 4950 4951- Improved DOM extension: 4952 . Added the ability to pass options to loadHTML (Chregu, fxmulder at gmail dot com) 4953 4954- Improved filesystem functions: 4955 . scandir() now accepts SCANDIR_SORT_NONE as a possible sorting_order value. 4956 FR #53407. (Adam) 4957 4958- Improved HASH extension: 4959 . Added Jenkins's one-at-a-time hash support. (Martin Jansen) 4960 . Added FNV-1 hash support. (Michael Maclean) 4961 . Made Adler32 algorithm faster. FR #53213. (zavasek at yandex dot ru) 4962 . Removed Salsa10/Salsa20, which are actually stream ciphers (Mike) 4963 . Fixed bug #60221 (Tiger hash output byte order) (Mike) 4964 4965- Improved intl extension: 4966 . Added Spoofchecker class, allows checking for visibly confusable characters and 4967 other security issues. (Scott) 4968 . Added Transliterator class, allowing transliteration of strings. 4969 (Gustavo) 4970 . Added support for UTS #46. (Gustavo) 4971 . Fixed build on Fedora 15 / Ubuntu 11. (Hannes) 4972 . Fixed bug #55562 (grapheme_substr() returns false on big length). (Stas) 4973 4974- Improved JSON extension: 4975 . Added new json_encode() option JSON_UNESCAPED_UNICODE. FR #53946. 4976 (Alexander, Gwynne) 4977 . Added JsonSerializable interface. (Sara) 4978 . Added JSON_BIGINT_AS_STRING, extended json_decode() sig with $options. 4979 (Sara) 4980 . Added support for JSON_NUMERIC_CHECK option in json_encode() that converts 4981 numeric strings to integers. (Ilia) 4982 . Added new json_encode() option JSON_UNESCAPED_SLASHES. FR #49366. (Adam) 4983 . Added new json_encode() option JSON_PRETTY_PRINT. FR #44331. (Adam) 4984 4985- Improved LDAP extension: 4986 . Added paged results support. FR #42060. (ando@OpenLDAP.org, 4987 iarenuno@eteo.mondragon.edu, jeanseb@au-fil-du.net, remy.saissy@gmail.com) 4988 4989- Improved mbstring extension: 4990 . Added Shift_JIS/UTF-8 Emoji (pictograms) support. (Rui) 4991 . Added JIS X0213:2004 (Shift_JIS-2004, EUC-JP-2004, ISO-2022-JP-2004) 4992 support. (Rui) 4993 . Ill-formed UTF-8 check for security enhancements. (Rui) 4994 . Added MacJapanese (Shift_JIS) and gb18030 encoding support. (Rui) 4995 . Added encode/decode in hex format to mb_[en|de]code_numericentity(). (Rui) 4996 . Added user JIS X0213:2004 (Shift_JIS-2004, EUC-JP-2004, ISO-2022-JP-2004) 4997 support. (Rui) 4998 . Added the user defined area for CP936 and CP950 (Rui). 4999 . Fixed bug #60306 (Characters lost while converting from cp936 to utf8). 5000 (Laruence) 5001 5002- Improved MySQL extensions: 5003 . MySQL: Deprecated mysql_list_dbs(). FR #50667. (Andrey) 5004 . mysqlnd: Added named pipes support. FR #48082. (Andrey) 5005 . MySQLi: Added iterator support in MySQLi. mysqli_result implements 5006 Traversable. (Andrey, Johannes) 5007 . PDO_mysql: Removed support for linking with MySQL client libraries older 5008 than 4.1. (Johannes) 5009 . ext/mysql, mysqli and pdo_mysql now use mysqlnd by default. (Johannes) 5010 . Fixed bug #55473 (mysql_pconnect leaks file descriptors on reconnect). 5011 (Andrey, Laruence) 5012 . Fixed bug #55653 (PS crash with libmysql when binding same variable as 5013 param and out). (Laruence) 5014 5015- Improved OpenSSL extension: 5016 . Added AES support. FR #48632. (yonas dot y at gmail dot com, Pierre) 5017 . Added no padding option to openssl_encrypt()/openssl_decrypt(). (Scott) 5018 . Use php's implementation for Windows Crypto API in 5019 openssl_random_pseudo_bytes. (Pierre) 5020 . On error in openssl_random_pseudo_bytes() made sure we set strong result 5021 to false. (Scott) 5022 . Fixed possible attack in SSL sockets with SSL 3.0 / TLS 1.0. 5023 CVE-2011-3389. (Scott) 5024 . Fixed bug #61124 (Crash when decoding an invalid base64 encoded string). 5025 (me at ktamura dot com, Scott) 5026 5027- Improved PDO: 5028 . Fixed PDO objects binary incompatibility. (Dmitry) 5029 5030- PDO DBlib driver: 5031 . Added nextRowset support. 5032 . Fixed bug #50755 (PDO DBLIB Fails with OOM). 5033 5034- Improved PostgreSQL extension: 5035 . Added support for "extra" parameter for PGNotify(). 5036 (r dot i dot k at free dot fr, Ilia) 5037 5038- Improved PCRE extension: 5039 . Changed third parameter of preg_match_all() to optional. FR #53238. (Adam) 5040 5041- Improved Readline extension: 5042 . Fixed bug #54450 (Enable callback support when built against libedit). 5043 (fedora at famillecollet dot com, Hannes) 5044 5045- Improved Reflection extension: 5046 . Added ReflectionClass::newInstanceWithoutConstructor() to create a new 5047 instance of a class without invoking its constructor. FR #55490. 5048 (Sebastian) 5049 . Added ReflectionExtension::isTemporary() and 5050 ReflectionExtension::isPersistent() methods. (Johannes) 5051 . Added ReflectionZendExtension class. (Johannes) 5052 . Added ReflectionClass::isCloneable(). (Felipe) 5053 5054- Improved Session extension: 5055 . Expose session status via new function, session_status (FR #52982) (Arpad) 5056 . Added support for object-oriented session handlers. (Arpad) 5057 . Added support for storing upload progress feedback in session data. (Arnaud) 5058 . Changed session.entropy_file to default to /dev/urandom or /dev/arandom if 5059 either is present at compile time. (Rasmus) 5060 . Fixed bug #60860 (session.save_handler=user without defined function core 5061 dumps). (Felipe) 5062 . Implement FR #60551 (session_set_save_handler should support a core's 5063 session handler interface). (Arpad) 5064 . Fixed bug #60640 (invalid return values). (Arpad) 5065 5066- Improved SNMP extension (Boris Lytochkin): 5067 . Added OO API. FR #53594 (php-snmp rewrite). 5068 . Sanitized return values of existing functions. Now it returns FALSE on 5069 failure. 5070 . Allow ~infinite OIDs in GET/GETNEXT/SET queries. Autochunk them to max_oids 5071 upon request. 5072 . Introducing unit tests for extension with ~full coverage. 5073 . IPv6 support. (FR #42918) 5074 . Way of representing OID value can now be changed when SNMP_VALUE_OBJECT 5075 is used for value output mode. Use or'ed SNMP_VALUE_LIBRARY(default if 5076 not specified) or SNMP_VALUE_PLAIN. (FR #54502) 5077 . Fixed bug #60749 (SNMP module should not strip non-standard SNMP port 5078 from hostname). (Boris Lytochkin) 5079 . Fixed bug #60585 (php build fails with USE flag snmp when IPv6 support 5080 is disabled). (Boris Lytochkin) 5081 . Fixed bug #53862 (snmp_set_oid_output_format does not allow returning to default) 5082 . Fixed bug #46065 (snmp_set_quick_print() persists between requests) 5083 . Fixed bug #45893 (Snmp buffer limited to 2048 char) 5084 . Fixed bug #44193 (snmp v3 noAuthNoPriv doesn't work) 5085 5086- Improved SOAP extension: 5087 . Added new SoapClient option "keep_alive". FR #60329. (Pierrick) 5088 . Fixed basic HTTP authentication for WSDL sub requests. (Dmitry) 5089 5090- Improved SPL extension: 5091 . Added RegexIterator::getRegex() method. (Joshua Thijssen) 5092 . Added SplObjectStorage::getHash() hook. (Etienne) 5093 . Added CallbackFilterIterator and RecursiveCallbackFilterIterator. (Arnaud) 5094 . Added missing class_uses(..) as pointed out by #55266 (Stefan) 5095 . Immediately reject wrong usages of directories under Spl(Temp)FileObject 5096 and friends. (Etienne, Pierre) 5097 . FilesystemIterator, GlobIterator and (Recursive)DirectoryIterator now use 5098 the default stream context. (Hannes) 5099 . Fixed bug #60201 (SplFileObject::setCsvControl does not expose third 5100 argument via Reflection). (Peter) 5101 . Fixed bug #55287 (spl_classes() not includes CallbackFilter classes) 5102 (sasezaki at gmail dot com, salathe) 5103 5104- Improved Sysvshm extension: 5105 . Fixed bug #55750 (memory copy issue in sysvshm extension). 5106 (Ilia, jeffhuang9999 at gmail dot com) 5107 5108- Improved Tidy extension: 5109 . Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference). 5110 (Maksymilian Arciemowicz, Felipe) 5111 5112- Improved Tokenizer extension: 5113 . Fixed bug #54089 (token_get_all with regards to __halt_compiler is 5114 not binary safe). (Nikita Popov) 5115 5116- Improved XSL extension: 5117 . Added XsltProcessor::setSecurityPrefs($options) and getSecurityPrefs() to 5118 define forbidden operations within XSLT stylesheets, default is not to 5119 enable write operations from XSLT. Bug #54446 (Chregu, Nicolas Gregoire) 5120 . XSL doesn't stop transformation anymore, if a PHP function can't be called 5121 (Christian) 5122 5123- Improved ZLIB extension: 5124 . Re-implemented non-file related functionality. (Mike) 5125 . Fixed bug #55544 (ob_gzhandler always conflicts with zlib.output_compression). 5126 (Mike) 5127 512814 Jun 2012, PHP 5.3.14 5129 5130- CLI SAPI: 5131 . Fixed bug #61546 (functions related to current script failed when chdir() 5132 in cli sapi). (Laruence, reeze.xia@gmail.com) 5133 5134- CURL: 5135 . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction). 5136 (Laruence) 5137 5138- COM: 5139 . Fixed bug #62146 com_dotnet cannot be built shared. (Johannes) 5140 5141- Core: 5142 . Fixed CVE-2012-2143. (Solar Designer) 5143 . Fixed missing bound check in iptcparse(). (chris at chiappa.net) 5144 . Fixed bug #62373 (serialize() generates wrong reference to the object). 5145 (Moriyoshi) 5146 . Fixed bug #62005 (unexpected behavior when incrementally assigning to a 5147 member of a null object). (Laruence) 5148 . Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy) 5149 . Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo) 5150 . Fixed bug #61730 (Segfault from array_walk modifying an array passed by 5151 reference). (Laruence) 5152 . Fixed bug #61713 (Logic error in charset detection for htmlentities). 5153 (Anatoliy) 5154 . Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename 5155 set to null). (Anatoliy) 5156 . Changed php://fd to be available only for CLI. 5157 5158- Fileinfo: 5159 . Fixed bug #61812 (Uninitialised value used in libmagic). 5160 (Laruence, Gustavo) 5161 5162- Iconv extension: 5163 . Fixed a bug that iconv extension fails to link to the correct library 5164 when another extension makes use of a library that links to the iconv 5165 library. See https://bugs.gentoo.org/show_bug.cgi?id=364139 for detail. 5166 (Moriyoshi) 5167 5168- Intl: 5169 . Fixed bug #62082 (Memory corruption in internal function 5170 get_icu_disp_value_src_php()). (Gustavo) 5171 5172- JSON 5173 . Fixed bug #61537 (json_encode() incorrectly truncates/discards 5174 information). (Adam) 5175 5176- PDO: 5177 . Fixed bug #61755 (A parsing bug in the prepared statements can lead to 5178 access violations). (Johannes) 5179 5180- Phar: 5181 . Fix bug #61065 (Secunia SA44335). (Rasmus) 5182 5183- Streams: 5184 . Fixed bug #61961 (file_get_contents leaks when access empty file with 5185 maxlen set). (Reeze) 5186 518708 May 2012, PHP 5.3.13 5188- CGI 5189 . Improve fix for PHP-CGI query string parameter vulnerability, CVE-2012-2311. 5190 (Stas) 5191 519203 May 2012, PHP 5.3.12 5193- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus) 5194 519526 Apr 2012, PHP 5.3.11 5196 5197- Core: 5198 . Fixed bug #61605 (header_remove() does not remove all headers). 5199 (Laruence) 5200 . Fixed bug #61541 (Segfault when using ob_* in output_callback). 5201 (reeze.xia@gmail.com) 5202 . Fixed bug #61273 (call_user_func_array with more than 16333 arguments 5203 leaks / crashes). (Laruence) 5204 . Fixed bug #61165 (Segfault - strip_tags()). (Laruence) 5205 . Improved max_input_vars directive to check nested variables (Dmitry). 5206 . Fixed bug #61095 (Incorect lexing of 0x00*+<NUM>). (Etienne) 5207 . Fixed bug #61087 (Memory leak in parse_ini_file when specifying 5208 invalid scanner mode). (Nikic, Laruence) 5209 . Fixed bug #61072 (Memory leak when restoring an exception handler). 5210 (Nikic, Laruence) 5211 . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX). 5212 (Laruence) 5213 . Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831). 5214 (Ondřej Surý) 5215 . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical 5216 vars). (Laruence) 5217 . Fixed bug #60895 (Possible invalid handler usage in windows random 5218 functions). (Pierre) 5219 . Fixed bug #60825 (Segfault when running symfony 2 tests). 5220 (Dmitry, Laruence) 5221 . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam) 5222 . Fixed bug #60569 (Nullbyte truncates Exception $message). (Ilia) 5223 . Fixed bug #60227 (header() cannot detect the multi-line header with CR). 5224 (rui, Gustavo) 5225 . Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia) 5226 . Fixed bug #54374 (Insufficient validating of upload name leading to 5227 corrupted $_FILES indices). (CVE-2012-1172). (Stas, lekensteyn at 5228 gmail dot com, Pierre) 5229 . Fixed bug #52719 (array_walk_recursive crashes if third param of the 5230 function is by reference). (Nikita Popov) 5231 . Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry) 5232 5233- DOM 5234 . Added debug info handler to DOM objects. (Gustavo, Joey Smith) 5235 5236- FPM 5237 . Fixed bug #61430 (Transposed memset() params in sapi/fpm/fpm/fpm_shm.c). 5238 (michaelhood at gmail dot com, Ilia) 5239 5240- Ibase 5241 . Fixed bug #60947 (Segmentation fault while executing ibase_db_info). 5242 (Ilia) 5243 5244- Installation 5245 . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones) 5246 5247- Fileinfo 5248 . Fixed bug #61173 (Unable to detect error from finfo constructor). (Gustavo) 5249 5250- Firebird Database extension (ibase): 5251 . Fixed bug #60802 (ibase_trans() gives segfault when passing params). 5252 5253- Libxml: 5254 . Fixed bug #61617 (Libxml tests failed(ht is already destroyed)). 5255 (Laruence) 5256 . Fixed bug #61367 (open_basedir bypass using libxml RSHUTDOWN). 5257 (Tim Starling) 5258 5259- mysqli 5260 . Fixed bug #61003 (mysql_stat() require a valid connection). (Johannes). 5261 5262- PDO_mysql 5263 . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't 5264 always work). (Johannes) 5265 . Fixed bug #61194 (PDO should export compression flag with myslqnd). 5266 (Johannes) 5267 5268- PDO_odbc 5269 . Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO). (Ilia) 5270 5271- PDO_pgsql 5272 . Fixed bug #61267 (pdo_pgsql's PDO::exec() returns the number of SELECTed 5273 rows on postgresql >= 9). (ben dot pineau at gmail dot com) 5274 5275- PDO_Sqlite extension: 5276 . Add createCollation support. (Damien) 5277 5278- Phar: 5279 . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL 5280 bytes). (Nikic) 5281 5282- PHP-FPM SAPI: 5283 . Fixed bug #60811 (php-fpm compilation problem). (rasmus) 5284 5285- Readline: 5286 . Fixed bug #61088 (Memory leak in readline_callback_handler_install). 5287 (Nikic, Laruence) 5288 . Add open_basedir checks to readline_write_history and readline_read_history. 5289 (Rasmus, reported by Mateusz Goik) 5290 5291- Reflection: 5292 . Fixed bug #61388 (ReflectionObject:getProperties() issues invalid reads 5293 when get_properties returns a hash table with (inaccessible) dynamic 5294 numeric properties). (Gustavo) 5295 . Fixed bug #60968 (Late static binding doesn't work with 5296 ReflectionMethod::invokeArgs()). (Laruence) 5297 5298- SOAP 5299 . Fixed basic HTTP authentication for WSDL sub requests. (Dmitry) 5300 . Fixed bug #60887 (SoapClient ignores user_agent option and sends no 5301 User-Agent header). (carloschilazo at gmail dot com) 5302 . Fixed bug #60842, #51775 (Chunked response parsing error when 5303 chunksize length line is > 10 bytes). (Ilia) 5304 . Fixed bug #49853 (Soap Client stream context header option ignored). 5305 (Dmitry) 5306 5307- SPL 5308 . Fixed memory leak when calling SplFileInfo's constructor twice. (Felipe) 5309 . Fixed bug #61418 (Segmentation fault when DirectoryIterator's or 5310 FilesystemIterator's iterators are requested more than once without 5311 having had its dtor callback called in between). (Gustavo) 5312 . Fixed bug #61347 (inconsistent isset behavior of Arrayobject). (Laruence) 5313 . Fixed bug #61326 (ArrayObject comparison). (Gustavo) 5314 5315- SQLite3 extension: 5316 . Add createCollation() method. (Brad Dewar) 5317 5318- Session: 5319 . Fixed bug #60860 (session.save_handler=user without defined function core 5320 dumps). (Felipe) 5321 . Fixed bug #60634 (Segmentation fault when trying to die() in 5322 SessionHandler::write()). (Ilia) 5323 5324- Streams: 5325 . Fixed bug #61371 (stream_context_create() causes memory leaks on use 5326 streams_socket_create). (Gustavo) 5327 . Fixed bug #61253 (Wrappers opened with errors concurrency problem on ZTS). 5328 (Gustavo) 5329 . Fixed bug #61115 (stream related segfault on fatal error in 5330 php_stream_context_link). (Gustavo) 5331 . Fixed bug #60817 (stream_get_line() reads from stream even when there is 5332 already sufficient data buffered). stream_get_line() now behaves more like 5333 fgets(), as is documented. (Gustavo) 5334 . Further fix for bug #60455 (stream_get_line misbehaves if EOF is not 5335 detected together with the last read). (Gustavo) 5336 . Fixed bug #60106 (stream_socket_server silently truncates long unix 5337 socket paths). (Ilia) 5338 5339- Tidy: 5340 . Fixed bug #54682 (tidy null pointer dereference). (Tony, David Soria Parra) 5341 5342- XMLRPC: 5343 . Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary 5344 variable). (Nikita Popov) 5345 . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikic) 5346 5347- Zlib: 5348 . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikic) 5349 535002 Feb 2012, PHP 5.3.10 5351 5352- Core: 5353 . Fixed arbitrary remote code execution vulnerability reported by Stefan 5354 Esser, CVE-2012-0830. (Stas, Dmitry) 5355 535610 Jan 2012, PHP 5.3.9 5357 5358- Core: 5359 . Added max_input_vars directive to prevent attacks based on hash collisions 5360 (CVE-2011-4885) (Dmitry). 5361 . Fixed bug #60205 (possible integer overflow in content_length). (Laruence) 5362 . Fixed bug #60139 (Anonymous functions create cycles not detected by the 5363 GC). (Dmitry) 5364 . Fixed bug #60138 (GC crash with referenced array in RecursiveArrayIterator) 5365 (Dmitry). 5366 . Fixed bug #60120 (proc_open's streams may hang with stdin/out/err when 5367 the data exceeds or is equal to 2048 bytes). (Pierre, Pascal Borreli) 5368 . Fixed bug #60099 (__halt_compiler() works in braced namespaces). (Felipe) 5369 . Fixed bug #60019 (Function time_nanosleep() is undefined on OS X). (Ilia) 5370 . Fixed bug #55874 (GCC does not provide __sync_fetch_and_add on some archs). 5371 (klightspeed at netspace dot net dot au) 5372 . Fixed bug #55798 (serialize followed by unserialize with numeric object 5373 prop. gives integer prop). (Gustavo) 5374 . Fixed bug #55749 (TOCTOU issue in getenv() on Windows builds). (Pierre) 5375 . Fixed bug #55707 (undefined reference to `__sync_fetch_and_add_4' on Linux 5376 parisc). (Felipe) 5377 . Fixed bug #55674 (fgetcsv & str_getcsv skip empty fields in some 5378 tab-separated records). (Laruence) 5379 . Fixed bug #55649 (Undefined function Bug()). (Laruence) 5380 . Fixed bug #55622 (memory corruption in parse_ini_string). (Pierre) 5381 . Fixed bug #55576 (Cannot conditionally move uploaded file without race 5382 condition). (Gustavo) 5383 . Fixed bug #55510: $_FILES 'name' missing first character after upload. 5384 (Arpad) 5385 . Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence) 5386 . Fixed bug #55504 (Content-Type header is not parsed correctly on 5387 HTTP POST request). (Hannes) 5388 . Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to 5389 is_a and is_subclass_of). (alan_k) 5390 . Fixed bug #52461 (Incomplete doctype and missing xmlns). 5391 (virsacer at web dot de, Pierre) 5392 . Fixed bug #55366 (keys lost when using substr_replace an array). (Arpad) 5393 . Fixed bug #55273 (base64_decode() with strict rejects whitespace after 5394 pad). (Ilia) 5395 . Fixed bug #52624 (tempnam() by-pass open_basedir with nonnexistent 5396 directory). (Felipe) 5397 . Fixed bug #50982 (incorrect assumption of PAGE_SIZE size). (Dmitry) 5398 . Fixed invalid free in call_user_method() function. (Felipe) 5399 . Fixed bug #43200 (Interface implementation / inheritence not possible in 5400 abstract classes). (Felipe) 5401 5402 5403- BCmath: 5404 . Fixed bug #60377 (bcscale related crashes on 64bits platforms). (shm) 5405 5406- Calendar: 5407 . Fixed bug #55797 (Integer overflow in SdnToGregorian leads to segfault (in 5408 optimized builds). (Gustavo) 5409 5410- cURL: 5411 . Fixed bug #60439 (curl_copy_handle segfault when used with 5412 CURLOPT_PROGRESSFUNCTION). (Pierrick) 5413 . Fixed bug #54798 (Segfault when CURLOPT_STDERR file pointer is closed 5414 before calling curl_exec). (Hannes) 5415 . Fixed issues were curl_copy_handle() would sometimes lose copied 5416 preferences. (Hannes) 5417 5418- DateTime: 5419 . Fixed bug #60373 (Startup errors with log_errors on cause segfault). 5420 (Derick) 5421 . Fixed bug #60236 (TLA timezone dates are not converted properly from 5422 timestamp). (Derick) 5423 . Fixed bug #55253 (DateTime::add() and sub() result -1 hour on objects with 5424 time zone type 2). (Derick) 5425 . Fixed bug #54851 (DateTime::createFromFormat() doesn't interpret "D"). 5426 (Derick) 5427 . Fixed bug #53502 (strtotime with timezone memory leak). (Derick) 5428 . Fixed bug #52062 (large timestamps with DateTime::getTimestamp and 5429 DateTime::setTimestamp). (Derick) 5430 . Fixed bug #51994 (date_parse_from_format is parsing invalid date using 'yz' 5431 format). (Derick) 5432 . Fixed bug #52113 (Seg fault while creating (by unserialization) 5433 DatePeriod). (Derick) 5434 . Fixed bug #48476 (cloning extended DateTime class without calling 5435 parent::__constr crashed PHP). (Hannes) 5436 5437- EXIF: 5438 . Fixed bug #60150 (Integer overflow during the parsing of invalid exif 5439 header). (CVE-2011-4566) (Stas, flolechaud at gmail dot com) 5440 5441- Fileinfo: 5442 . Fixed bug #60094 (C++ comment fails in c89). (Laruence) 5443 . Fixed possible memory leak in finfo_open(). (Felipe) 5444 . Fixed memory leak when calling the Finfo constructor twice. (Felipe) 5445 5446- Filter: 5447 . Fixed Bug #55478 (FILTER_VALIDATE_EMAIL fails with internationalized 5448 domain name addresses containing >1 -). (Ilia) 5449 5450- FTP: 5451 . Fixed bug #60183 (out of sync ftp responses). (bram at ebskamp dot me, 5452 rasmus) 5453 5454- Gd: 5455 . Fixed bug #60160 (imagefill() doesn't work correctly 5456 for small images). (Florian) 5457 . Fixed potential memory leak on a png error (Rasmus, Paul Saab) 5458 5459- Intl: 5460 . Fixed bug #60192 (SegFault when Collator not constructed 5461 properly). (Florian) 5462 . Fixed memory leak in several Intl locale functions. (Felipe) 5463 5464- Json: 5465 . Fixed bug #55543 (json_encode() with JSON_NUMERIC_CHECK fails on objects 5466 with numeric string properties). (Ilia, dchurch at sciencelogic dot com) 5467 5468- Mbstring: 5469 . Fixed possible crash in mb_ereg_search_init() using empty pattern. (Felipe) 5470 5471- MS SQL: 5472 . Fixed bug #60267 (Compile failure with freetds 0.91). (Felipe) 5473 5474- MySQL: 5475 . Fixed bug #55550 (mysql.trace_mode miscounts result sets). (Johannes) 5476 5477- MySQLi extension: 5478 . Fixed bug #55859 (mysqli->stat property access gives error). (Andrey) 5479 . Fixed bug #55582 (mysqli_num_rows() returns always 0 for unbuffered, when 5480 mysqlnd is used). (Andrey) 5481 . Fixed bug #55703 (PHP crash when calling mysqli_fetch_fields). 5482 (eran at zend dot com, Laruence) 5483 5484- mysqlnd 5485 . Fixed bug #55609 (mysqlnd cannot be built shared). (Johannes) 5486 . Fixed bug #55067 (MySQL doesn't support compression - wrong config option). 5487 (Andrey) 5488 5489- NSAPI SAPI: 5490 . Don't set $_SERVER['HTTPS'] on unsecure connection (bug #55403). (Uwe 5491 Schindler) 5492 5493- OpenSSL: 5494 . Fixed bug #60279 (Fixed NULL pointer dereference in 5495 stream_socket_enable_crypto, case when ssl_handle of session_stream is not 5496 initialized.) (shm) 5497 . Fix segfault with older versions of OpenSSL. (Scott) 5498 5499- Oracle Database extension (OCI8): 5500 . Fixed bug #59985 (show normal warning text for OCI_NO_DATA). 5501 (Chris Jones) 5502 . Increased maximum Oracle error message buffer length for new 11.2.0.3 size. 5503 (Chris Jones) 5504 . Improve internal initalization failure error messages. (Chris Jones) 5505 5506- PDO 5507 . Fixed bug #55776 (PDORow to session bug). (Johannes) 5508 5509- PDO Firebird: 5510 . Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO Firebird). 5511 (Mariuz) 5512 . Fixed bug #47415 (PDO_Firebird segfaults when passing lowercased column name to bindColumn). 5513 . Fixed bug #53280 (PDO_Firebird segfaults if query column count less than param count). 5514 (Mariuz) 5515 5516- PDO MySQL driver: 5517 . Fixed bug #60155 (pdo_mysql.default_socket ignored). (Johannes) 5518 . Fixed bug #55870 (PDO ignores all SSL parameters when used with mysql 5519 native driver). (Pierre) 5520 . Fixed bug #54158 (MYSQLND+PDO MySQL requires #define 5521 MYSQL_OPT_LOCAL_INFILE). (Andrey) 5522 5523- PDO OCI driver: 5524 . Fixed bug #55768 (PDO_OCI can't resume Oracle session after it's been 5525 killed). (mikhail dot v dot gavrilov at gmail dot com, Chris Jones, Tony) 5526 5527- Phar: 5528 . Fixed bug #60261 (NULL pointer dereference in phar). (Felipe) 5529 . Fixed bug #60164 (Stubs of a specific length break phar_open_from_fp 5530 scanning for __HALT_COMPILER). (Ralph Schindler) 5531 . Fixed bug #53872 (internal corruption of phar). (Hannes) 5532 . Fixed bug #52013 (Unable to decompress files in a compressed phar). (Hannes) 5533 5534- PHP-FPM SAPI: 5535 . Dropped restriction of not setting the same value multiple times, the last 5536 one holds. (giovanni at giacobbi dot net, fat) 5537 . Added .phar to default authorized extensions. (fat) 5538 . Fixed bug #60659 (FPM does not clear auth_user on request accept). 5539 (bonbons at linux-vserver dot org) 5540 . Fixed bug #60629 (memory corruption when web server closed the fcgi fd). 5541 (fat) 5542 . Enhance error log when the primary script can't be open. FR #60199. (fat) 5543 . Fixed bug #60179 (php_flag and php_value does not work properly). (fat) 5544 . Fixed bug #55577 (status.html does not install). (fat) 5545 . Fixed bug #55533 (The -d parameter doesn't work). (fat) 5546 . Fixed bug #55526 (Heartbeat causes a lot of unnecessary events). (fat) 5547 . Fixed bug #55486 (status show BIG processes number). (fat) 5548 . Enhanced security by limiting access to user defined extensions. 5549 FR #55181. (fat) 5550 . Added process.max to control the number of process FPM can fork. FR #55166. 5551 (fat) 5552 . Implemented FR #54577 (Enhanced status page with full status and details 5553 about each processes. Also provide a web page (status.html) for 5554 real-time FPM status. (fat) 5555 . Lowered default value for Process Manager. FR #54098. (fat) 5556 . Implemented FR #52569 (Add the "ondemand" process-manager 5557 to allow zero children). (fat) 5558 . Added partial syslog support (on error_log only). FR #52052. (fat) 5559 5560- Postgres: 5561 . Fixed bug #60244 (pg_fetch_* functions do not validate that row param 5562 is >0). (Ilia) 5563 . Added PGSQL_LIBPQ_VERSION/PGSQL_LIBPQ_VERSION_STR constants. (Yasuo) 5564 5565- Reflection: 5566 . Fixed bug #60367 (Reflection and Late Static Binding). (Laruence) 5567 5568- Session: 5569 . Fixed bug #55267 (session_regenerate_id fails after header sent). (Hannes) 5570 5571- SimpleXML: 5572 . Reverted the SimpleXML->query() behaviour to returning empty arrays 5573 instead of false when no nodes are found as it was since 5.3.3 5574 (bug #48601). (chregu, rrichards) 5575 5576- SOAP 5577 . Fixed bug #54911 (Access to a undefined member in inherit SoapClient may 5578 cause Segmentation Fault). (Dmitry) 5579 . Fixed bug #48216 (PHP Fatal error: SOAP-ERROR: Parsing WSDL: 5580 Extra content at the end of the doc, when server uses chunked transfer 5581 encoding with spaces after chunk size). (Dmitry) 5582 . Fixed bug #44686 (SOAP-ERROR: Parsing WSDL with references). (Dmitry) 5583 5584- Sockets: 5585 . Fixed bug #60048 (sa_len a #define on IRIX). (china at thewrittenword dot 5586 com) 5587 5588- SPL: 5589 . Fixed bug #60082 (Crash in ArrayObject() when using recursive references). 5590 (Tony) 5591 . Fixed bug #55807 (Wrong value for splFileObject::SKIP_EMPTY). 5592 (jgotti at modedemploi dot fr, Hannes) 5593 . Fixed bug #54304 (RegexIterator::accept() doesn't work with scalar values). 5594 (Hannes) 5595 5596- Streams: 5597 . Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together 5598 with the last read). (Gustavo) 5599 5600- Tidy: 5601 . Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference). 5602 (Maksymilian Arciemowicz, Felipe) 5603 5604- XSL: 5605 . Added xsl.security_prefs ini option to define forbidden operations within 5606 XSLT stylesheets, default is not to enable write operations. This option 5607 won't be in 5.4, since there's a new method. Fixes Bug #54446. (Chregu, 5608 Nicolas Gregoire) 5609 561023 Aug 2011, PHP 5.3.8 5611 5612- Core: 5613 . Fixed bug #55439 (crypt() returns only the salt for MD5). (Stas) 5614 5615- OpenSSL: 5616 . Reverted a change in timeout handling restoring PHP 5.3.6 behavior, 5617 as the new behavior caused mysqlnd SSL connections to hang (#55283). 5618 (Pierre, Andrey, Johannes) 5619 562018 Aug 2011, PHP 5.3.7 5621- Upgraded bundled SQLite to version 3.7.7.1. (Scott) 5622- Upgraded bundled PCRE to version 8.12. (Scott) 5623 5624- Zend Engine: 5625 . Fixed bug #55156 (ReflectionClass::getDocComment() returns comment even 5626 though the class has none). (Felipe) 5627 . Fixed bug #55007 (compiler fail after previous fail). (Felipe) 5628 . Fixed bug #54910 (Crash when calling call_user_func with unknown function 5629 name). (Dmitry) 5630 . Fixed bug #54804 (__halt_compiler and imported namespaces). 5631 (Pierrick, Felipe) 5632 . Fixed bug #54624 (class_alias and type hint). (Felipe) 5633 . Fixed bug #54585 (track_errors causes segfault). (Dmitry) 5634 . Fixed bug #54423 (classes from dl()'ed extensions are not destroyed). 5635 (Tony, Dmitry) 5636 . Fixed bug #54372 (Crash accessing global object itself returned from its 5637 __get() handle). (Dmitry) 5638 . Fixed bug #54367 (Use of closure causes problem in ArrayAccess). (Dmitry) 5639 . Fixed bug #54358 (Closure, use and reference). (Dmitry) 5640 . Fixed bug #54262 (Crash when assigning value to a dimension in a non-array). 5641 (Dmitry) 5642 . Fixed bug #54039 (use() of static variables in lambda functions can break 5643 staticness). (Dmitry) 5644 5645- Core 5646 . Updated crypt_blowfish to 1.2. ((CVE-2011-2483) (Solar Designer) 5647 . Removed warning when argument of is_a() or is_subclass_of() is not 5648 a known class. (Stas) 5649 . Fixed crash in error_log(). (Felipe) Reported by Mateusz Kocielski. 5650 . Added PHP_MANDIR constant telling where the manpages were installed into, 5651 and an --man-dir argument to php-config. (Hannes) 5652 . Fixed a crash inside dtor for error handling. (Ilia) 5653 . Fixed buffer overflow on overlog salt in crypt(). (Clément LECIGNE, Stas) 5654 . Implemented FR #54459 (Range function accuracy). (Adam) 5655 5656 . Fixed bug #55399 (parse_url() incorrectly treats ':' as a valid path). 5657 (Ilia) 5658 . Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off). 5659 (Dmitry) 5660 . Fixed bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow 5661 (Pierre) 5662 . Fixed bug #55258 (Windows Version Detecting Error). 5663 ( xiaomao5 at live dot com, Pierre) 5664 . Fixed bug #55187 (readlink returns weird characters when false result). 5665 (Pierre) 5666 . Fixed bug #55082 (var_export() doesn't escape properties properly). 5667 (Gustavo) 5668 . Fixed bug #55014 (Compile failure due to improper use of ctime_r()). (Ilia) 5669 . Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload 5670 filename). (Felipe) Reported by Krzysztof Kotowicz. (CVE-2011-2202) 5671 . Fixed bug #54935 php_win_err can lead to crash. (Pierre) 5672 . Fixed bug #54924 (assert.* is not being reset upon request shutdown). (Ilia) 5673 . Fixed bug #54895 (Fix compiling with older gcc version without need for 5674 membar_producer macro). (mhei at heimpold dot de) 5675 . Fixed bug #54866 (incorrect accounting for realpath_cache_size). 5676 (Dustin Ward) 5677 . Fixed bug #54723 (getimagesize() doesn't check the full ico signature). 5678 (Scott) 5679 . Fixed bug #54721 (Different Hashes on Windows, BSD and Linux on wrong Salt 5680 size). (Pierre, os at irj dot ru) 5681 . Fixed bug #54580 (get_browser() segmentation fault when browscap ini 5682 directive is set through php_admin_value). (Gustavo) 5683 . Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption). (Dmitry) 5684 . Fixed bug #54305 (Crash in gc_remove_zval_from_buffer). (Dmitry) 5685 . Fixed bug #54238 (use-after-free in substr_replace()). (Stas) 5686 (CVE-2011-1148) 5687 . Fixed bug #54204 (Can't set a value with a PATH section in php.ini). 5688 (Pierre) 5689 . Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment). 5690 (tomas dot brastavicius at quantum dot lt, Pierrick) 5691 . Fixed bug #54137 (file_get_contents POST request sends additional line 5692 break). (maurice-php at mertinkat dot net, Ilia) 5693 . Fixed bug #53848 (fgetcsv() ignores spaces at beginnings of fields). (Ilia) 5694 . Alternative fix for bug #52550, as applied to the round() function (signed 5695 overflow), as the old fix impacted the algorithm for numbers with magnitude 5696 smaller than 0. (Gustavo) 5697 . Fixed bug #53727 (Inconsistent behavior of is_subclass_of with interfaces) 5698 (Ralph Schindler, Dmitry) 5699 . Fixed bug #52935 (call exit in user_error_handler cause stream relate 5700 core). (Gustavo) 5701 . Fixed bug #51997 (SEEK_CUR with 0 value, returns a warning). (Ilia) 5702 . Fixed bug #50816 (Using class constants in array definition fails). 5703 (Pierrick, Dmitry) 5704 . Fixed bug #50363 (Invalid parsing in convert.quoted-printable-decode 5705 filter). (slusarz at curecanti dot org) 5706 . Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using 5707 TMPDIR on Windows). (Pierre) 5708 5709- Apache2 Handler SAPI: 5710 . Fixed bug #54529 (SAPI crashes on apache_config.c:197). 5711 (hebergement at riastudio dot fr) 5712 5713- CLI SAPI: 5714 . Fixed bug #52496 (Zero exit code on option parsing failure). (Ilia) 5715 5716- cURL extension: 5717 . Added ini option curl.cainfo (support for custom cert db). (Pierre) 5718 . Added CURLINFO_REDIRECT_URL support. (Daniel Stenberg, Pierre) 5719 . Added support for CURLOPT_MAX_RECV_SPEED_LARGE and 5720 CURLOPT_MAX_SEND_SPEED_LARGE. FR #51815. (Pierrick) 5721 5722- DateTime extension: 5723 . Fixed bug where the DateTime object got changed while using date_diff(). 5724 (Derick) 5725 . Fixed bug #54340 (DateTime::add() method bug). (Adam) 5726 . Fixed bug #54316 (DateTime::createFromFormat does not handle trailing '|' 5727 correctly). (Adam) 5728 . Fixed bug #54283 (new DatePeriod(NULL) causes crash). (Felipe) 5729 . Fixed bug #51819 (Case discrepancy in timezone names cause Uncaught 5730 exception and fatal error). (Hannes) 5731 5732- DBA extension: 5733 . Supress warning on non-existent file open with Berkeley DB 5.2. (Chris Jones) 5734 . Fixed bug #54242 (dba_insert returns true if key already exists). (Felipe) 5735 5736- Exif extesion: 5737 . Fixed bug #54121 (error message format string typo). (Ilia) 5738 5739- Fileinfo extension: 5740 . Fixed bug #54934 (Unresolved symbol strtoull in HP-UX 11.11). (Felipe) 5741 5742- Filter extension: 5743 . Added 3rd parameter to filter_var_array() and filter_input_array() 5744 functions that allows disabling addition of empty elements. (Ilia) 5745 . Fixed bug #53037 (FILTER_FLAG_EMPTY_STRING_NULL is not implemented). (Ilia) 5746 5747- Interbase extension: 5748 . Fixed bug #54269 (Short exception message buffer causes crash). (Felipe) 5749 5750- intl extension: 5751 . Implemented FR #54561 (Expose ICU version info). (David Zuelke, Ilia) 5752 . Implemented FR #54540 (Allow loading of arbitrary resource bundles when 5753 fallback is disabled). (David Zuelke, Stas) 5754 5755- Imap extension: 5756 . Fixed bug #55313 (Number of retries not set when params specified). 5757 (kevin at kevinlocke dot name) 5758 5759- json extension: 5760 . Fixed bug #54484 (Empty string in json_decode doesn't reset 5761 json_last_error()). (Ilia) 5762 5763- LDAP extension: 5764 . Fixed bug #53339 (Fails to build when compilng with gcc 4.5 and DSO 5765 libraries). (Clint Byrum, Raphael) 5766 5767- libxml extension: 5768 . Fixed bug #54601 (Removing the doctype node segfaults). (Hannes) 5769 . Fixed bug #54440 (libxml extension ignores default context). (Gustavo) 5770 5771- mbstring extension: 5772 . Fixed bug #54494 (mb_substr() mishandles UTF-32LE and UCS-2LE). (Gustavo) 5773 5774- MCrypt extension: 5775 . Change E_ERROR to E_WARNING in mcrypt_create_iv when not enough data 5776 has been fetched (Windows). (Pierre) 5777 . Fixed bug #55169 (mcrypt_create_iv always fails to gather sufficient random 5778 data on Windows). (Pierre) 5779 5780- mysqlnd 5781 . Fixed crash when using more than 28,000 bound parameters. Workaround is to 5782 set mysqlnd.net_cmd_buffer_size to at least 9000. (Andrey) 5783 . Fixed bug #54674 mysqlnd valid_sjis_(head|tail) is using invalid operator 5784 and range). (nihen at megabbs dot com, Andrey) 5785 5786- MySQLi extension: 5787 . Fixed bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi 5788 persistent connections). (Andrey) 5789 . Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries). 5790 (Andrey) 5791 5792- OpenSSL extension: 5793 . openssl_encrypt()/openssl_decrypt() truncated keys of variable length 5794 ciphers to the OpenSSL default for the algorithm. (Scott) 5795 . On blocking SSL sockets respect the timeout option where possible. 5796 (Scott) 5797 . Fixed bug #54992 (Stream not closed and error not returned when SSL 5798 CN_match fails). (Gustavo, laird_ngrps at dodo dot com dot au) 5799 5800- Oracle Database extension (OCI8): 5801 . Added oci_client_version() returning the runtime Oracle client library 5802 version. (Chris Jones) 5803 5804. PCRE extension: 5805 . Increased the backtrack limit from 100000 to 1000000 (Rasmus) 5806 5807- PDO extension: 5808 . Fixed bug #54929 (Parse error with single quote in sql comment). (Felipe) 5809 . Fixed bug #52104 (bindColumn creates Warning regardless of ATTR_ERRMODE 5810 settings). (Ilia) 5811 5812- PDO DBlib driver: 5813 . Fixed bug #54329 (MSSql extension memory leak). 5814 (dotslashpok at gmail dot com) 5815 . Fixed bug #54167 (PDO_DBLIB returns null on SQLUNIQUE field). 5816 (mjh at hodginsmedia dot com, Felipe) 5817 5818- PDO ODBC driver: 5819 . Fixed data type usage in 64bit. (leocsilva at gmail dot com) 5820 5821- PDO MySQL driver: 5822 . Fixed bug #54644 (wrong pathes in php_pdo_mysql_int.h). (Tony, Johannes) 5823 . Fixed bug #53782 (foreach throws irrelevant exception). (Johannes, Andrey) 5824 . Implemented FR #48587 (MySQL PDO driver doesn't support SSL connections). 5825 (Rob) 5826 5827- PDO PostgreSQL driver: 5828 . Fixed bug #54318 (Non-portable grep option used in PDO pgsql 5829 configuration). (bwalton at artsci dot utoronto dot ca) 5830 5831- PDO Oracle driver: 5832 . Fixed bug #44989 (64bit Oracle RPMs still not supported by pdo-oci). 5833 (jbnance at tresgeek dot net) 5834 5835- Phar extension: 5836 . Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters). 5837 (Felipe) 5838 5839- PHP-FPM SAPI: 5840 . Implemented FR #54499 (FPM ping and status_path should handle HEAD request). (fat) 5841 . Implemented FR #54172 (Overriding the pid file location of php-fpm). (fat) 5842 . Fixed missing Expires and Cache-Control headers for ping and status pages. 5843 (fat) 5844 . Fixed memory leak. (fat) Reported and fixed by Giovanni Giacobbi. 5845 . Fixed wrong value of log_level when invoking fpm with -tt. (fat) 5846 . Added xml format to the status page. (fat) 5847 . Removed timestamp in logs written by children processes. (fat) 5848 . Fixed exit at FPM startup on fpm_resources_prepare() errors. (fat) 5849 . Added master rlimit_files and rlimit_core in the global configuration 5850 settings. (fat) 5851 . Removed pid in debug logs written by chrildren processes. (fat) 5852 . Added custom access log (also added per request %CPU and memory 5853 mesurement). (fat) 5854 . Added a real scoreboard and several improvements to the status page. (fat) 5855 5856- Reflection extension: 5857 . Fixed bug #54347 (reflection_extension does not lowercase module function 5858 name). (Felipe, laruence at yahoo dot com dot cn) 5859 5860- SOAP extension: 5861 . Fixed bug #55323 (SoapClient segmentation fault when XSD_TYPEKIND_EXTENSION 5862 contains itself). (Dmitry) 5863 . Fixed bug #54312 (soap_version logic bug). (tom at samplonius dot org) 5864 5865- Sockets extension: 5866 . Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) 5867 Found by Mateusz Kocielski, Marek Kroemeke and Filip Palian. (Felipe) 5868 . Changed socket_set_block() and socket_set_nonblock() so they emit warnings 5869 on error. (Gustavo) 5870 . Fixed bug #51958 (socket_accept() fails on IPv6 server sockets). (Gustavo) 5871 5872- SPL extension: 5873 . Fixed bug #54971 (Wrong result when using iterator_to_array with use_keys 5874 on true). (Pierrick) 5875 . Fixed bug #54970 (SplFixedArray::setSize() isn't resizing). (Felipe) 5876 . Fixed bug #54609 (Certain implementation(s) of SplFixedArray cause hard 5877 crash). (Felipe) 5878 . Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and 5879 SplTempFileObject crash when user-space classes don't call the paren 5880 constructor). (Gustavo) 5881 . Fixed bug #54292 (Wrong parameter causes crash in 5882 SplFileObject::__construct()). (Felipe) 5883 . Fixed bug #54291 (Crash iterating DirectoryIterator for dir name starting 5884 with \0). (Gustavo) 5885 . Fixed bug #54281 (Crash in non-initialized RecursiveIteratorIterator). 5886 (Felipe) 5887 5888- Streams: 5889 . Fixed bug #54946 (stream_get_contents infinite loop). (Hannes) 5890 . Fixed bug #54623 (Segfault when writing to a persistent socket after 5891 closing a copy of the socket). (Gustavo) 5892 . Fixed bug #54681 (addGlob() crashes on invalid flags). (Felipe) 5893 5894 589517 Mar 2011, PHP 5.3.6 5896- Upgraded bundled Sqlite3 to version 3.7.4. (Ilia) 5897- Upgraded bundled PCRE to version 8.11. (Ilia) 5898 5899- Zend Engine: 5900 . Indirect reference to $this fails to resolve if direct $this is never used 5901 in method. (Scott) 5902 . Added options to debug backtrace functions. (Stas) 5903 . Fixed bug numerous crashes due to setlocale (crash on error, pcre, mysql 5904 etc.) on Windows in thread safe mode. (Pierre) 5905 . Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime 5906 error). (Dmitry) 5907 . Fixed Bug #53958 (Closures can't 'use' shared variables by value and by 5908 reference). (Dmitry) 5909 . Fixed Bug #53629 (memory leak inside highlight_string()). (Hannes, Ilia) 5910 . Fixed Bug #51458 (Lack of error context with nested exceptions). (Stas) 5911 . Fixed Bug #47143 (Throwing an exception in a destructor causes a fatal 5912 error). (Stas) 5913 . Fixed bug #43512 (same parameter name can be used multiple times in 5914 method/function definition). (Felipe) 5915 5916- Core: 5917 . Added ability to connect to HTTPS sites through proxy with basic 5918 authentication using stream_context/http/header/Proxy-Authorization (Dmitry) 5919 . Changed default value of ini directive serialize_precision from 100 to 17. 5920 (Gustavo) 5921 . Fixed bug #54055 (buffer overrun with high values for precision ini 5922 setting). (Gustavo) 5923 . Fixed bug #53959 (reflection data for fgetcsv out-of-date). (Richard) 5924 . Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a 5925 trailing forward slash). (lekensteyn at gmail dot com, Pierre) 5926 . Fixed bug #53682 (Fix compile on the VAX). (Rasmus, jklos) 5927 . Fixed bug #48484 (array_product() always returns 0 for an empty array). 5928 (Ilia) 5929 . Fixed bug #48607 (fwrite() doesn't check reply from ftp server before 5930 exiting). (Ilia) 5931 5932 5933- Calendar extension: 5934 . Fixed bug #53574 (Integer overflow in SdnToJulian, sometimes leading to 5935 segfault). (Gustavo) 5936 5937- DOM extension: 5938 . Implemented FR #39771 (Made DOMDocument::saveHTML accept an optional DOMNode 5939 like DOMDocument::saveXML). (Gustavo) 5940 5941- DateTime extension: 5942 . Fixed a bug in DateTime->modify() where absolute date/time statements had 5943 no effect. (Derick) 5944 . Fixed bug #53729 (DatePeriod fails to initialize recurrences on 64bit 5945 big-endian systems). (Derick, rein@basefarm.no) 5946 . Fixed bug #52808 (Segfault when specifying interval as two dates). (Stas) 5947 . Fixed bug #52738 (Can't use new properties in class extended from 5948 DateInterval). (Stas) 5949 . Fixed bug #52290 (setDate, setISODate, setTime works wrong when DateTime 5950 created from timestamp). (Stas) 5951 . Fixed bug #52063 (DateTime constructor's second argument doesn't have a 5952 null default value). (Gustavo, Stas) 5953 5954- Exif extension: 5955 . Fixed bug #54002 (crash on crafted tag, reported by Luca Carettoni). 5956 (Pierre) (CVE-2011-0708) 5957 5958- Filter extension: 5959 . Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number). 5960 (Ilia, Gustavo) 5961 . Fixed bug #53150 (FILTER_FLAG_NO_RES_RANGE is missing some IP ranges). 5962 (Ilia) 5963 . Fixed bug #52209 (INPUT_ENV returns NULL for set variables (CLI)). (Ilia) 5964 . Fixed bug #47435 (FILTER_FLAG_NO_RES_RANGE don't work with ipv6). 5965 (Ilia, valli at icsurselva dot ch) 5966 5967- Fileinfo extension: 5968 . Fixed bug #54016 (finfo_file() Cannot determine filetype in archives). 5969 (Hannes) 5970 5971- Gettext 5972 . Fixed bug #53837 (_() crashes on Windows when no LANG or LANGUAGE 5973 environment variable are set). (Pierre) 5974 5975- IMAP extension: 5976 . Implemented FR #53812 (get MIME headers of the part of the email). (Stas) 5977 . Fixed bug #53377 (imap_mime_header_decode() doesn't ignore \t during long 5978 MIME header unfolding). (Adam) 5979 5980- Intl extension: 5981 . Fixed bug #53612 (Segmentation fault when using cloned several intl 5982 objects). (Gustavo) 5983 . Fixed bug #53512 (NumberFormatter::setSymbol crash on bogus $attr values). 5984 (Felipe) 5985 . Implemented clone functionality for number, date & message formatters. 5986 (Stas). 5987 5988- JSON extension: 5989 . Fixed bug #53963 (Ensure error_code is always set during some failed 5990 decodings). (Scott) 5991 5992- mysqlnd 5993 . Fixed problem with always returning 0 as num_rows for unbuffered sets. 5994 (Andrey, Ulf) 5995 5996- MySQL Improved extension: 5997 . Added 'db' and 'catalog' keys to the field fetching functions (FR #39847). 5998 (Kalle) 5999 . Fixed buggy counting of affected rows when using the text protocol. The 6000 collected statistics were wrong when multi_query was used with mysqlnd 6001 (Andrey) 6002 . Fixed bug #53795 (Connect Error from MySqli (mysqlnd) when using SSL). 6003 (Kalle) 6004 . Fixed bug #53503 (mysqli::query returns false after successful LOAD DATA 6005 query). (Kalle, Andrey) 6006 . Fixed bug #53425 (mysqli_real_connect() ignores client flags when built to 6007 call libmysql). (Kalle, tre-php-net at crushedhat dot com) 6008 6009- OpenSSL extension: 6010 . Fixed stream_socket_enable_crypto() not honoring the socket timeout in 6011 server mode. (Gustavo) 6012 . Fixed bug #54060 (Memory leaks when openssl_encrypt). (Pierre) 6013 . Fixed bug #54061 (Memory leaks when openssl_decrypt). (Pierre) 6014 . Fixed bug #53592 (stream_socket_enable_crypto() busy-waits in client mode). 6015 (Gustavo) 6016 . Implemented FR #53447 (Cannot disable SessionTicket extension for servers 6017 that do not support it) by adding a no_ticket SSL context option. (Adam, 6018 Tony) 6019 6020- PDO MySQL driver: 6021 . Fixed bug #53551 (PDOStatement execute segfaults for pdo_mysql driver). 6022 (Johannes) 6023 . Implemented FR #47802 (Support for setting character sets in DSN strings). 6024 (Kalle) 6025 6026- PDO Oracle driver: 6027 . Fixed bug #39199 (Cannot load Lob data with more than 4000 bytes on 6028 ORACLE 10). (spatar at mail dot nnov dot ru) 6029 6030- PDO PostgreSQL driver: 6031 . Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down). 6032 (gyp at balabit dot hu) 6033 6034- Phar extension: 6035 . Fixed bug #54247 (format-string vulnerability on Phar). (Felipe) 6036 (CVE-2011-1153) 6037 . Fixed bug #53541 (format string bug in ext/phar). 6038 (crrodriguez at opensuse dot org, Ilia) 6039 . Fixed bug #53898 (PHAR reports invalid error message, when the directory 6040 does not exist). (Ilia) 6041 6042- PHP-FPM SAPI: 6043 . Enforce security in the fastcgi protocol parsing. 6044 (ef-lists at email dotde) 6045 . Fixed bug #53777 (php-fpm log format now match php_error log format). (fat) 6046 . Fixed bug #53527 (php-fpm --test doesn't set a valuable return value). (fat) 6047 . Fixed bug #53434 (php-fpm slowlog now also logs the original request). (fat) 6048 6049- Readline extension: 6050 . Fixed bug #53630 (Fixed parameter handling inside readline() function). 6051 (jo at feuersee dot de, Ilia) 6052 6053- Reflection extension: 6054 . Fixed bug #53915 (ReflectionClass::getConstant(s) emits fatal error on 6055 constants with self::). (Gustavo) 6056 6057- Shmop extension: 6058 . Fixed bug #54193 (Integer overflow in shmop_read()). (Felipe) 6059 Reported by Jose Carlos Norte <jose at eyeos dot org> (CVE-2011-1092) 6060 6061- SNMP extension: 6062 . Fixed bug #51336 (snmprealwalk (snmp v1) does not handle end of OID tree 6063 correctly). (Boris Lytochkin) 6064 6065- SOAP extension: 6066 . Fixed possible crash introduced by the NULL poisoning patch. 6067 (Mateusz Kocielski, Pierre) 6068 6069- SPL extension: 6070 . Fixed memory leak in DirectoryIterator::getExtension() and 6071 SplFileInfo::getExtension(). (Felipe) 6072 . Fixed bug #53914 (SPL assumes HAVE_GLOB is defined). (Chris Jones) 6073 . Fixed bug #53515 (property_exists incorrect on ArrayObject null and 0 6074 values). (Felipe) 6075 . Fixed bug #49608 (Using CachingIterator on DirectoryIterator instance 6076 segfaults). (Felipe) 6077 6078 . Added SplFileInfo::getExtension(). FR #48767. (Peter Cowburn) 6079 6080- SQLite3 extension: 6081 . Fixed memory leaked introduced by the NULL poisoning patch. 6082 (Mateusz Kocielski, Pierre) 6083 . Fixed memory leak on SQLite3Result and SQLite3Stmt when assigning to a 6084 reference. (Felipe) 6085 . Add SQlite3_Stmt::readonly() for checking if a statement is read only. 6086 (Scott) 6087 . Implemented FR #53466 (SQLite3Result::columnType() should return false after 6088 all of the rows have been fetched). (Scott) 6089 6090- Streams: 6091 . Fixed bug #54092 (Segmentation fault when using HTTP proxy with the FTP 6092 wrapper). (Gustavo) 6093 . Fixed bug #53913 (Streams functions assume HAVE_GLOB is defined). (Chris 6094 Jones) 6095 . Fixed bug #53903 (userspace stream stat callback does not separate the 6096 elements of the returned array before converting them). (Gustavo) 6097 . Implemented FR #26158 (open arbitrary file descriptor with fopen). (Gustavo) 6098 6099- Tokenizer Extension 6100 . Fixed bug #54089 (token_get_all() does not stop after __halt_compiler). 6101 (Nikita Popov, Ilia) 6102 6103- XSL extension: 6104 . Fixed memory leaked introduced by the NULL poisoning patch. 6105 (Mateusz Kocielski, Pierre) 6106 6107- Zip extension: 6108 . Added the filename into the return value of stream_get_meta_data(). (Hannes) 6109 . Fixed bug #53923 (Zip functions assume HAVE_GLOB is defined). (Adam) 6110 . Fixed bug #53893 (Wrong return value for ZipArchive::extractTo()). (Pierre) 6111 . Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). 6112 (Stas, Maksymilian Arciemowicz). (CVE-2011-0421) 6113 . Fixed bug #53854 (Missing constants for compression type). (Richard, Adam) 6114 . Fixed bug #53603 (ZipArchive should quiet stat errors). (brad dot froehle at 6115 gmail dot com, Gustavo) 6116 . Fixed bug #53579 (stream_get_contents() segfaults on ziparchive streams). 6117 (Hannes) 6118 . Fixed bug #53568 (swapped memset arguments in struct initialization). 6119 (crrodriguez at opensuse dot org) 6120 . Fixed bug #53166 (Missing parameters in docs and reflection definition). 6121 (Richard) 6122 . Fixed bug #49072 (feof never returns true for damaged file in zip). 6123 (Gustavo, Richard Quadling) 6124 612506 Jan 2011, PHP 5.3.5 6126- Fixed Bug #53632 (infinite loop with x87 fpu). (CVE-2010-4645) (Scott, 6127 Rasmus) 6128 612909 Dec 2010, PHP 5.3.4 6130- Upgraded bundled Sqlite3 to version 3.7.3. (Ilia) 6131- Upgraded bundled PCRE to version 8.10. (Ilia) 6132 6133- Security enhancements: 6134 . Fixed crash in zip extract method (possible CWE-170). 6135 (Maksymilian Arciemowicz, Pierre) 6136 . Paths with NULL in them (foo\0bar.txt) are now considered as invalid. 6137 (Rasmus) 6138 . Fixed a possible double free in imap extension (Identified by Mateusz 6139 Kocielski). (CVE-2010-4150). (Ilia) 6140 . Fixed NULL pointer dereference in ZipArchive::getArchiveComment. 6141 (CVE-2010-3709). (Maksymilian Arciemowicz) 6142 . Fixed possible flaw in open_basedir (CVE-2010-3436). (Pierre) 6143 . Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950). (Pierre) 6144 . Fixed symbolic resolution support when the target is a DFS share. (Pierre) 6145 . Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with 6146 large amount of data) (CVE-2010-3710). (Adam) 6147 6148- General improvements: 6149 . Added stat support for zip stream. (Pierre) 6150 . Added follow_location (enabled by default) option for the http stream 6151 support. (Pierre) 6152 . Improved support for is_link and related functions on Windows. (Pierre) 6153 . Added a 3rd parameter to get_html_translation_table. It now takes a charset 6154 hint, like htmlentities et al. (Gustavo) 6155 6156- Implemented feature requests: 6157 . Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect 6158 zend multibyte at runtime. (Kalle) 6159 . Implemented FR #52173, added functions pcntl_get_last_error() and 6160 pcntl_strerror(). (nick dot telford at gmail dot com, Arnaud) 6161 . Implemented symbolic links support for open_basedir checks. (Pierre) 6162 . Implemented FR #51804, SplFileInfo::getLinkTarget on Windows. (Pierre) 6163 . Implemented FR #50692, not uploaded files don't count towards 6164 max_file_uploads limit. As a side improvement, temporary files are not 6165 opened for empty uploads and, in debug mode, 0-length uploads. (Gustavo) 6166 6167- Improved MySQLnd: 6168 . Added new character sets to mysqlnd, which are available in MySQL 5.5 6169 (Andrey) 6170 6171- Improved PHP-FPM SAPI: 6172 . Added '-p/--prefix' to php-fpm to use a custom prefix and run multiple 6173 instances. (fat) 6174 . Added custom process title for FPM. (fat) 6175 . Added '-t/--test' to php-fpm to check and validate FPM conf file. (fat) 6176 . Added statistics about listening socket queue length for FPM. 6177 (andrei dot nigmatulin at gmail dot com, fat) 6178 6179- Core: 6180 . Fixed extract() to do not overwrite $GLOBALS and $this when using 6181 EXTR_OVERWRITE. (jorto at redhat dot com) 6182 . Fixed bug in the Windows implementation of dns_get_record, where the two 6183 last parameters wouldn't be filled unless the type were DNS_ANY (Gustavo). 6184 . Changed the $context parameter on copy() to actually have an effect. (Kalle) 6185 . Fixed htmlentities/htmlspecialchars accepting certain ill-formed UTF-8 6186 sequences. (Gustavo) 6187 . Fixed bug #53409 (sleep() returns NULL on Windows). (Pierre) 6188 . Fixed bug #53319 (strip_tags() may strip '<br />' incorrectly). (Felipe) 6189 . Fixed bug #53304 (quot_print_decode does not handle lower-case hex digits). 6190 (Ilia, daniel dot mueller at inexio dot net) 6191 . Fixed bug #53248 (rawurlencode RFC 3986 EBCDIC support misses tilde char). 6192 (Justin Martin) 6193 . Fixed bug #53226 (file_exists fails on big filenames). (Adam) 6194 . Fixed bug #53198 (changing INI setting "from" with ini_set did not have any 6195 effect). (Gustavo) 6196 . Fixed bug #53180 (post_max_size=0 not disabling the limit when the content 6197 type is application/x-www-form-urlencoded or is not registered with PHP). 6198 (gm at tlink dot de, Gustavo) 6199 . Fixed bug #53141 (autoload misbehaves if called from closing session). 6200 (ladislav at marek dot su) 6201 . Fixed bug #53021 (In html_entity_decode, failure to convert numeric entities 6202 with ENT_NOQUOTES and ISO-8859-1). Fixed and extended the fix of 6203 ENT_NOQUOTES in html_entity_decode that had introduced the bug (rev 6204 #185591) to other encodings. Additionaly, html_entity_decode() now doesn't 6205 decode " if ENT_NOQUOTES is given. (Gustavo) 6206 . Fixed bug #52931 (strripos not overloaded with function overloading 6207 enabled). (Felipe) 6208 . Fixed bug #52772 (var_dump() doesn't check for the existence of 6209 get_class_name before calling it). (Kalle, Gustavo) 6210 . Fixed bug #52534 (var_export array with negative key). (Felipe) 6211 . Fixed bug #52327 (base64_decode() improper handling of leading padding in 6212 strict mode). (Ilia) 6213 . Fixed bug #52260 (dns_get_record fails with non-existing domain on Windows). 6214 (a_jelly_doughnut at phpbb dot com, Pierre) 6215 . Fixed bug #50953 (socket will not connect to IPv4 address when the host has 6216 both IPv4 and IPv6 addresses, on Windows). (Gustavo, Pierre) 6217 . Fixed bug #50524 (proc_open on Windows does not respect cwd as it does on 6218 other platforms). (Pierre) 6219 . Fixed bug #49687 (utf8_decode vulnerabilities and deficiencies in the number 6220 of reported malformed sequences). (CVE-2010-3870) (Gustavo) 6221 . Fixed bug #49407 (get_html_translation_table doesn't handle UTF-8). 6222 (Gustavo) 6223 . Fixed bug #48831 (php -i has different output to php --ini). (Richard, 6224 Pierre) 6225 . Fixed bug #47643 (array_diff() takes over 3000 times longer than php 5.2.4). 6226 (Felipe) 6227 . Fixed bug #47168 (printf of floating point variable prints maximum of 40 6228 decimal places). (Ilia) 6229 . Fixed bug #46587 (mt_rand() does not check that max is greater than min). 6230 (Ilia) 6231 . Fixed bug #29085 (bad default include_path on Windows). (Pierre) 6232 . Fixed bug #25927 (get_html_translation_table calls the ' ' instead of 6233 '). (Gustavo) 6234 6235- Zend engine: 6236 . Reverted fix for bug #51176 (Static calling in non-static method behaves 6237 like $this->). (Felipe) 6238 . Changed deprecated ini options on startup from E_WARNING to E_DEPRECATED. 6239 (Kalle) 6240 . Fixed NULL dereference in lex_scan on zend multibyte builds where the script 6241 had a flex incompatible encoding and there was no converter. (Gustavo) 6242 . Fixed covariance of return-by-ref constraints. (Etienne) 6243 . Fixed bug #53305 (E_NOTICE when defining a constant starts with 6244 __COMPILER_HALT_OFFSET__). (Felipe) 6245 . Fixed bug #52939 (zend_call_function does not respect ZEND_SEND_PREFER_REF). 6246 (Dmitry) 6247 . Fixed bug #52879 (Objects unreferenced in __get, __set, __isset or __unset 6248 can be freed too early). (mail_ben_schmidt at yahoo dot com dot au, Dmitry) 6249 . Fixed bug #52786 (PHP should reset section to [PHP] after ini sections). 6250 (Fedora at famillecollet dot com) 6251 . Fixed bug #52508 (newline problem with parse_ini_file+INI_SCANNER_RAW). 6252 (Felipe) 6253 . Fixed bug #52484 (__set() ignores setting properties with empty names). 6254 (Felipe) 6255 . Fixed bug #52361 (Throwing an exception in a destructor causes invalid 6256 catching). (Dmitry) 6257 . Fixed bug #51008 (Zend/tests/bug45877.phpt fails). (Dmitry) 6258 6259- Build issues: 6260 . Fixed bug #52436 (Compile error if systems do not have stdint.h) 6261 (Sriram Natarajan) 6262 . Fixed bug #50345 (nanosleep not detected properly on some solaris versions). 6263 (Ulf, Tony) 6264 . Fixed bug #49215 (make fails on glob_wrapper). (Felipe) 6265 6266- Calendar extension: 6267 . Fixed bug #52744 (cal_days_in_month incorrect for December 1 BCE). 6268 (gpap at internet dot gr, Adam) 6269 6270- cURL extension: 6271 . Fixed bug #52828 (curl_setopt does not accept persistent streams). 6272 (Gustavo, Ilia) 6273 . Fixed bug #52827 (cURL leaks handle and causes assertion error 6274 (CURLOPT_STDERR)). (Gustavo) 6275 . Fixed bug #52202 (CURLOPT_PRIVATE gets corrupted). (Ilia) 6276 . Fixed bug #50410 (curl extension slows down PHP on Windows). (Pierre) 6277 6278- DateTime extension: 6279 . Fixed bug #53297 (gettimeofday implementation in php/win32/time.c can return 6280 1 million microsecs). (ped at 7gods dot org) 6281 . Fixed bug #52668 (Iterating over a dateperiod twice is broken). (Derick) 6282 . Fixed bug #52454 (Relative dates and getTimestamp increments by one day). 6283 (Derick) 6284 . Fixed bug #52430 (date_parse parse 24:xx:xx as valid time). (Derick) 6285 . Added support for the ( and ) delimiters/separators to 6286 DateTime::createFromFormat(). (Derick) 6287 6288- DBA extension: 6289 . Added Berkeley DB 5.1 support to the DBA extension. (Oracle Corp.) 6290 6291- DOM extension: 6292 . Fixed bug #52656 (DOMCdataSection does not work with splitText). (Ilia) 6293 6294- Filter extension: 6295 . Fixed the filter extension accepting IPv4 octets with a leading 0 as that 6296 belongs to the unsupported "dotted octal" representation. (Gustavo) 6297 . Fixed bug #53236 (problems in the validation of IPv6 addresses with leading 6298 and trailing :: in the filter extension). (Gustavo) 6299 . Fixed bug #50117 (problems in the validation of IPv6 addresses with IPv4 6300 addresses and ::). (Gustavo) 6301 6302- GD extension: 6303 . Fixed bug #53492 (fix crash if anti-aliasing steps are invalid). (Pierre) 6304 6305- GMP extension: 6306 . Fixed bug #52906 (gmp_mod returns negative result when non-negative is 6307 expected). (Stas) 6308 . Fixed bug #52849 (GNU MP invalid version match). (Adam) 6309 6310- Hash extension: 6311 . Fixed bug #51003 (unaligned memory access in ext/hash/hash_tiger.c). 6312 (Mike, Ilia) 6313 6314- Iconv extension: 6315 . Fixed bug #52941 (The 'iconv_mime_decode_headers' function is skipping 6316 headers). (Adam) 6317 . Fixed bug #52599 (iconv output handler outputs incorrect content type 6318 when flags are used). (Ilia) 6319 . Fixed bug #51250 (iconv_mime_decode() does not ignore malformed Q-encoded 6320 words). (Ilia) 6321 6322- Intl extension: 6323 . Fixed crashes on invalid parameters in intl extension. (CVE-2010-4409). 6324 (Stas, Maksymilian Arciemowicz) 6325 . Added support for formatting the timestamp stored in a DateTime object. 6326 (Stas) 6327 . Fixed bug #50590 (IntlDateFormatter::parse result is limited to the integer 6328 range). (Stas) 6329 6330- Mbstring extension: 6331 . Fixed bug #53273 (mb_strcut() returns garbage with the excessive length 6332 parameter). (CVE-2010-4156) (Mateusz Kocielski, Pierre, Moriyoshi) 6333 . Fixed bug #52981 (Unicode casing table was out-of-date. Updated with 6334 UnicodeData-6.0.0d7.txt and included the source of the generator program 6335 with the distribution) (Gustavo). 6336 . Fixed bug #52681 (mb_send_mail() appends an extra MIME-Version header). 6337 (Adam) 6338 6339- MSSQL extension: 6340 . Fixed possible crash in mssql_fetch_batch(). (Kalle) 6341 . Fixed bug #52843 (Segfault when optional parameters are not passed in to 6342 mssql_connect). (Felipe) 6343 6344- MySQL extension: 6345 . Fixed bug #52636 (php_mysql_fetch_hash writes long value into int). 6346 (Kalle, rein at basefarm dot no) 6347 6348- MySQLi extension: 6349 . Fixed bug #52891 (Wrong data inserted with mysqli/mysqlnd when using 6350 mysqli_stmt_bind_param and value> PHP_INT_MAX). (Andrey) 6351 . Fixed bug #52686 (mysql_stmt_attr_[gs]et argument points to incorrect type). 6352 (rein at basefarm dot no) 6353 . Fixed bug #52654 (mysqli doesn't install headers with structures it uses). 6354 (Andrey) 6355 . Fixed bug #52433 (Call to undefined method mysqli::poll() - must be static). 6356 (Andrey) 6357 . Fixed bug #52417 (MySQLi build failure with mysqlnd on MacOS X). (Andrey) 6358 . Fixed bug #52413 (MySQLi/libmysql build failure on OS X, FreeBSD). (Andrey) 6359 . Fixed bug #52390 (mysqli_report() should be per-request setting). (Kalle) 6360 . Fixed bug #52302 (mysqli_fetch_all does not work with MYSQLI_USE_RESULT). 6361 (Andrey) 6362 . Fixed bug #52221 (Misbehaviour of magic_quotes_runtime (get/set)). (Andrey) 6363 . Fixed bug #45921 (Can't initialize character set hebrew). (Andrey) 6364 6365- MySQLnd: 6366 . Fixed bug #52613 (crash in mysqlnd after hitting memory limit). (Andrey) 6367 6368- ODBC extension: 6369 - Fixed bug #52512 (Broken error handling in odbc_execute). 6370 (mkoegler at auto dot tuwien dot ac dot at) 6371 6372- Openssl extension: 6373 . Fixed possible blocking behavior in openssl_random_pseudo_bytes on Windows. 6374 (Pierre) 6375 . Fixed bug #53136 (Invalid read on openssl_csr_new()). (Felipe) 6376 . Fixed bug #52947 (segfault when ssl stream option capture_peer_cert_chain 6377 used). (Felipe) 6378 6379- Oracle Database extension (OCI8): 6380 . Fixed bug #53284 (Valgrind warnings in oci_set_* functions) (Oracle Corp.) 6381 . Fixed bug #51610 (Using oci_connect causes PHP to take a long time to 6382 exit). Requires Oracle 11.2.0.2 client libraries (or Oracle bug fix 6383 9891199) for this patch to have an effect. (Oracle Corp.) 6384 6385- PCNTL extension: 6386 . Fixed bug #52784 (Race condition when handling many concurrent signals). 6387 (nick dot telford at gmail dot com, Arnaud) 6388 6389- PCRE extension: 6390 . Fixed bug #52971 (PCRE-Meta-Characters not working with utf-8). (Felipe) 6391 . Fixed bug #52732 (Docs say preg_match() returns FALSE on error, but it 6392 returns int(0)). (slugonamission at gmail dot com) 6393 6394- PHAR extension: 6395 . Fixed bug #50987 (unaligned memory access in phar.c). 6396 (geissert at debian dot org, Ilia) 6397 6398- PHP-FPM SAPI: 6399 . Fixed bug #53412 (segfault when using -y). (fat) 6400 . Fixed inconsistent backlog default value (-1) in FPM on many systems. (fat) 6401 . Fixed bug #52501 (libevent made FPM crashed when forking -- libevent has 6402 been removed). (fat) 6403 . Fixed bug #52725 (gcc builtin atomic functions were sometimes used when they 6404 were not available). (fat) 6405 . Fixed bug #52693 (configuration file errors are not logged to stderr). (fat) 6406 . Fixed bug #52674 (FPM Status page returns inconsistent Content-Type 6407 headers). (fat) 6408 . Fixed bug #52498 (libevent was not only linked to php-fpm). (fat) 6409 6410- PDO: 6411 . Fixed bug #52699 (PDO bindValue writes long int 32bit enum). 6412 (rein at basefarm dot no) 6413 . Fixed bug #52487 (PDO::FETCH_INTO leaks memory). (Felipe) 6414 6415- PDO DBLib driver: 6416 . Fixed bug #52546 (pdo_dblib segmentation fault when iterating MONEY values). 6417 (Felipe) 6418 6419- PDO Firebird driver: 6420 . Restored firebird support (VC9 builds only). (Pierre) 6421 . Fixed bug #53335 (pdo_firebird did not implement rowCount()). 6422 (preeves at ibphoenix dot com) 6423 . Fixed bug #53323 (pdo_firebird getAttribute() crash). 6424 (preeves at ibphoenix dot com) 6425 6426- PDO MySQL driver: 6427 . Fixed bug #52745 (Binding params doesn't work when selecting a date inside a 6428 CASE-WHEN). (Andrey) 6429 6430- PostgreSQL extension: 6431 . Fixed bug #47199 (pg_delete() fails on NULL). (ewgraf at gmail dot com) 6432 6433- Reflection extension: 6434 . Fixed ReflectionProperty::isDefault() giving a wrong result for properties 6435 obtained with ReflectionClass::getProperties(). (Gustavo) 6436- Reflection extension: 6437 . Fixed bug #53366 (Reflection doesnt get dynamic property value from 6438 getProperty()). (Felipe) 6439 . Fixed bug #52854 (ReflectionClass::newInstanceArgs does not work for classes 6440 without constructors). (Johannes) 6441 6442- SOAP extension: 6443 . Fixed bug #44248 (RFC2616 transgression while HTTPS request through proxy 6444 with SoapClient object). (Dmitry) 6445 6446- SPL extension: 6447 . Fixed bug #53362 (Segmentation fault when extending SplFixedArray). (Felipe) 6448 . Fixed bug #53279 (SplFileObject doesn't initialise default CSV escape 6449 character). (Adam) 6450 . Fixed bug #53144 (Segfault in SplObjectStorage::removeAll()). (Felipe) 6451 . Fixed bug #53071 (SPLObjectStorage defeats gc_collect_cycles). (Gustavo) 6452 . Fixed bug #52573 (SplFileObject::fscanf Segmentation fault). (Felipe) 6453 . Fixed bug #51763 (SplFileInfo::getType() does not work symbolic link 6454 and directory). (Pierre) 6455 . Fixed bug #50481 (Storing many SPLFixedArray in an array crashes). (Felipe) 6456 . Fixed bug #50579 (RegexIterator::REPLACE doesn't work). (Felipe) 6457 6458- SQLite3 extension: 6459 . Fixed bug #53463 (sqlite3 columnName() segfaults on bad column_number). 6460 (Felipe) 6461 6462- Streams: 6463 . Fixed forward stream seeking emulation in streams that don't support seeking 6464 in situations where the read operation gives back less data than requested 6465 and when there was data in the buffer before the emulation started. Also 6466 made more consistent its behavior -- should return failure every time less 6467 data than was requested was skipped. (Gustavo) 6468 . Fixed bug #53241 (stream casting that relies on fdopen/fopencookie fails 6469 with streams opened with, inter alia, the 'xb' mode). (Gustavo) 6470 . Fixed bug #53006 (stream_get_contents has an unpredictable behavior when the 6471 underlying stream does not support seeking). (Gustavo) 6472 . Fixed bug #52944 (Invalid write on second and subsequent reads with an 6473 inflate filter fed invalid data). (Gustavo) 6474 . Fixed bug #52820 (writes to fopencookie FILE* not commited when seeking the 6475 stream). (Gustavo) 6476 6477- WDDX extension: 6478 . Fixed bug #52468 (wddx_deserialize corrupts integer field value when left 6479 empty). (Felipe) 6480 6481- Zlib extension: 6482 . Fixed bug #52926 (zlib fopen wrapper does not use context). (Gustavo) 6483 648422 Jul 2010, PHP 5.3.3 6485- Upgraded bundled sqlite to version 3.6.23.1. (Ilia) 6486- Upgraded bundled PCRE to version 8.02. (Ilia) 6487 6488- Added support for JSON_NUMERIC_CHECK option in json_encode() that converts 6489 numeric strings to integers. (Ilia) 6490- Added stream_set_read_buffer, allows to set the buffer for read operation. 6491 (Pierre) 6492- Added stream filter support to mcrypt extension (ported from 6493 mcrypt_filter). (Stas) 6494- Added full_special_chars filter to ext/filter. (Rasmus) 6495- Added backlog socket context option for stream_socket_server(). (Mike) 6496- Added fifth parameter to openssl_encrypt()/openssl_decrypt() 6497 (string $iv) to use non-NULL IV. 6498 Made implicit use of NULL IV a warning. (Sara) 6499- Added openssl_cipher_iv_length(). (Sara) 6500- Added FastCGI Process Manager (FPM) SAPI. (Tony) 6501- Added recent Windows versions to php_uname and fix undefined windows 6502 version support. (Pierre) 6503- Added Berkeley DB 5 support to the DBA extension. (Johannes, Chris Jones) 6504- Added support for copy to/from array/file for pdo_pgsql extension. 6505 (Denis Gasparin, Ilia) 6506- Added inTransaction() method to PDO, with specialized support for Postgres. 6507 (Ilia, Denis Gasparin) 6508 6509- Changed namespaced classes so that the ctor can only be named 6510 __construct now. (Stas) 6511- Reset error state in PDO::beginTransaction() reset error state. (Ilia) 6512 6513- Implemented FR#51295 (SQLite3::busyTimeout not existing). (Mark) 6514- Implemented FR#35638 (Adding udate to imap_fetch_overview results). 6515 (Charles_Duffy at dell dot com ) 6516- Rewrote var_export() to use smart_str rather than output buffering, prevents 6517 data disclosure if a fatal error occurs (CVE-2010-2531). (Scott) 6518- Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. 6519 (Andrey) 6520- Fixed possible buffer overflows when handling error packets in mysqlnd. 6521 Reported by Stefan Esser. (Andrey) 6522- Fixed very rare memory leak in mysqlnd, when binding thousands of columns. 6523 (Andrey) 6524- Fixed a crash when calling an inexistent method of a class that inherits 6525 PDOStatement if instantiated directly instead of doing by the PDO methods. 6526 (Felipe) 6527 6528- Fixed memory leak on error in mcrypt_create_iv on Windows. (Pierre) 6529- Fixed a possible crash because of recursive GC invocation. (Dmitry) 6530- Fixed a possible resource destruction issues in shm_put_var(). 6531 Reported by Stefan Esser. (Dmitry) 6532- Fixed a possible information leak because of interruption of XOR operator. 6533 Reported by Stefan Esser. (Dmitry) 6534- Fixed a possible memory corruption because of unexpected call-time pass by 6535 refernce and following memory clobbering through callbacks. 6536 Reported by Stefan Esser. (Dmitry) 6537- Fixed a possible memory corruption in ArrayObject::uasort(). Reported by 6538 Stefan Esser. (Dmitry) 6539- Fixed a possible memory corruption in parse_str(). Reported by Stefan Esser. 6540 (Dmitry) 6541- Fixed a possible memory corruption in pack(). Reported by Stefan Esser. 6542 (Dmitry) 6543- Fixed a possible memory corruption in substr_replace(). Reported by Stefan 6544 Esser. (Dmitry) 6545- Fixed a possible memory corruption in addcslashes(). Reported by Stefan 6546 Esser. (Dmitry) 6547- Fixed a possible stack exhaustion inside fnmatch(). Reported by Stefan 6548 Esser. (Ilia) 6549- Fixed a possible dechunking filter buffer overflow. Reported by Stefan Esser. 6550 (Pierre) 6551- Fixed a possible arbitrary memory access inside sqlite extension. Reported 6552 by Mateusz Kocielski. (Ilia) 6553- Fixed string format validation inside phar extension. Reported by Stefan 6554 Esser. (Ilia) 6555- Fixed handling of session variable serialization on certain prefix 6556 characters. Reported by Stefan Esser. (Ilia) 6557- Fixed a NULL pointer dereference when processing invalid XML-RPC 6558 requests (Fixes CVE-2010-0397, bug #51288). (Raphael Geissert) 6559- Fixed 64-bit integer overflow in mhash_keygen_s2k(). (Clément LECIGNE, Stas) 6560- Fixed SplObjectStorage unserialization problems (CVE-2010-2225). (Stas) 6561- Fixed the mail.log ini setting when no filename was given. (Johannes) 6562 6563- Fixed bug #52317 (Segmentation fault when using mail() on a rhel 4.x (only 64 6564 bit)). (Adam) 6565- Fixed bug #52262 (json_decode() shows no errors on invalid UTF-8). 6566 (Scott) 6567- Fixed bug #52240 (hash_copy() does not copy the HMAC key, causes wrong 6568 results and PHP crashes). (Felipe) 6569- Fixed bug #52238 (Crash when an Exception occured in iterator_to_array). 6570 (Johannes) 6571- Fixed bug #52193 (converting closure to array yields empty array). (Felipe) 6572- Fixed bug #52183 (Reflectionfunction reports invalid number of arguments for 6573 function aliases). (Felipe) 6574- Fixed bug #52162 (custom request header variables with numbers are removed). 6575 (Sriram Natarajan) 6576- Fixed bug #52160 (Invalid E_STRICT redefined constructor error). (Felipe) 6577- Fixed bug #52138 (Constants are parsed into the ini file for section names). 6578 (Felipe) 6579- Fixed bug #52115 (mysqli_result::fetch_all returns null, not an empty array). 6580 (Andrey) 6581- Fixed bug #52101 (dns_get_record() garbage in 'ipv6' field on Windows). 6582 (Pierre) 6583- Fixed bug #52082 (character_set_client & character_set_connection reset after 6584 mysqli_change_user()). (Andrey) 6585- Fixed bug #52043 (GD doesn't recognize latest libJPEG versions). 6586 (php at group dot apple dot com, Pierre) 6587- Fixed bug #52041 (Memory leak when writing on uninitialized variable returned 6588 from function). (Dmitry) 6589- Fixed bug #52060 (Memory leak when passing a closure to method_exists()). 6590 (Felipe) 6591- Fixed bug #52057 (ReflectionClass fails on Closure class). (Felipe) 6592- Fixed bug #52051 (handling of case sensitivity of old-style constructors 6593 changed in 5.3+). (Felipe) 6594- Fixed bug #52037 (Concurrent builds fail in install-programs). (seanius at 6595 debian dot org, Kalle) 6596- Fixed bug #52019 (make lcov doesn't support TESTS variable anymore). (Patrick) 6597- Fixed bug #52010 (open_basedir restrictions mismatch on vacuum command). 6598 (Ilia) 6599- Fixed bug #52001 (Memory allocation problems after using variable variables). 6600 (Dmitry) 6601- Fixed bug #51991 (spl_autoload and *nix support with namespace). (Felipe) 6602- Fixed bug #51943 (AIX: Several files are out of ANSI spec). (Kalle, 6603 coreystup at gmail dot com) 6604- Fixed bug #51911 (ReflectionParameter::getDefaultValue() memory leaks with 6605 constant array). (Felipe) 6606- Fixed bug #51905 (ReflectionParameter fails if default value is an array 6607 with an access to self::). (Felipe) 6608- Fixed bug #51899 (Parse error in parse_ini_file() function when empy value 6609 followed by no newline). (Felipe) 6610- Fixed bug #51844 (checkdnsrr does not support types other than MX). (Pierre) 6611- Fixed bug #51827 (Bad warning when register_shutdown_function called with 6612 wrong num of parameters). (Felipe) 6613- Fixed bug #51822 (Segfault with strange __destruct() for static class 6614 variables). (Dmitry) 6615- Fixed bug #51791 (constant() aborts execution when fail to check undefined 6616 constant). (Felipe) 6617- Fixed bug #51732 (Fileinfo __construct or open does not work with NULL). 6618 (Pierre) 6619- Fixed bug #51725 (xmlrpc_get_type() returns true on invalid dates). (Mike) 6620- Fixed bug #51723 (Content-length header is limited to 32bit integer with 6621 Apache2 on Windows). (Pierre) 6622- Fixed bug #51721 (mark DOMNodeList and DOMNamedNodeMap as Traversable). 6623 (David Zuelke) 6624- Fixed bug #51712 (Test mysql_mysqlnd_read_timeout_long must fail on MySQL4). 6625 (Andrey) 6626- Fixed bug #51697 (Unsafe operations in free_storage of SPL iterators, 6627 causes crash during shutdown). (Etienne) 6628- Fixed bug #51690 (Phar::setStub looks for case-sensitive 6629 __HALT_COMPILER()). (Ilia) 6630- Fixed bug #51688 (ini per dir crashes when invalid document root are given). 6631 (Pierre) 6632- Fixed bug #51671 (imagefill does not work correctly for small images). 6633 (Pierre) 6634- Fixed bug #51670 (getColumnMeta causes segfault when re-executing query 6635 after calling nextRowset). (Pierrick) 6636- Fixed bug #51647 Certificate file without private key (pk in another file) 6637 doesn't work. (Andrey) 6638- Fixed bug #51629 (CURLOPT_FOLLOWLOCATION error message is misleading). 6639 (Pierre) 6640- Fixed bug #51627 (script path not correctly evaluated). 6641 (russell dot tempero at rightnow dot com) 6642- Fixed bug #51624 (Crash when calling mysqli_options()). (Felipe) 6643- Fixed bug #51615 (PHP crash with wrong HTML in SimpleXML). (Felipe) 6644- Fixed bug #51609 (pg_copy_to: Invalid results when using fourth parameter). 6645 (Felipe) 6646- Fixed bug #51608 (pg_copy_to: WARNING: nonstandard use of \\ in a string 6647 literal). (cbandy at jbandy dot com) 6648- Fixed bug #51607 (pg_copy_from does not allow schema in the tablename 6649 argument). (cbandy at jbandy dot com) 6650- Fixed bug #51605 (Mysqli - zombie links). (Andrey) 6651- Fixed bug #51604 (newline in end of header is shown in start of message). 6652 (Daniel Egeberg) 6653- Fixed bug #51590 (JSON_ERROR_UTF8 is undefined). (Felipe) 6654- Fixed bug #51583 (Bus error due to wrong alignment in mysqlnd). (Rainer Jung) 6655- Fixed bug #51582 (Don't assume UINT64_C it's ever available). 6656 (reidrac at usebox dot net, Pierre) 6657- Fixed bug #51577 (Uninitialized memory reference with oci_bind_array_by_name) 6658 (Oracle Corp.) 6659- Fixed bug #51562 (query timeout in mssql can not be changed per query). 6660 (ejsmont dot artur at gmail dot com) 6661- Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory 6662 issues). (Dmitry) 6663- Fixed bug #51445 (var_dump() invalid/slow *RECURSION* detection). (Felipe) 6664- Fixed bug #51435 (Missing ifdefs / logic bug in crypt code cause compile 6665 errors). (Felipe) 6666- Fixed bug #51424 (crypt() function hangs after 3rd call). (Pierre, Sriram) 6667- Fixed bug #51394 (Error line reported incorrectly if error handler throws an 6668 exception). (Stas) 6669- Fixed bug #51393 (DateTime::createFromFormat() fails if format string contains 6670 timezone). (Adam) 6671- Fixed bug #51347 (mysqli_close / connection memory leak). (Andrey, Johannes) 6672- Fixed bug #51338 (URL-Rewriter is still enabled if use_only_cookies is 6673 on). (Ilia, j dot jeising at gmail dot com) 6674- Fixed bug #51291 (oci_error doesn't report last error when called two times) 6675 (Oracle Corp.) 6676- Fixed bug #51276 (php_load_extension() is missing when HAVE_LIBDL is 6677 undefined). (Tony) 6678- Fixed bug #51273 (Faultstring property does not exist when the faultstring is 6679 empty) (Ilia, dennis at transip dot nl) 6680- Fixed bug #51269 (zlib.output_compression Overwrites Vary Header). (Adam) 6681- Fixed bug #51257 (CURL_VERSION_LARGEFILE incorrectly used after libcurl 6682 version 7.10.1). (aron dot ujvari at microsec dot hu) 6683- Fixed bug #51242 (Empty mysql.default_port does not default to 3306 anymore, 6684 but 0). (Adam) 6685- Fixed bug #51237 (milter SAPI crash on startup). (igmar at palsenberg dot com) 6686- Fixed bug #51213 (pdo_mssql is trimming value of the money column). (Ilia, 6687 alexr at oplot dot com) 6688- Fixed bug #51190 (ftp_put() returns false when transfer was successful). 6689 (Ilia) 6690- Fixed bug #51183 (ext/date/php_date.c fails to compile with Sun Studio). 6691 (Sriram Natarajan) 6692- Fixed bug #51176 (Static calling in non-static method behaves like $this->). 6693 (Felipe) 6694- Fixed bug #51171 (curl_setopt() doesn't output any errors or warnings when 6695 an invalid option is provided). (Ilia) 6696- Fixed bug #51128 (imagefill() doesn't work with large images). (Pierre) 6697- Fixed bug #51096 ('last day' and 'first day' are handled incorrectly when 6698 parsing date strings). (Derick) 6699- Fixed bug #51086 (DBA DB4 doesn't work with Berkeley DB 4.8). (Chris Jones) 6700- Fixed bug #51062 (DBA DB4 uses mismatched headers and libraries). (Chris 6701 Jones) 6702- Fixed bug #51026 (mysqli_ssl_set not working). (Andrey) 6703- Fixed bug #51023 (filter doesn't detect int overflows with GCC 4.4). 6704 (Raphael Geissert) 6705- Fixed bug #50999 (unaligned memory access in dba_fetch()). (Felipe) 6706- Fixed bug #50976 (Soap headers Authorization not allowed). 6707 (Brain France, Dmitry) 6708- Fixed bug #50828 (DOMNotation is not subclass of DOMNode). (Rob) 6709- Fixed bug #50810 (property_exists does not work for private). (Felipe) 6710- Fixed bug #50762 (in WSDL mode Soap Header handler function only being called 6711 if defined in WSDL). (mephius at gmail dot com) 6712- Fixed bug #50731 (Inconsistent namespaces sent to functions registered with 6713 spl_autoload_register). (Felipe) 6714- Fixed bug #50563 (removing E_WARNING from parse_url). (ralph at smashlabs dot 6715 com, Pierre) 6716- Fixed bug #50578 (incorrect shebang in phar.phar). (Fedora at FamilleCollet 6717 dot com) 6718- Fixed bug #50392 (date_create_from_format enforces 6 digits for 'u' format 6719 character). (Derick) 6720- Fixed bug #50383 (Exceptions thrown in __call / __callStatic do not include 6721 file and line in trace). (Felipe) 6722- Fixed bug #50358 (Compile failure compiling ext/phar/util.lo). (Felipe) 6723- Fixed bug #50101 (name clash between global and local variable). 6724 (patch by yoarvi at gmail dot com) 6725- Fixed bug #50055 (DateTime::sub() allows 'relative' time modifications). 6726 (Derick) 6727- Fixed bug #51002 (fix possible memory corruption with very long names). 6728 (Pierre) 6729- Fixed bug #49893 (Crash while creating an instance of Zend_Mail_Storage_Pop3). 6730 (Dmitry) 6731- Fixed bug #49819 (STDOUT losing data with posix_isatty()). (Mike) 6732- Fixed bug #49778 (DateInterval::format("%a") is always zero when an interval 6733 is created from an ISO string). (Derick) 6734- Fixed bug #49700 (memory leaks in php_date.c if garbage collector is 6735 enabled). (Dmitry) 6736- Fixed bug #49576 (FILTER_VALIDATE_EMAIL filter needs updating) (Rasmus) 6737- Fixed bug #49490 (XPath namespace prefix conflict). (Rob) 6738- Fixed bug #49429 (odbc_autocommit doesn't work). (Felipe) 6739- Fixed bug #49320 (PDO returns null when SQLite connection fails). (Felipe) 6740- Fixed bug #49234 (mysqli_ssl_set not found). (Andrey) 6741- Fixed bug #49216 (Reflection doesn't seem to work properly on MySqli). 6742 (Andrey) 6743- Fixed bug #49192 (PHP crashes when GC invoked on COM object). (Stas) 6744- Fixed bug #49081 (DateTime::diff() mistake if start in January and interval > 6745 28 days). (Derick) 6746- Fixed bug #49059 (DateTime::diff() repeats previous sub() operation). 6747 (yoarvi@gmail.com, Derick) 6748- Fixed bug #48983 (DomDocument : saveHTMLFile wrong charset). (Rob) 6749- Fixed bug #48930 (__COMPILER_HALT_OFFSET__ incorrect in PHP >= 5.3). (Felipe) 6750- Fixed bug #48902 (Timezone database fallback map is outdated). (Derick) 6751- Fixed bug #48781 (Cyclical garbage collector memory leak). (Dmitry) 6752- Fixed bug #48601 (xpath() returns FALSE for legitimate query). (Rob) 6753- Fixed bug #48361 (SplFileInfo::getPathInfo should return the 6754 parent dir). (Etienne) 6755- Fixed bug #48289 (iconv_mime_encode() quoted-printable scheme is broken). 6756 (Adam, patch from hiroaki dot kawai at gmail dot com). 6757- Fixed bug #47842 (sscanf() does not support 64-bit values). (Mike) 6758- Fixed bug #46111 (Some timezone identifiers can not be parsed). (Derick) 6759- Fixed bug #45808 (stream_socket_enable_crypto() blocks and eats CPU). 6760 (vincent at optilian dot com) 6761- Fixed bug #43233 (sasl support for ldap on Windows). (Pierre) 6762- Fixed bug #35673 (formatOutput does not work with saveHTML). (Rob) 6763- Fixed bug #33210 (getimagesize() fails to detect width/height on certain 6764 JPEGs). (Ilia) 6765 676604 Mar 2010, PHP 5.3.2 6767 6768- Upgraded bundled sqlite to version 3.6.22. (Ilia) 6769- Upgraded bundled libmagic to version 5.03. (Mikko) 6770- Upgraded bundled PCRE to version 8.00. (Scott) 6771- Updated timezone database to version 2010.3. (Derick) 6772 6773- Improved LCG entropy. (Rasmus, Samy Kamkar) 6774- Improved crypt support for edge cases (UFC compatibility). (Solar Designer, 6775 Joey, Pierre) 6776 6777- Reverted fix for bug #49521 (PDO fetchObject sets values before calling 6778 constructor). (Pierrick, Johannes) 6779 6780- Changed gmp_strval() to use full range from 2 to 62, and -2 to -36. FR #50283 6781 (David Soria Parra) 6782- Changed "post_max_size" php.ini directive to allow unlimited post size by 6783 setting it to 0. (Rasmus) 6784- Changed tidyNode class to disallow manual node creation. (Pierrick) 6785 6786- Removed automatic file descriptor unlocking happening on shutdown and/or 6787 stream close (on all OSes). (Tony, Ilia) 6788 6789- Added libpng 1.4.0 support. (Pierre) 6790- Added support for DISABLE_AUTHENTICATOR for imap_open. (Pierre) 6791- Added missing host validation for HTTP urls inside FILTER_VALIDATE_URL. 6792 (Ilia) 6793- Added stream_resolve_include_path(). (Mikko) 6794- Added INTERNALDATE support to imap_append. (nick at mailtrust dot com) 6795- Added support for SHA-256 and SHA-512 to php's crypt. (Pierre) 6796- Added realpath_cache_size() and realpath_cache_get() functions. (Stas) 6797- Added FILTER_FLAG_STRIP_BACKTICK option to the filter extension. (Ilia) 6798- Added protection for $_SESSION from interrupt corruption and improved 6799 "session.save_path" check. (Stas) 6800- Added LIBXML_PARSEHUGE constant to override the maximum text size of a 6801 single text node when using libxml2.7.3+. (Kalle) 6802- Added ReflectionMethod::setAccessible() for invoking non-public methods 6803 through the Reflection API. (Sebastian) 6804- Added Collator::getSortKey for intl extension. (Stas) 6805- Added support for CURLOPT_POSTREDIR. FR #49571. (Sriram Natarajan) 6806- Added support for CURLOPT_CERTINFO. FR #49253. 6807 (Linus Nielsen Feltzing <linus@haxx.se>) 6808- Added client-side server name indication support in openssl. (Arnaud) 6809 6810- Improved fix for bug #50006 (Segfault caused by uksort()). (Stas) 6811 6812- Fixed mysqlnd hang when queries exactly 16777214 bytes long are sent. (Andrey) 6813- Fixed incorrect decoding of 5-byte BIT sequences in mysqlnd. (Andrey) 6814- Fixed error_log() to be binary safe when using message_type 3. (Jani) 6815- Fixed unnecessary invocation of setitimer when timeouts have been disabled. 6816 (Arvind Srinivasan) 6817- Fixed memory leak in extension loading when an error occurs on Windows. 6818 (Pierre) 6819- Fixed safe_mode validation inside tempnam() when the directory path does 6820 not end with a /). (Martin Jansen) 6821- Fixed a possible open_basedir/safe_mode bypass in session extension 6822 identified by Grzegorz Stachowiak. (Ilia) 6823- Fixed possible crash when a error/warning is raised during php startup. 6824 (Pierre) 6825- Fixed possible bad behavior of rename on windows when used with symbolic 6826 links or invalid paths. (Pierre) 6827- Fixed error output to stderr on Windows. (Pierre) 6828- Fixed memory leaks in is_writable/readable/etc on Windows. (Pierre) 6829- Fixed memory leaks in the ACL function on Windows. (Pierre) 6830- Fixed memory leak in the realpath cache on Windows. (Pierre) 6831- Fixed memory leak in zip_close. (Pierre) 6832- Fixed crypt's blowfish sanity check of the "setting" string, to reject 6833 iteration counts encoded as 36 through 39. (Solar Designer, Joey, Pierre) 6834 6835- Fixed bug #51059 (crypt crashes when invalid salt are given). (Pierre) 6836- Fixed bug #50952 (allow underscore _ in constants parsed in php.ini files). 6837 (Jani) 6838- Fixed bug #50940 (Custom content-length set incorrectly in Apache SAPIs). 6839 (Brian France, Rasmus) 6840- Fixed bug #50930 (Wrong date by php_date.c patch with ancient gcc/glibc 6841 versions). (Derick) 6842- Fixed bug #50907 (X-PHP-Originating-Script adding two new lines in *NIX). 6843 (Ilia) 6844- Fixed bug #50859 (build fails with openssl 1.0 due to md2 deprecation). 6845 (Ilia, hanno at hboeck dot de) 6846- Fixed bug #50847 (strip_tags() removes all tags greater then 1023 bytes 6847 long). (Ilia) 6848- Fixed bug #50829 (php.ini directive pdo_mysql.default_socket is ignored). 6849 (Ilia) 6850- Fixed bug #50832 (HTTP fopen wrapper does not support passwordless HTTP 6851 authentication). (Jani) 6852- Fixed bug #50787 (stream_set_write_buffer() has no effect on socket streams). 6853 (vnegrier at optilian dot com, Ilia) 6854- Fixed bug #50761 (system.multiCall crashes in xmlrpc extension). 6855 (hiroaki dot kawai at gmail dot com, Ilia) 6856- Fixed bug #50756 (CURLOPT_FTP_SKIP_PASV_IP does not exist). (Sriram) 6857- Fixed bug #50732 (exec() adds single byte twice to $output array). (Ilia) 6858- Fixed bug #50728 (All PDOExceptions hardcode 'code' property to 0). 6859 (Joey, Ilia) 6860- Fixed bug #50723 (Bug in garbage collector causes crash). (Dmitry) 6861- Fixed bug #50690 (putenv does not set ENV when the value is only one char). 6862 (Pierre) 6863- Fixed bug #50680 (strtotime() does not support eighth ordinal number). (Ilia) 6864- Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob) 6865- Fixed bug #50657 (copy() with an empty (zero-byte) HTTP source succeeds but 6866 returns false). (Ilia) 6867- Fixed bug #50636 (MySQLi_Result sets values before calling constructor). 6868 (Pierrick) 6869- Fixed bug #50632 (filter_input() does not return default value if the 6870 variable does not exist). (Ilia) 6871- Fixed bug #50576 (XML_OPTION_SKIP_TAGSTART option has no effect). (Pierrick) 6872- Fixed bug #50558 (Broken object model when extending tidy). (Pierrick) 6873- Fixed bug #50540 (Crash while running ldap_next_reference test cases). 6874 (Sriram) 6875- Fixed bug #50519 (segfault in garbage collection when using set_error_handler 6876 and DomDocument). (Dmitry) 6877- Fixed bug #50508 (compile failure: Conflicting HEADER type declarations). 6878 (Jani) 6879- Fixed bug #50496 (Use of <stdbool.h> is valid only in a c99 compilation 6880 environment. (Sriram) 6881- Fixed bug #50464 (declare encoding doesn't work within an included file). 6882 (Felipe) 6883- Fixed bug #50458 (PDO::FETCH_FUNC fails with Closures). (Felipe, Pierrick) 6884- Fixed bug #50445 (PDO-ODBC stored procedure call from Solaris 64-bit causes 6885 seg fault). (davbrown4 at yahoo dot com, Felipe) 6886- Fixed bug #50416 (PROCEDURE db.myproc can't return a result set in the given 6887 context). (Andrey) 6888- Fixed bug #50394 (Reference argument converted to value in __call). (Stas) 6889- Fixed bug #50351 (performance regression handling objects, ten times slower 6890 in 5.3 than in 5.2). (Dmitry) 6891- Fixed bug #50392 (date_create_from_format() enforces 6 digits for 'u' 6892 format character). (Ilia) 6893- Fixed bug #50345 (nanosleep not detected properly on some solaris versions). 6894 (Jani) 6895- Fixed bug #50340 (php.ini parser does not allow spaces in ini keys). (Jani) 6896- Fixed bug #50334 (crypt ignores sha512 prefix). (Pierre) 6897- Fixed bug #50323 (Allow use of ; in values via ;; in PDO DSN). 6898 (Ilia, Pierrick) 6899- Fixed bug #50285 (xmlrpc does not preserve keys in encoded indexed arrays). 6900 (Felipe) 6901- Fixed bug #50282 (xmlrpc_encode_request() changes object into array in 6902 calling function). (Felipe) 6903- Fixed bug #50267 (get_browser(null) does not use HTTP_USER_AGENT). (Jani) 6904- Fixed bug #50266 (conflicting types for llabs). (Jani) 6905- Fixed bug #50261 (Crash When Calling Parent Constructor with 6906 call_user_func()). (Dmitry) 6907- Fixed bug #50255 (isset() and empty() silently casts array to object). 6908 (Felipe) 6909- Fixed bug #50240 (pdo_mysql.default_socket in php.ini shouldn't used 6910 if it is empty). (foutrelis at gmail dot com, Ilia) 6911- Fixed bug #50231 (Socket path passed using --with-mysql-sock is ignored when 6912 mysqlnd is enabled). (Jani) 6913- Fixed bug #50219 (soap call Segmentation fault on a redirected url). 6914 (Pierrick) 6915- Fixed bug #50212 (crash by ldap_get_option() with LDAP_OPT_NETWORK_TIMEOUT). 6916 (Ilia, shigeru_kitazaki at cybozu dot co dot jp) 6917- Fixed bug #50209 (Compiling with libedit cannot find readline.h). 6918 (tcallawa at redhat dot com) 6919- Fixed bug #50207 (segmentation fault when concatenating very large strings on 6920 64bit linux). (Ilia) 6921- Fixed bug #50196 (stream_copy_to_stream() produces warning when source is 6922 not file). (Stas) 6923- Fixed bug #50195 (pg_copy_to() fails when table name contains schema. (Ilia) 6924- Fixed bug #50185 (ldap_get_entries() return false instead of an empty array 6925 when there is no error). (Jani) 6926- Fixed bug #50174 (Incorrectly matched docComment). (Felipe) 6927- Fixed bug #50168 (FastCGI fails with wrong error on HEAD request to 6928 non-existant file). (Dmitry) 6929- Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle 6930 database). (Felipe) 6931- Fixed bug #50159 (wrong working directory in symlinked files). (Dmitry) 6932- Fixed bug #50158 (FILTER_VALIDATE_EMAIL fails with valid addresses 6933 containing = or ?). (Pierrick) 6934- Fixed bug #50152 (ReflectionClass::hasProperty behaves like isset() not 6935 property_exists). (Felipe) 6936- Fixed bug #50146 (property_exists: Closure object cannot have properties). 6937 (Felipe) 6938- Fixed bug #50145 (crash while running bug35634.phpt). (Felipe) 6939- Fixed bug #50140 (With default compilation option, php symbols are unresolved 6940 for nsapi). (Uwe Schindler) 6941- Fixed bug #50087 (NSAPI performance improvements). (Uwe Schindler) 6942- Fixed bug #50073 (parse_url() incorrect when ? in fragment). (Ilia) 6943- Fixed bug #50023 (pdo_mysql doesn't use PHP_MYSQL_UNIX_SOCK_ADDR). (Ilia) 6944- Fixed bug #50005 (Throwing through Reflection modified Exception object 6945 makes segmentation fault). (Felipe) 6946- Fixed bug #49990 (SNMP3 warning message about security level printed twice). 6947 (Jani) 6948- Fixed bug #49985 (pdo_pgsql prepare() re-use previous aborted 6949 transaction). (ben dot pineau at gmail dot com, Ilia, Matteo) 6950- Fixed bug #49938 (Phar::isBuffering() returns inverted value). (Greg) 6951- Fixed bug #49936 (crash with ftp stream in php_stream_context_get_option()). 6952 (Pierrick) 6953- Fixed bug #49921 (Curl post upload functions changed). (Ilia) 6954- Fixed bug #49866 (Making reference on string offsets crashes PHP). (Dmitry) 6955- Fixed bug #49855 (import_request_variables() always returns NULL). (Ilia, 6956 sjoerd at php dot net) 6957- Fixed bug #49851, #50451 (http wrapper breaks on 1024 char long headers). 6958 (Ilia) 6959- Fixed bug #49800 (SimpleXML allow (un)serialize() calls without warning). 6960 (Ilia, wmeler at wp-sa dot pl) 6961- Fixed bug #49719 (ReflectionClass::hasProperty returns true for a private 6962 property in base class). (Felipe) 6963- Fixed bug #49677 (ini parser crashes with apache2 and using ${something} 6964 ini variables). (Jani) 6965- Fixed bug #49660 (libxml 2.7.3+ limits text nodes to 10MB). (Felipe) 6966- Fixed bug #49647 (DOMUserData does not exist). (Rob) 6967- Fixed bug #49600 (imageTTFText text shifted right). (Takeshi Abe) 6968- Fixed bug #49585 (date_format buffer not long enough for >4 digit years). 6969 (Derick, Adam) 6970- Fixed bug #49560 (oci8: using LOBs causes slow PHP shutdown). (Oracle Corp.) 6971- Fixed bug #49521 (PDO fetchObject sets values before calling constructor). 6972 (Pierrick) 6973- Fixed bug #49472 (Constants defined in Interfaces can be overridden). 6974 (Felipe) 6975- Fixed bug #49463 (setAttributeNS fails setting default namespace). (Rob) 6976- Fixed bug #49244 (Floating point NaN cause garbage characters). (Sjoerd) 6977- Fixed bug #49224 (Compile error due to old DNS functions on AIX systems). 6978 (Scott) 6979- Fixed bug #49174 (crash when extending PDOStatement and trying to set 6980 queryString property). (Felipe) 6981- Fixed bug #48811 (Directives in PATH section do not get applied to 6982 subdirectories). (Patch by: ct at swin dot edu dot au) 6983- Fixed bug #48590 (SoapClient does not honor max_redirects). (Sriram) 6984- Fixed bug #48190 (Content-type parameter "boundary" is not case-insensitive 6985 in HTTP uploads). (Ilia) 6986- Fixed bug #47848 (importNode doesn't preserve attribute namespaces). (Rob) 6987- Fixed bug #47409 (extract() problem with array containing word "this"). 6988 (Ilia, chrisstocktonaz at gmail dot com) 6989- Fixed bug #47281 ($php_errormsg is limited in size of characters) 6990 (Oracle Corp.) 6991- Fixed bug #46478 (htmlentities() uses obsolete mapping table for character 6992 entity references). (Moriyoshi) 6993- Fixed bug #45599 (strip_tags() truncates rest of string with invalid 6994 attribute). (Ilia, hradtke) 6995- Fixed bug #45120 (PDOStatement->execute() returns true then false for same 6996 statement). (Pierrick) 6997- Fixed bug #44827 (define() allows :: in constant names). (Ilia) 6998- Fixed bug #44098 (imap_utf8() returns only capital letters). 6999 (steffen at dislabs dot de, Pierre) 7000- Fixed bug #34852 (Failure in odbc_exec() using oracle-supplied odbc 7001 driver). (tim dot tassonis at trivadis dot com) 7002 700319 Nov 2009, PHP 5.3.1 7004- Upgraded bundled sqlite to version 3.6.19. (Scott) 7005- Updated timezone database to version 2009.17 (2009q). (Derick) 7006 7007- Changed ini file directives [PATH=](on Win32) and [HOST=](on all) to be case 7008 insensitive. (garretts) 7009 7010- Restored shebang line check to CGI sapi (not checked by scanner anymore). 7011 (Jani) 7012 7013- Added "max_file_uploads" INI directive, which can be set to limit the 7014 number of file uploads per-request to 20 by default, to prevent possible 7015 DOS via temporary file exhaustion. (Ilia) 7016- Added missing sanity checks around exif processing. (Ilia) 7017- Added error constant when json_encode() detects an invalid UTF-8 sequence. 7018 (Scott) 7019- Added support for ACL on Windows for thread safe SAPI (Apache2 for example) 7020 and fix its support on NTS. (Pierre) 7021 7022- Improved symbolic, mounted volume and junctions support for realpath on 7023 Windows. (Pierre) 7024- Improved readlink on Windows, suppress \??\ and use the drive syntax only. 7025 (Pierre) 7026- Improved dns_get_record() AAAA support on windows. Always available when 7027 IPv6 is support is installed, format is now the same than on unix. (Pierre) 7028- Improved the DNS functions on OSX to use newer APIs, also use Bind 9 API 7029 where available on other platforms. (Scott) 7030- Improved shared extension loading on OSX to use the standard Unix dlopen() 7031 API. (Scott) 7032 7033- Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre) 7034- Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. 7035 (Rasmus) 7036- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz 7037 Stachowiak. (Rasmus) 7038- Fixed certificate validation inside php_openssl_apply_verification_policy 7039 (Ryan Sleevi, Ilia) 7040- Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery() 7041 when calling using Reflection. (Felipe) 7042- Fixed crash when instantiating PDORow and PDOStatement through Reflection. 7043 (Felipe) 7044- Fixed sanity check for the color index in imagecolortransparent. (Pierre) 7045- Fixed scandir/readdir when used mounted points on Windows. (Pierre) 7046- Fixed zlib.deflate compress filter to actually accept level parameter. (Jani) 7047- Fixed leak on error in popen/exec (and related functions) on Windows. 7048 (Pierre) 7049- Fixed possible bad caching of symlinked directories in the realpath cache 7050 on Windows. (Pierre) 7051- Fixed atime and mtime in stat related functions on Windows. (Pierre) 7052- Fixed spl_autoload_unregister/spl_autoload_functions wrt. Closures and 7053 Functors. (Christian Seiler) 7054- Fixed open_basedir circumvention for "mail.log" ini directive. 7055 (Maksymilian Arciemowicz, Stas) 7056- Fixed signature generation/validation for zip archives in ext/phar. (Greg) 7057- Fixed memory leak in stream_is_local(). (Felipe, Tony) 7058- Fixed BC break in mime_content_type(), removes the content encoding. (Scott) 7059 7060- Fixed PECL bug #16842 (oci_error return false when NO_DATA_FOUND is raised). 7061 (Chris Jones) 7062 7063- Fixed bug #50063 (safe_mode_include_dir fails). (Johannes, christian at 7064 elmerot dot se) 7065- Fixed bug #50052 (Different Hashes on Windows and Linux on wrong Salt size). 7066 (Pierre) 7067- Fixed bug #49986 (Missing ICU DLLs on windows package). (Pierre) 7068- Fixed bug #49910 (no support for ././@LongLink for long filenames in phar 7069 tar support). (Greg) 7070- Fixed bug #49908 (throwing exception in __autoload crashes when interface 7071 is not defined). (Felipe) 7072- Fixed bug #49847 (exec() fails to return data inside 2nd parameter, given 7073 output lines >4095 bytes). (Ilia) 7074- Fixed bug #49809 (time_sleep_until() is not available on OpenSolaris). (Jani) 7075- Fixed bug #49757 (long2ip() can return wrong value in a multi-threaded 7076 applications). (Ilia, Florian Anderiasch) 7077- Fixed bug #49738 (calling mcrypt after mcrypt_generic_deinit crashes). 7078 (Sriram Natarajan) 7079- Fixed bug #49732 (crashes when using fileinfo when timestamp conversion 7080 fails). (Pierre) 7081- Fixed bug #49698 (Unexpected change in strnatcasecmp()). (Rasmus) 7082- Fixed bug #49630 (imap_listscan function missing). (Felipe) 7083- Fixed bug #49572 (use of C++ style comments causes build failure). 7084 (Sriram Natarajan) 7085- Fixed bug #49531 (CURLOPT_INFILESIZE sometimes causes warning "CURLPROTO_FILE 7086 cannot be set"). (Felipe) 7087- Fixed bug #49517 (cURL's CURLOPT_FILE prevents file from being deleted after 7088 fclose). (Ilia) 7089- Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters). 7090 (Ilia) 7091- Fixed bug #49447 (php engine need to correctly check for socket API 7092 return status on windows). (Sriram Natarajan) 7093- Fixed bug #49391 (ldap.c utilizing deprecated ldap_modify_s). (Ilia) 7094- Fixed bug #49372 (segfault in php_curl_option_curl). (Pierre) 7095- Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries). 7096 (Ilia, code-it at mail dot ru) 7097- Fixed bug #49306 (inside pdo_mysql default socket settings are ignored). 7098 (Ilia) 7099- Fixed bug #49289 (bcmath module doesn't compile with phpize configure). 7100 (Jani) 7101- Fixed bug #49286 (php://input (php_stream_input_read) is broken). (Jani) 7102- Fixed bug #49269 (Ternary operator fails on Iterator object when used inside 7103 foreach declaration). (Etienne, Dmitry) 7104- Fixed bug #49236 (Missing PHP_SUBST(PDO_MYSQL_SHARED_LIBADD)). (Jani) 7105- Fixed bug #49223 (Inconsistency using get_defined_constants). (Garrett) 7106- Fixed bug #49193 (gdJpegGetVersionString() inside gd_compact identifies 7107 wrong type in declaration). (Ilia) 7108- Fixed bug #49183 (dns_get_record does not return NAPTR records). (Pierre) 7109- Fixed bug #49144 (Import of schema from different host transmits original 7110 authentication details). (Dmitry) 7111- Fixed bug #49142 (crash when exception thrown from __tostring()). 7112 (David Soria Parra) 7113- Fixed bug #49132 (posix_times returns false without error). 7114 (phpbugs at gunnu dot us) 7115- Fixed bug #49125 (Error in dba_exists C code). (jdornan at stanford dot edu) 7116- Fixed bug #49122 (undefined reference to mysqlnd_stmt_next_result on compile 7117 with --with-mysqli and MySQL 6.0). (Jani) 7118- Fixed bug #49108 (2nd scan_dir produces segfault). (Felipe) 7119- Fixed bug #49098 (mysqli segfault on error). (Rasmus) 7120- Fixed bug #49095 (proc_get_status['exitcode'] fails on win32). (Felipe) 7121- Fixed bug #49092 (ReflectionFunction fails to work with functions in fully 7122 qualified namespaces). (Kalle, Jani) 7123- Fixed bug #49074 (private class static fields can be modified by using 7124 reflection). (Jani) 7125- Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre) 7126- Fixed bug #49065 ("disable_functions" php.ini option does not work on 7127 Zend extensions). (Stas) 7128- Fixed bug #49064 (--enable-session=shared does not work: undefined symbol: 7129 php_url_scanner_reset_vars). (Jani) 7130- Fixed bug #49056 (parse_ini_file() regression in 5.3.0 when using non-ASCII 7131 strings as option keys). (Jani) 7132- Fixed bug #49052 (context option headers freed too early when using 7133 --with-curlwrappers). (Jani) 7134- Fixed bug #49047 (The function touch() fails on directories on Windows). 7135 (Pierre) 7136- Fixed bug #49032 (SplFileObject::fscanf() variables passed by reference). 7137 (Jani) 7138- Fixed bug #49027 (mysqli_options() doesn't work when using mysqlnd). (Andrey) 7139- Fixed bug #49026 (proc_open() can bypass safe_mode_protected_env_vars 7140 restrictions). (Ilia) 7141- Fixed bug #49020 (phar misinterprets ustar long filename standard). 7142 (Greg) 7143- Fixed bug #49018 (phar tar stores long filenames wit prefix/name reversed). 7144 (Greg) 7145- Fixed bug #49014 (dechunked filter broken when serving more than 8192 bytes 7146 in a chunk). (andreas dot streichardt at globalpark dot com, Ilia) 7147- Fixed bug #49012 (phar tar signature algorithm reports as Unknown (0) in 7148 getSignature() call). (Greg) 7149- Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes 7150 when including files from function). (Stas) 7151- Fixed bug #48994 (zlib.output_compression does not output HTTP headers when 7152 set to a string value). (Jani) 7153- Fixed bug #48980 (Crash when compiling with pdo_firebird). (Felipe) 7154- Fixed bug #48962 (cURL does not upload files with specified filename). 7155 (Ilia) 7156- Fixed bug #48929 (Double \r\n after HTTP headers when "header" context 7157 option is an array). (David Zülke) 7158- Fixed bug #48913 (Too long error code strings in pdo_odbc driver). 7159 (naf at altlinux dot ru, Felipe) 7160- Fixed bug #48912 (Namespace causes unexpected strict behaviour with 7161 extract()). (Dmitry) 7162- Fixed bug #48909 (Segmentation fault in mysqli_stmt_execute()). (Andrey) 7163- Fixed bug #48899 (is_callable returns true even if method does not exist in 7164 parent class). (Felipe) 7165- Fixed bug #48893 (Problems compiling with Curl). (Felipe) 7166- Fixed bug #48880 (Random Appearing open_basedir problem). (Rasmus, Gwynne) 7167- Fixed bug #48872 (string.c: errors: duplicate case values). (Kalle) 7168- Fixed bug #48854 (array_merge_recursive modifies arrays after first one). 7169 (Felipe) 7170- Fixed bug #48805 (IPv6 socket transport is not working). (Ilia) 7171- Fixed bug #48802 (printf() returns incorrect outputted length). (Jani) 7172- Fixed bug #48791 (open office files always reported as corrupted). (Greg) 7173- Fixed bug #48788 (RecursiveDirectoryIterator doesn't descend into symlinked 7174 directories). (Ilia) 7175- Fixed bug #48783 (make install will fail saying phar file exists). (Greg) 7176- Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()). 7177 (Sriram Natarajan) 7178- Fixed bug #48771 (rename() between volumes fails and reports no error on 7179 Windows). (Pierre) 7180- Fixed bug #48768 (parse_ini_*() crash with INI_SCANNER_RAW). (Jani) 7181- Fixed bug #48763 (ZipArchive produces corrupt archive). (dani dot church at 7182 gmail dot com, Pierre) 7183- Fixed bug #48762 (IPv6 address filter still rejects valid address). (Felipe) 7184- Fixed bug #48757 (ReflectionFunction::invoke() parameter issues). (Kalle) 7185- Fixed bug #48754 (mysql_close() crash php when no handle specified). 7186 (Johannes, Andrey) 7187- Fixed bug #48752 (Crash during date parsing with invalid date). (Pierre) 7188- Fixed bug #48746 (Unable to browse directories within Junction Points). 7189 (Pierre, Kanwaljeet Singla) 7190- Fixed bug #48745 (mysqlnd: mysql_num_fields returns wrong column count for 7191 mysql_list_fields). (Andrey) 7192- Fixed bug #48740 (PHAR install fails when INSTALL_ROOT is not the final 7193 install location). (james dot cohen at digitalwindow dot com, Greg) 7194- Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on 7195 files that have been opened with r+). (Ilia) 7196- Fixed bug #48719 (parse_ini_*(): scanner_mode parameter is not checked for 7197 sanity). (Jani) 7198- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain 7199 components). (Ilia) 7200- Fixed bug #48681 (openssl signature verification for tar archives broken). 7201 (Greg) 7202- Fixed bug #48660 (parse_ini_*(): dollar sign as last character of value 7203 fails). (Jani) 7204- Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal 7205 html-entities). (Moriyoshi) 7206- Fixed bug #48637 ("file" fopen wrapper is overwritten when using 7207 --with-curlwrappers). (Jani) 7208- Fixed bug #48608 (Invalid libreadline version not detected during configure). 7209 (Jani) 7210- Fixed bug #48400 (imap crashes when closing stream opened with 7211 OP_PROTOTYPE flag). (Jani) 7212- Fixed bug #48377 (error message unclear on converting phar with existing 7213 file). (Greg) 7214- Fixed bug #48247 (Infinite loop and possible crash during startup with 7215 errors when errors are logged). (Jani) 7216- Fixed bug #48198 error: 'MYSQLND_LLU_SPEC' undeclared. Cause for #48780 and 7217 #46952 - both fixed too. (Andrey) 7218- Fixed bug #48189 (ibase_execute error in return param). (Kalle) 7219- Fixed bug #48182 (ssl handshake fails during asynchronous socket connection). 7220 (Sriram Natarajan) 7221- Fixed bug #48116 (Fixed build with Openssl 1.0). (Pierre, 7222 Al dot Smith at aeschi dot ch dot eu dot org) 7223- Fixed bug #48057 (Only the date fields of the first row are fetched, others 7224 are empty). (info at programmiernutte dot net) 7225- Fixed bug #47481 (natcasesort() does not sort extended ASCII characters 7226 correctly). (Herman Radtke) 7227- Fixed bug #47351 (Memory leak in DateTime). (Derick, Tobias John) 7228- Fixed bug #47273 (Encoding bug in SoapServer->fault). (Dmitry) 7229- Fixed bug #46682 (touch() afield returns different values on windows). 7230 (Pierre) 7231- Fixed bug #46614 (Extended MySQLi class gives incorrect empty() result). 7232 (Andrey) 7233- Fixed bug #46020 (with Sun Java System Web Server 7.0 on HPUX, #define HPUX). 7234 (Uwe Schindler) 7235- Fixed bug #45905 (imagefilledrectangle() clipping error). 7236 (markril at hotmail dot com, Pierre) 7237- Fixed bug #45554 (Inconsistent behavior of the u format char). (Derick) 7238- Fixed bug #45141 (setcookie will output expires years of >4 digits). (Ilia) 7239- Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre) 7240- Fixed bug #43510 (stream_get_meta_data() does not return same mode as used 7241 in fopen). (Jani) 7242- Fixed bug #42434 (ImageLine w/ antialias = 1px shorter). (wojjie at gmail dot 7243 com, Kalle) 7244- Fixed bug #40013 (php_uname() does not return nodename on Netware (Guenter 7245 Knauf) 7246- Fixed bug #38091 (Mail() does not use FQDN when sending SMTP helo). 7247 (Kalle, Rick Yorgason) 7248- Fixed bug #28038 (Sent incorrect RCPT TO commands to SMTP server) (Garrett) 7249- Fixed bug #27051 (Impersonation with FastCGI does not exec process as 7250 impersonated user). (Pierre) 7251 7252 725330 Jun 2009, PHP 5.3.0 7254- Upgraded bundled PCRE to version 7.9. (Nuno) 7255- Upgraded bundled sqlite to version 3.6.15. (Scott) 7256 7257- Moved extensions to PECL (Derick, Lukas, Pierre, Scott): 7258 . ext/dbase 7259 . ext/fbsql 7260 . ext/fdf 7261 . ext/ncurses 7262 . ext/mhash (BC layer is now entirely within ext/hash) 7263 . ext/ming 7264 . ext/msql 7265 . ext/sybase (not maintained anymore, sybase_ct has to be used instead) 7266 7267- Removed the experimental RPL (master/slave) functions from mysqli. (Andrey) 7268- Removed zend.ze1_compatibility_mode. (Dmitry) 7269- Removed all zend_extension_* php.ini directives. Zend extensions are now 7270 always loaded using zend_extension directive. (Derick) 7271- Removed special treatment of "/tmp" in sessions for open_basedir. 7272 Note: This undocumented behaviour was introduced in 5.2.2. (Alexey) 7273- Removed shebang line check from CGI sapi (checked by scanner). (Dmitry) 7274 7275- Changed PCRE, Reflection and SPL extensions to be always enabled. (Marcus) 7276- Changed md5() to use improved implementation. (Solar Designer, Dmitry) 7277- Changed HTTP stream wrapper to accept any code between and including 7278 200 to 399 as successful. (Mike, Noah Fontes) 7279- Changed __call() to be invoked on private/protected method access, similar to 7280 properties and __get(). (Andrei) 7281- Changed dl() to be disabled by default. Enabled only when explicitly 7282 registered by the SAPI. Currently enabled with cli, cgi and embed SAPIs. 7283 (Dmitry) 7284- Changed opendir(), dir() and scandir() to use default context when no context 7285 argument is passed. (Sara) 7286- Changed open_basedir to allow tightening in runtime contexts. (Sara) 7287- Changed PHP/Zend extensions to use flexible build IDs. (Stas) 7288- Changed error level E_ERROR into E_WARNING in Soap extension methods 7289 parameter validation. (Felipe) 7290- Changed openssl info to show the shared library version number. (Scott) 7291- Changed floating point behaviour to consistently use double precision on all 7292 platforms and with all compilers. (Christian Seiler) 7293- Changed round() to act more intuitively when rounding to a certain precision 7294 and round very large and very small exponents correctly. (Christian Seiler) 7295- Changed session_start() to return false when session startup fails. (Jani) 7296- Changed property_exists() to check the existence of a property independent of 7297 accessibility (like method_exists()). (Felipe) 7298- Changed array_reduce() to allow mixed $initial (Christian Seiler) 7299 7300- Improved PHP syntax and semantics: 7301 . Added lambda functions and closures. (Christian Seiler, Dmitry) 7302 . Added "jump label" operator (limited "goto"). (Dmitry, Sara) 7303 . Added NOWDOC syntax. (Gwynne Raskind, Stas, Dmitry) 7304 . Added HEREDOC syntax with double quotes. (Lars Strojny, Felipe) 7305 . Added support for using static HEREDOCs to initialize static variables and 7306 class members or constants. (Matt) 7307 . Improved syntax highlighting and consistency for variables in double-quoted 7308 strings and literal text in HEREDOCs and backticks. (Matt) 7309 . Added "?:" operator. (Marcus) 7310 . Added support for namespaces. (Dmitry, Stas, Gregory, Marcus) 7311 . Added support for Late Static Binding. (Dmitry, Etienne Kneuss) 7312 . Added support for __callStatic() magic method. (Sara) 7313 . Added forward_static_call(_array) to complete LSB. (Mike Lively) 7314 . Added support for dynamic access of static members using $foo::myFunc(). 7315 (Etienne Kneuss) 7316 . Improved checks for callbacks. (Marcus) 7317 . Added __DIR__ constant. (Lars Strojny) 7318 . Added new error modes E_USER_DEPRECATED and E_DEPRECATED. 7319 E_DEPRECATED is used to inform about stuff being scheduled for removal 7320 in future PHP versions. (Lars Strojny, Felipe, Marcus) 7321 . Added "request_order" INI variable to control specifically $_REQUEST 7322 behavior. (Stas) 7323 . Added support for exception linking. (Marcus) 7324 . Added ability to handle exceptions in destructors. (Marcus) 7325 7326- Improved PHP runtime speed and memory usage: 7327 . Substitute global-scope, persistent constants with their values at compile 7328 time. (Matt) 7329 . Optimized ZEND_SIGNED_MULTIPLY_LONG(). (Matt) 7330 . Removed direct executor recursion. (Dmitry) 7331 . Use fastcall calling convention in executor on x86. (Dmitry) 7332 . Use IS_CV for direct access to $this variable. (Dmitry) 7333 . Use ZEND_FREE() opcode instead of ZEND_SWITCH_FREE(IS_TMP_VAR). (Dmitry) 7334 . Lazy EG(active_symbol_table) initialization. (Dmitry) 7335 . Optimized ZEND_RETURN opcode to not allocate and copy return value if it is 7336 not used. (Dmitry) 7337 . Replaced all flex based scanners with re2c based scanners. 7338 (Marcus, Nuno, Scott) 7339 . Added garbage collector. (David Wang, Dmitry). 7340 . Improved PHP binary size and startup speed with GCC4 visibility control. 7341 (Nuno) 7342 . Improved engine stack implementation for better performance and stability. 7343 (Dmitry) 7344 . Improved memory usage by moving constants to read only memory. 7345 (Dmitry, Pierre) 7346 . Changed exception handling. Now each op_array doesn't contain 7347 ZEND_HANDLE_EXCEPTION opcode in the end. (Dmitry) 7348 . Optimized require_once() and include_once() by eliminating fopen(3) on 7349 second usage. (Dmitry) 7350 . Optimized ZEND_FETCH_CLASS + ZEND_ADD_INTERFACE into single 7351 ZEND_ADD_INTERFACE opcode. (Dmitry) 7352 . Optimized string searching for a single character. 7353 (Michal Dziemianko, Scott) 7354 . Optimized interpolated strings to use one less opcode. (Matt) 7355 7356- Improved php.ini handling: (Jani) 7357 . Added ".htaccess" style user-defined php.ini files support for CGI/FastCGI. 7358 . Added support for special [PATH=/opt/httpd/www.example.com/] and 7359 [HOST=www.example.com] sections. Directives set in these sections can 7360 not be overridden by user-defined ini-files or during runtime. 7361 . Added better error reporting for php.ini syntax errors. 7362 . Allowed using full path to load modules using "extension" directive. 7363 . Allowed "ini-variables" to be used almost everywhere ini php.ini files. 7364 . Allowed using alphanumeric/variable indexes in "array" ini options. 7365 . Added 3rd optional parameter to parse_ini_file() to specify the scanning 7366 mode of INI_SCANNER_NORMAL or INI_SCANNER_RAW. In raw mode option values 7367 and section values are treated as-is. 7368 . Fixed get_cfg_var() to be able to return "array" ini options. 7369 . Added optional parameter to ini_get_all() to only retrieve the current 7370 value. (Hannes) 7371 7372- Improved Windows support: 7373 . Update all libraries to their latest stable version. (Pierre, Rob, Liz, 7374 Garrett). 7375 . Added Windows support for stat(), touch(), filemtime(), filesize() and 7376 related functions. (Pierre) 7377 . Re-added socket_create_pair() for Windows in sockets extension. (Kalle) 7378 . Added inet_pton() and inet_ntop() also for Windows platforms. 7379 (Kalle, Pierre) 7380 . Added mcrypt_create_iv() for Windows platforms. (Pierre) 7381 . Added ACL Cache support on Windows. 7382 (Kanwaljeet Singla, Pierre, Venkat Raman Don) 7383 . Added constants based on Windows' GetVersionEx information. 7384 PHP_WINDOWS_VERSION_* and PHP_WINDOWS_NT_*. (Pierre) 7385 . Added support for ACL (is_writable, is_readable, reports now correct 7386 results) on Windows. (Pierre, Venkat Raman Don, Kanwaljeet Singla) 7387 . Added support for fnmatch() on Windows. (Pierre) 7388 . Added support for time_nanosleep() and time_sleep_until() on Windows. 7389 (Pierre) 7390 . Added support for symlink(), readlink(), linkinfo() and link() on Windows. 7391 They are available only when the running platform supports them. (Pierre) 7392 . the GMP extension now relies on MPIR instead of the GMP library. (Pierre) 7393 . Added Windows support for stream_socket_pair(). (Kalle) 7394 . Drop all external dependencies for the core features. (Pierre) 7395 . Drastically improve the build procedure (Pierre, Kalle, Rob): 7396 . VC9 (Visual C++ 2008) or later support 7397 . Initial experimental x64 support 7398 . MSI installer now supports all recent Windows versions, including 7399 Windows 7. (John, Kanwaljeet Singla) 7400 7401- Improved and cleaned CGI code: 7402 . FastCGI is now always enabled and cannot be disabled. 7403 See sapi/cgi/CHANGES for more details. (Dmitry) 7404 . Added CGI SAPI -T option which can be used to measure execution 7405 time of script repeated several times. (Dmitry) 7406 7407- Improved streams: 7408 . Fixed confusing error message on failure when no errors are logged. (Greg) 7409 . Added stream_supports_lock() function. (Benjamin Schulz) 7410 . Added context parameter for copy() function. (Sara) 7411 . Added "glob://" stream wrapper. (Marcus) 7412 . Added "params" as optional parameter for stream_context_create(). (Sara) 7413 . Added ability to use stream wrappers in include_path. (Gregory, Dmitry) 7414 7415- Improved DNS API 7416 . Added Windows support for dns_check_record(), dns_get_mx(), checkdnsrr() and 7417 getmxrr(). (Pierre) 7418 . Added support for old style DNS functions (supports OSX and FBSD). (Scott) 7419 . Added a new "entries" array in dns_check_record() containing the TXT 7420 elements. (Felipe, Pierre) 7421 7422- Improved hash extension: 7423 . Changed mhash to be a wrapper layer around the hash extension. (Scott) 7424 . Added hash_copy() function. (Tony) 7425 . Added sha224 hash algorithm to the hash extension. (Scott) 7426 7427- Improved IMAP support (Pierre): 7428 . Added imap_gc() to clear the imap cache 7429 . Added imap_utf8_to_mutf7() and imap_mutf7_to_utf8() 7430 7431- Improved mbstring extension: 7432 . Added "mbstring.http_output_conv_mimetypes" INI directive that allows 7433 common non-text types such as "application/xhtml+xml" to be converted 7434 by mb_output_handler(). (Moriyoshi) 7435 7436- Improved OCI8 extension (Chris Jones/Oracle Corp.): 7437 . Added Database Resident Connection Pooling (DRCP) and Fast 7438 Application Notification (FAN) support. 7439 . Added support for Oracle External Authentication (not supported 7440 on Windows). 7441 . Improve persistent connection handling of restarted DBs. 7442 . Added SQLT_AFC (aka CHAR datatype) support to oci_bind_by_name. 7443 . Fixed bug #45458 (Numeric keys for associative arrays are not 7444 handled properly) 7445 . Fixed bug #41069 (Segmentation fault with query over DB link). 7446 . Fixed define of SQLT_BDOUBLE and SQLT_BFLOAT constants with Oracle 7447 10g ORACLE_HOME builds. 7448 . Changed default value of oci8.default_prefetch from 10 to 100. 7449 . Fixed PECL Bug #16035 (OCI8: oci_connect without ORACLE_HOME defined causes 7450 segfault) (Chris Jones/Oracle Corp.) 7451 . Fixed PECL Bug #15988 (OCI8: sqlnet.ora isn't read with older Oracle 7452 libraries) (Chris Jones/Oracle Corp.) 7453 . Fixed PECL Bug #14268 (Allow "pecl install oci8" command to "autodetect" an 7454 Instant Client RPM install) (Chris Jones/Oracle Corp.) 7455 . Fixed PECL bug #12431 (OCI8 ping functionality is broken). 7456 . Allow building (e.g from PECL) the PHP 5.3-based OCI8 code with 7457 PHP 4.3.9 onwards. 7458 . Provide separate extensions for Oracle 11g and 10g on Windows. 7459 (Pierre, Chris) 7460 7461- Improved OpenSSL extension: 7462 . Added support for OpenSSL digest and cipher functions. (Dmitry) 7463 . Added access to internal values of DSA, RSA and DH keys. (Dmitry) 7464 . Fixed a memory leak on openssl_decrypt(). (Henrique) 7465 . Fixed segfault caused by openssl_pkey_new(). (Henrique) 7466 . Fixed bug caused by uninitilized variables in openssl_pkcs7_encrypt() and 7467 openssl_pkcs7_sign(). (Henrique) 7468 . Fixed error message in openssl_seal(). (Henrique) 7469 7470- Improved pcntl extension: (Arnaud) 7471 . Added pcntl_signal_dispatch(). 7472 . Added pcntl_sigprocmask(). 7473 . Added pcntl_sigwaitinfo(). 7474 . Added pcntl_sigtimedwait(). 7475 7476- Improved SOAP extension: 7477 . Added support for element names in context of XMLSchema's <any>. (Dmitry) 7478 . Added ability to use Traversable objects instead of plain arrays. 7479 (Joshua Reese, Dmitry) 7480 . Fixed possible crash bug caused by an uninitialized value. (Zdash Urf) 7481 7482- Improved SPL extension: 7483 . Added SPL to list of standard extensions that cannot be disabled. (Marcus) 7484 . Added ability to store associative information with objects in 7485 SplObjectStorage. (Marcus) 7486 . Added ArrayAccess support to SplObjectStorage. (Marcus) 7487 . Added SplDoublyLinkedList, SplStack, SplQueue classes. (Etienne) 7488 . Added FilesystemIterator. (Marcus) 7489 . Added GlobIterator. (Marcus) 7490 . Added SplHeap, SplMinHeap, SplMaxHeap, SplPriorityQueue classes. (Etienne) 7491 . Added new parameter $prepend to spl_autoload_register(). (Etienne) 7492 . Added SplFixedArray. (Etienne, Tony) 7493 . Added delaying exceptions in SPL's autoload mechanism. (Marcus) 7494 . Added RecursiveTreeIterator. (Arnaud, Marcus) 7495 . Added MultipleIterator. (Arnaud, Marcus, Johannes) 7496 7497- Improved Zend Engine: 7498 . Added "compact" handler for Zend MM storage. (Dmitry) 7499 . Added "+" and "*" specifiers to zend_parse_parameters(). (Andrei) 7500 . Added concept of "delayed early binding" that allows opcode caches to 7501 perform class declaration (early and/or run-time binding) in exactly 7502 the same order as vanilla PHP. (Dmitry) 7503 7504- Improved crypt() function: (Pierre) 7505 . Added Blowfish and extended DES support. (Using Blowfish implementation 7506 from Solar Designer). 7507 . Made crypt features portable by providing our own implementations 7508 for crypt_r and the algorithms which are used when OS does not provide 7509 them. PHP implementations are always used for Windows builds. 7510 7511- Deprecated session_register(), session_unregister() and 7512 session_is_registered(). (Hannes) 7513- Deprecated define_syslog_variables(). (Kalle) 7514- Deprecated ereg extension. (Felipe) 7515 7516- Added new extensions: 7517 . Added Enchant extension as a way to access spell checkers. (Pierre) 7518 . Added fileinfo extension as replacement for mime_magic extension. (Derick) 7519 . Added intl extension for Internationalization. (Ed B., Vladimir I., 7520 Dmitry L., Stanislav M., Vadim S., Kirti V.) 7521 . Added mysqlnd extension as replacement for libmysql for ext/mysql, mysqli 7522 and PDO_mysql. (Andrey, Johannes, Ulf) 7523 . Added phar extension for handling PHP Archives. (Greg, Marcus, Steph) 7524 . Added SQLite3 extension. (Scott) 7525 7526- Added new date/time functionality: (Derick) 7527 . date_parse_from_format(): Parse date/time strings according to a format. 7528 . date_create_from_format()/DateTime::createFromFormat(): Create a date/time 7529 object by parsing a date/time string according to a given format. 7530 . date_get_last_errors()/DateTime::getLastErrors(): Return a list of warnings 7531 and errors that were found while parsing a date/time string through: 7532 . strtotime() / new DateTime 7533 . date_create_from_format() / DateTime::createFromFormat() 7534 . date_parse_from_format(). 7535 . support for abbreviation and offset based timezone specifiers for 7536 the 'e' format specifier, DateTime::__construct(), DateTime::getTimeZone() 7537 and DateTimeZone::getName(). 7538 . support for selectively listing timezone identifiers by continent or 7539 country code through timezone_identifiers_list() / 7540 DateTimezone::listIdentifiers(). 7541 . timezone_location_get() / DateTimezone::getLocation() for retrieving 7542 location information from timezones. 7543 . date_timestamp_set() / DateTime::setTimestamp() to set a Unix timestamp 7544 without invoking the date parser. (Scott, Derick) 7545 . date_timestamp_get() / DateTime::getTimestamp() to retrieve the Unix 7546 timestamp belonging to a date object. 7547 . two optional parameters to timezone_transitions_get() / 7548 DateTimeZone::getTranstions() to limit the range of transitions being 7549 returned. 7550 . support for "first/last day of <month>" style texts. 7551 . support for date/time strings returned by MS SQL. 7552 . support for serialization and unserialization of DateTime objects. 7553 . support for diffing date/times through date_diff() / DateTime::diff(). 7554 . support for adding/subtracting weekdays with strtotime() and 7555 DateTime::modify(). 7556 . DateInterval class to represent the difference between two date/times. 7557 . support for parsing ISO intervals for use with DateInterval. 7558 . date_add() / DateTime::add(), date_sub() / DateTime::sub() for applying an 7559 interval to an existing date/time. 7560 . proper support for "this week", "previous week"/"last week" and "next week" 7561 phrases so that they actually mean the week and not a seven day period 7562 around the current day. 7563 . support for "<xth> <weekday> of" and "last <weekday> of" phrases to be used 7564 with months - like in "last saturday of februari 2008". 7565 . support for "back of <hour>" and "front of <hour>" phrases that are used in 7566 Scotland. 7567 . DatePeriod class which supports iterating over a DateTime object applying 7568 DateInterval on each iteration, up to an end date or limited by maximum 7569 number of occurences. 7570 7571- Added compatibility mode in GD, imagerotate, image(filled)ellipse 7572 imagefilter, imageconvolution and imagecolormatch are now always enabled. 7573 (Pierre) 7574- Added array_replace() and array_replace_recursive() functions. (Matt) 7575- Added ReflectionProperty::setAccessible() method that allows non-public 7576 property's values to be read through ::getValue() and set through 7577 ::setValue(). (Derick, Sebastian) 7578- Added msg_queue_exists() function to sysvmsg extension. (Benjamin Schulz) 7579- Added Firebird specific attributes that can be set via PDO::setAttribute() 7580 to control formatting of date/timestamp columns: PDO::FB_ATTR_DATE_FORMAT, 7581 PDO::FB_ATTR_TIME_FORMAT and PDO::FB_ATTR_TIMESTAMP_FORMAT. (Lars W) 7582- Added gmp_testbit() function. (Stas) 7583- Added icon format support to getimagesize(). (Scott) 7584- Added LDAP_OPT_NETWORK_TIMEOUT option for ldap_set_option() to allow 7585 setting network timeout (FR #42837). (Jani) 7586- Added optional escape character parameter to fgetcsv(). (David Soria Parra) 7587- Added an optional parameter to strstr() and stristr() for retrieval of either 7588 the part of haystack before or after first occurrence of needle. 7589 (Johannes, Felipe) 7590- Added xsl->setProfiling() for profiling stylesheets. (Christian) 7591- Added long-option feature to getopt() and made getopt() available also on 7592 win32 systems by adding a common getopt implementation into core. 7593 (David Soria Parra, Jani) 7594- Added support for optional values, and = as separator, in getopt(). (Hannes) 7595- Added lcfirst() function. (David C) 7596- Added PREG_BAD_UTF8_OFFSET_ERROR constant. (Nuno) 7597- Added native support for asinh(), acosh(), atanh(), log1p() and expm1(). 7598 (Kalle) 7599- Added LIBXML_LOADED_VERSION constant (libxml2 version currently used). (Rob) 7600- Added JSON_FORCE_OBJECT flag to json_encode(). (Scott, Richard Quadling) 7601- Added timezone_version_get() to retrieve the version of the used timezone 7602 database. (Derick) 7603- Added 'n' flag to fopen to allow passing O_NONBLOCK to the underlying 7604 open(2) system call. (Mikko) 7605- Added "dechunk" filter which can decode HTTP responses with chunked 7606 transfer-encoding. HTTP streams use this filter automatically in case 7607 "Transfer-Encoding: chunked" header is present in response. It's possible to 7608 disable this behaviour using "http"=>array("auto_decode"=>0) in stream 7609 context. (Dmitry) 7610- Added support for CP850 encoding in mbstring extension. 7611 (Denis Giffeler, Moriyoshi) 7612- Added stream_cast() and stream_set_options() to user-space stream wrappers, 7613 allowing stream_select(), stream_set_blocking(), stream_set_timeout() and 7614 stream_set_write_buffer() to work with user-space stream wrappers. (Arnaud) 7615- Added header_remove() function. (chsc at peytz dot dk, Arnaud) 7616- Added stream_context_get_params() function. (Arnaud) 7617- Added optional parameter "new" to sybase_connect(). (Timm) 7618- Added parse_ini_string() function. (grange at lemonde dot fr, Arnaud) 7619- Added str_getcsv() function. (Sara) 7620- Added openssl_random_pseudo_bytes() function. (Scott) 7621- Added ability to send user defined HTTP headers with SOAP request. 7622 (Brian J.France, Dmitry) 7623- Added concatenation option to bz2.decompress stream filter. 7624 (Keisial at gmail dot com, Greg) 7625- Added support for using compressed connections with PDO_mysql. (Johannes) 7626- Added the ability for json_decode() to take a user specified depth. (Scott) 7627- Added support for the mysql_stmt_next_result() function from libmysql. 7628 (Andrey) 7629- Added function preg_filter() that does grep and replace in one go. (Marcus) 7630- Added system independent realpath() implementation which caches intermediate 7631 directories in realpath-cache. (Dmitry) 7632- Added optional clear_realpath_cache and filename parameters to 7633 clearstatcache(). (Jani, Arnaud) 7634- Added litespeed SAPI module. (George Wang) 7635- Added ext/hash support to ext/session's ID generator. (Sara) 7636- Added quoted_printable_encode() function. (Tony) 7637- Added stream_context_set_default() function. (Davey Shafik) 7638- Added optional "is_xhtml" parameter to nl2br() which makes the function 7639 output <br> when false and <br /> when true (FR #34381). (Kalle) 7640- Added PHP_MAXPATHLEN constant (maximum length of a path). (Pierre) 7641- Added support for SSH via libssh2 in cURL. (Pierre) 7642- Added support for gray levels PNG image with alpha in GD extension. (Pierre) 7643- Added support for salsa hashing functions in HASH extension. (Scott) 7644- Added DOMNode::getLineNo to get line number of parsed node. (Rob) 7645- Added table info to PDO::getColumnMeta() with SQLite. (Martin Jansen, Scott) 7646- Added mail logging functionality that allows logging of mail sent via 7647 mail() function. (Ilia) 7648- Added json_last_error() to return any error information from json_decode(). 7649 (Scott) 7650- Added gethostname() to return the current system host name. (Ilia) 7651- Added shm_has_var() function. (Mike) 7652- Added depth parameter to json_decode() to lower the nesting depth from the 7653 maximum if required. (Scott) 7654- Added pixelation support in imagefilter(). (Takeshi Abe, Kalle) 7655- Added SplObjectStorage::addAll/removeAll. (Etienne) 7656 7657- Implemented FR #41712 (curl progress callback: CURLOPT_PROGRESSFUNCTION). 7658 (sdteffen[at]gmail[dot].com, Pierre) 7659- Implemented FR #47739 (Missing cURL option do disable IPv6). (Pierre) 7660- Implemented FR #39637 (Missing cURL option CURLOPT_FTP_FILEMETHOD). (Pierre) 7661 7662- Fixed an issue with ReflectionProperty::setAccessible(). 7663 (Sebastian, Roman Borschel) 7664- Fixed html_entity_decode() incorrectly converting numeric html entities 7665 to different characters with cp1251 and cp866. (Scott) 7666- Fixed an issue in date() where a : was printed for the O modifier after a P 7667 modifier was used. (Derick) 7668- Fixed exec() on Windows to not eat the first and last double quotes. (Scott) 7669- Fixed readlink on Windows in thread safe SAPI (apache2.x etc.). (Pierre) 7670- Fixed a bug causing miscalculations with the "last <weekday> of <n> month" 7671 relative time string. (Derick) 7672- Fixed bug causing the algorithm parameter of mhash() to be modified. (Scott) 7673- Fixed invalid calls to free when internal fileinfo magic file is used. (Scott) 7674- Fixed memory leak inside wddx_add_vars() function. (Felipe) 7675- Fixed check in recode extension to allow builing of recode and mysql 7676 extensions when using a recent libmysql. (Johannes) 7677 7678- Fixed PECL bug #12794 (PDOStatement->nextRowset() doesn't work). (Johannes) 7679- Fixed PECL bug #12401 (Add support for ATTR_FETCH_TABLE_NAMES). (Johannes) 7680 7681- Fixed bug #48696 (ldap_read() segfaults with invalid parameters). (Felipe) 7682- Fixed bug #48643 (String functions memory issue). (Dmitry) 7683- Fixed bug #48641 (tmpfile() uses old parameter parsing). 7684 (crrodriguez at opensuse dot org) 7685- Fixed bug #48624 (.user.ini never gets parsed). (Pierre) 7686- Fixed bug #48620 (X-PHP-Originating-Script assumes no trailing CRLF in 7687 existing headers). (Ilia) 7688- Fixed bug #48578 (Can't build 5.3 on FBSD 4.11). (Rasmus) 7689- Fixed bug #48535 (file_exists returns false when impersonate is used). 7690 (Kanwaljeet Singla, Venkat Raman Don) 7691- Fixed bug #48493 (spl_autoload_register() doesn't work correctly when 7692 prepending functions). (Scott) 7693- Fixed bug #48215 (Calling a method with the same name as the parent class 7694 calls the constructor). (Scott) 7695- Fixed bug #48200 (compile failure with mbstring.c when 7696 --enable-zend-multibyte is used). (Jani) 7697- Fixed bug #48188 (Cannot execute a scrollable cursors twice with PDO_PGSQL). 7698 (Matteo) 7699- Fixed bug #48185 (warning: value computed is not used in 7700 pdo_sqlite_stmt_get_col line 271). (Matteo) 7701- Fixed bug #48087 (call_user_method() invalid free of arguments). (Felipe) 7702- Fixed bug #48060 (pdo_pgsql - large objects are returned as empty). (Matteo) 7703- Fixed bug #48034 (PHP crashes when script is 8192 (8KB) bytes long). (Dmitry) 7704- Fixed bug #48004 (Error handler prevents creation of default object). (Dmitry) 7705- Fixed bug #47880 (crashes in call_user_func_array()). (Dmitry) 7706- Fixed bug #47856 (stristr() converts needle to lower-case). (Ilia) 7707- Fixed bug #47851 (is_callable throws fatal error). (Dmitry) 7708- Fixed bug #47816 (pcntl tests failing on NetBSD). (Matteo) 7709- Fixed bug #47779 (Wrong value for SIG_UNBLOCK and SIG_SETMASK constants). 7710 (Matteo) 7711- Fixed bug #47771 (Exception during object construction from arg call calls 7712 object's destructor). (Dmitry) 7713- Fixed bug #47767 (include_once does not resolve windows symlinks or junctions) 7714 (Kanwaljeet Singla, Venkat Raman Don) 7715- Fixed bug #47757 (rename JPG to JPEG in phpinfo). (Pierre) 7716- Fixed bug #47745 (FILTER_VALIDATE_INT doesn't allow minimum integer). (Dmitry) 7717- Fixed bug #47714 (autoloading classes inside exception_handler leads to 7718 crashes). (Dmitry) 7719- Fixed bug #47671 (Cloning SplObjectStorage instances). (Etienne) 7720- Fixed bug #47664 (get_class returns NULL instead of FALSE). (Dmitry) 7721- Fixed bug #47662 (Support more than 127 subpatterns in preg_match). (Nuno) 7722- Fixed bug #47596 (Bus error on parsing file). (Dmitry) 7723- Fixed bug #47572 (Undefined constant causes segmentation fault). (Felipe) 7724- Fixed bug #47560 (explode()'s limit parameter odd behaviour). (Matt) 7725- Fixed bug #47549 (get_defined_constants() return array with broken array 7726 categories). (Ilia) 7727- Fixed bug #47535 (Compilation failure in ps_fetch_from_1_to_8_bytes()). 7728 (Johannes) 7729- Fixed bug #47534 (RecursiveDiteratoryIterator::getChildren ignoring 7730 CURRENT_AS_PATHNAME). (Etienne) 7731- Fixed bug #47443 (metaphone('scratch') returns wrong result). (Felipe) 7732- Fixed bug #47438 (mysql_fetch_field ignores zero offset). (Johannes) 7733- Fixed bug #47398 (PDO_Firebird doesn't implements quoter correctly). (Felipe) 7734- Fixed bug #47390 (odbc_fetch_into - BC in php 5.3.0). (Felipe) 7735- Fixed bug #47359 (Use the expected unofficial mimetype for bmp files). (Scott) 7736- Fixed bug #47343 (gc_collect_cycles causes a segfault when called within a 7737 destructor in one case). (Dmitry) 7738- Fixed bug #47320 ($php_errormsg out of scope in functions). (Dmitry) 7739- Fixed bug #47318 (UMR when trying to activate user config). (Pierre) 7740- Fixed bug #47243 (OCI8: Crash at shutdown on Windows) (Chris Jones/Oracle 7741 Corp.) 7742- Fixed bug #47231 (offsetGet error using incorrect offset). (Etienne) 7743- Fixed bug #47229 (preg_quote() should escape the '-' char). (Nuno) 7744- Fixed bug #47165 (Possible memory corruption when passing return value by 7745 reference). (Dmitry) 7746- Fixed bug #47087 (Second parameter of mssql_fetch_array()). (Felipe) 7747- Fixed bug #47085 (rename() returns true even if the file in PHAR does not 7748 exist). (Greg) 7749- Fixed bug #47050 (mysqli_poll() modifies improper variables). (Johannes) 7750- Fixed bug #47045 (SplObjectStorage instances compared with ==). (Etienne) 7751- Fixed bug #47038 (Memory leak in include). (Dmitry) 7752- Fixed bug #47031 (Fix constants in DualIterator example). (Etienne) 7753- Fixed bug #47021 (SoapClient stumbles over WSDL delivered with 7754 "Transfer-Encoding: chunked"). (Dmitry) 7755- Fixed bug #46994 (OCI8: CLOB size does not update when using CLOB IN OUT param 7756 in stored procedure) (Chris Jones/Oracle Corp.) 7757- Fixed bug #46979 (use with non-compound name *has* effect). (Dmitry) 7758- Fixed bug #46957 (The tokenizer returns deprecated values). (Felipe) 7759- Fixed bug #46944 (UTF-8 characters outside the BMP aren't encoded correctly). 7760 (Scott) 7761- Fixed bug #46897 (ob_flush() should fail to flush unerasable buffers). 7762 (David C.) 7763- Fixed bug #46849 (Cloning DOMDocument doesn't clone the properties). (Rob) 7764- Fixed bug #46847 (phpinfo() is missing some settings). (Hannes) 7765- Fixed bug #46844 (php scripts or included files with first line starting 7766 with # have the 1st line missed from the output). (Ilia) 7767- Fixed bug #46817 (tokenizer misses last single-line comment (PHP 5.3+, with 7768 re2c lexer)). (Matt, Shire) 7769- Fixed bug #46811 (ini_set() doesn't return false on failure). (Hannes) 7770- Fixed bug #46763 (mb_stristr() wrong output when needle does not exist). 7771 (Henrique M. Decaria) 7772- Fixed bug #46755 (warning: use statement with non-compound name). (Dmitry) 7773- Fixed bug #46746 (xmlrpc_decode_request outputs non-suppressable error when 7774 given bad data). (Ilia) 7775- Fixed bug #46738 (Segfault when mb_detect_encoding() fails). (Scott) 7776- Fixed bug #46731 (Missing validation for the options parameter of the 7777 imap_fetch_overview() function). (Ilia) 7778- Fixed bug #46711 (cURL curl_setopt leaks memory in foreach loops). (magicaltux 7779 [at] php [dot] net) 7780- Fixed bug #46701 (Creating associative array with long values in the key fails 7781 on 32bit linux). (Shire) 7782- Fixed bug #46681 (mkdir() fails silently on PHP 5.3). (Hannes) 7783- Fixed bug #46653 (can't extend mysqli). (Johannes) 7784- Fixed bug #46646 (Restrict serialization on some internal classes like Closure 7785 and SplFileInfo using exceptions). (Etienne) 7786- Fixed bug #46623 (OCI8: phpinfo doesn't show compile time ORACLE_HOME with 7787 phpize) (Chris Jones/Oracle Corp.) 7788- Fixed bug #46578 (strip_tags() does not honor end-of-comment when it 7789 encounters a single quote). (Felipe) 7790- Fixed bug #46546 (Segmentation fault when using declare statement with 7791 non-string value). (Felipe) 7792- Fixed bug #46542 (Extending PDO class with a __call() function doesn't work as 7793 expected). (Johannes) 7794- Fixed bug #46421 (SplFileInfo not correctly handling /). (Etienne) 7795- Fixed bug #46347 (parse_ini_file() doesn't support * in keys). (Nuno) 7796- Fixed bug #46268 (DateTime::modify() does not reset relative time values). 7797 (Derick) 7798- Fixed bug #46241 (stacked error handlers, internal error handling in general). 7799 (Etienne) 7800- Fixed bug #46238 (Segmentation fault on static call with empty string method). 7801 (Felipe) 7802- Fixed bug #46192 (ArrayObject with objects as storage serialization). 7803 (Etienne) 7804- Fixed bug #46185 (importNode changes the namespace of an XML element). (Rob) 7805- Fixed bug #46178 (memory leak in ext/phar). (Greg) 7806- Fixed bug #46160 (SPL - Memory leak when exception is thrown in offsetSet). 7807 (Felipe) 7808- Fixed Bug #46147 (after stream seek, appending stream filter reads incorrect 7809 data). (Greg) 7810- Fixed bug #46127 (php_openssl_tcp_sockop_accept forgets to set context on 7811 accepted stream) (Mark Karpeles, Pierre) 7812- Fixed bug #46115 (Memory leak when calling a method using Reflection). 7813 (Dmitry) 7814- Fixed bug #46110 (XMLWriter - openmemory() and openuri() leak memory on 7815 multiple calls). (Ilia) 7816- Fixed bug #46108 (DateTime - Memory leak when unserializing). (Felipe) 7817- Fixed bug #46106 (Memory leaks when using global statement). (Dmitry) 7818- Fixed bug #46099 (Xsltprocessor::setProfiling - memory leak). (Felipe, Rob). 7819- Fixed bug #46087 (DOMXPath - segfault on destruction of a cloned object). 7820 (Ilia) 7821- Fixed bug #46048 (SimpleXML top-level @attributes not part of iterator). 7822 (David C.) 7823- Fixed bug #46044 (Mysqli - wrong error message). (Johannes) 7824- Fixed bug #46042 (memory leaks with reflection of mb_convert_encoding()). 7825 (Ilia) 7826- Fixed bug #46039 (ArrayObject iteration is slow). (Arnaud) 7827- Fixed bug #46033 (Direct instantiation of SQLite3stmt and SQLite3result cause 7828 a segfault.) (Scott) 7829- Fixed bug #45991 (Ini files with the UTF-8 BOM are treated as invalid). 7830 (Scott) 7831- Fixed bug #45989 (json_decode() doesn't return NULL on certain invalid 7832 strings). (magicaltux, Scott) 7833- Fixed bug #45976 (Moved SXE from SPL to SimpleXML). (Etienne) 7834- Fixed bug #45928 (large scripts from stdin are stripped at 16K border). 7835 (Christian Schneider, Arnaud) 7836- Fixed bug #45911 (Cannot disable ext/hash). (Arnaud) 7837- Fixed bug #45907 (undefined reference to 'PHP_SHA512Init'). (Greg) 7838- Fixed bug #45826 (custom ArrayObject serialization). (Etienne) 7839- Fixed bug #45820 (Allow empty keys in ArrayObject). (Etienne) 7840- Fixed bug #45791 (json_decode() doesn't convert 0e0 to a double). (Scott) 7841- Fixed bug #45786 (FastCGI process exited unexpectedly). (Dmitry) 7842- Fixed bug #45757 (FreeBSD4.11 build failure: failed include; stdint.h). 7843 (Hannes) 7844- Fixed bug #45743 (property_exists fails to find static protected member in 7845 child class). (Felipe) 7846- Fixed bug #45717 (Fileinfo/libmagic build fails, missing err.h and getopt.h). 7847 (Derick) 7848- Fixed bug #45706 (Unserialization of classes derived from ArrayIterator 7849 fails). (Etienne, Dmitry) 7850- Fixed bug #45696 (Not all DateTime methods allow method chaining). (Derick) 7851- Fixed bug #45682 (Unable to var_dump(DateInterval)). (Derick) 7852- Fixed bug #45447 (Filesystem time functions on Vista and server 2008). 7853 (Pierre) 7854- Fixed bug #45432 (PDO: persistent connection leak). (Felipe) 7855- Fixed bug #45392 (ob_start()/ob_end_clean() and memory_limit). (Ilia) 7856- Fixed bug #45384 (parse_ini_file will result in parse error with no trailing 7857 newline). (Arnaud) 7858- Fixed bug #45382 (timeout bug in stream_socket_enable_crypto). (vnegrier at 7859 optilian dot com, Ilia) 7860- Fixed bug #45044 (relative paths not resolved correctly). (Dmitry) 7861- Fixed bug #44861 (scrollable cursor don't work with pgsql). (Matteo) 7862- Fixed bug #44842 (parse_ini_file keys that start/end with underscore). 7863 (Arnaud) 7864- Fixed bug #44575 (parse_ini_file comment # line problems). (Arnaud) 7865- Fixed bug #44409 (PDO::FETCH_SERIALIZE calls __construct()). (Matteo) 7866- Fixed bug #44173 (PDO->query() parameter parsing/checking needs an update). 7867 (Matteo) 7868- Fixed bug #44154 (pdo->errorInfo() always have three elements in the returned 7869 array). (David C.) 7870- Fixed bug #44153 (pdo->errorCode() returns NULL when there are no errors). 7871 (David C.) 7872- Fixed bug #44135 (PDO MySQL does not support CLIENT_FOUND_ROWS). (Johannes, 7873 chx1975 at gmail dot com) 7874- Fixed bug #44100 (Inconsistent handling of static array declarations with 7875 duplicate keys). (Dmitry) 7876- Fixed bug #43831 ($this gets mangled when extending PDO with persistent 7877 connection). (Felipe) 7878- Fixed bug #43817 (opendir() fails on Windows directories with parent directory 7879 unaccessible). (Dmitry) 7880- Fixed bug #43069 (SoapClient causes 505 HTTP Version not supported error 7881 message). (Dmitry) 7882- Fixed bug #43008 (php://filter uris ignore url encoded filternames and can't 7883 handle slashes). (Arnaud) 7884- Fixed bug #42362 (HTTP status codes 204 and 304 should not be gzipped). 7885 (Scott, Edward Z. Yang) 7886- Fixed bug #41874 (separate STDOUT and STDERR in exec functions). (Kanwaljeet 7887 Singla, Venkat Raman Don, Pierre) 7888- Fixed bug #41534 (SoapClient over HTTPS fails to reestablish connection). 7889 (Dmitry) 7890- Fixed bug #38802 (max_redirects and ignore_errors). (patch by 7891 datibbaw@php.net) 7892- Fixed bug #35980 (touch() works on files but not on directories). (Pierre) 7893 789417 Jun 2009, PHP 5.2.10 7895- Updated timezone database to version 2009.9 (2009i) (Derick) 7896 7897- Added "ignore_errors" option to http fopen wrapper. (David Zulke, Sara) 7898- Added new CURL options CURLOPT_REDIR_PROTOCOLS, CURLOPT_PROTOCOLS, 7899 and CURLPROTO_* for redirect fixes in CURL 7.19.4. (Yoram Bar Haim, Stas) 7900- Added support for Sun CC (FR #46595 and FR #46513). (David Soria Parra) 7901 7902- Changed default value of array_unique()'s optional sorting type parameter 7903 back to SORT_STRING to fix backwards compatibility breakage introduced in 7904 PHP 5.2.9. (Moriyoshi) 7905 7906- Fixed memory corruptions while reading properties of zip files. (Ilia) 7907- Fixed memory leak in ob_get_clean/ob_get_flush. (Christian) 7908- Fixed segfault on invalid session.save_path. (Hannes) 7909- Fixed leaks in imap when a mail_criteria is used. (Pierre) 7910- Fixed missing erealloc() in fix for Bug #40091 in spl_autoload_register. (Greg) 7911 7912- Fixed bug #48562 (Reference recursion causes segfault when used in 7913 wddx_serialize_vars()). (Felipe) 7914- Fixed bug #48557 (Numeric string keys in Apache Hashmaps are not cast to 7915 integers). (David Zuelke) 7916- Fixed bug #48518 (curl crashes when writing into invalid file handle). (Tony) 7917- Fixed bug #48514 (cURL extension uses same resource name for simple and 7918 multi APIs). (Felipe) 7919- Fixed bug #48469 (ldap_get_entries() leaks memory on empty search 7920 results). (Patrick) 7921- Fixed bug #48456 (CPPFLAGS not restored properly in phpize.m4). (Jani, 7922 spisek at kerio dot com) 7923- Fixed bug #48448 (Compile failure under IRIX 6.5.30 building cast.c). 7924 (Kalle) 7925- Fixed bug #48441 (ldap_search() sizelimit, timelimit and deref options 7926 persist). (Patrick) 7927- Fixed bug #48434 (Improve memory_get_usage() accuracy). (Arnaud) 7928- Fixed bug #48416 (Force a cache limit in ereg() to stop excessive memory 7929 usage). (Scott) 7930- Fixed bug #48409 (Crash when exception is thrown while passing function 7931 arguments). (Arnaud) 7932- Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg 7933 files). (Pierre) 7934- Fixed bug #48359 (Script hangs on snmprealwalk if OID is not increasing). 7935 (Ilia, simonov at gmail dot com) 7936- Fixed bug #48336 (ReflectionProperty::getDeclaringClass() does not work 7937 with redeclared property). 7938 (patch by Markus dot Lidel at shadowconnect dot com) 7939- Fixed bug #48326 (constant MSG_DONTWAIT not defined). (Arnaud) 7940- Fixed bug #48313 (fgetcsv() does not return null for empty rows). (Ilia) 7941- Fixed bug #48309 (stream_copy_to_stream() and fpasstru() do not update 7942 stream position of plain files). (Arnaud) 7943- Fixed bug #48307 (stream_copy_to_stream() copies 0 bytes when $source is a 7944 socket). (Arnaud) 7945- Fixed bug #48273 (snmp*_real_walk() returns SNMP errors as values). 7946 (Ilia, lytboris at gmail dot com) 7947- Fixed bug #48256 (Crash due to double-linking of history.o). 7948 (tstarling at wikimedia dot org) 7949- Fixed bug #48248 (SIGSEGV when access to private property via &__get). 7950 (Felipe) 7951- Fixed bug #48247 (Crash on errors during startup). (Stas) 7952- Fixed bug #48240 (DBA Segmentation fault dba_nextkey). (Felipe) 7953- Fixed bug #48224 (Incorrect shuffle in array_rand). (Etienne) 7954- Fixed bug #48221 (memory leak when passing invalid xslt parameter). 7955 (Felipe) 7956- Fixed bug #48207 (CURLOPT_(FILE|WRITEHEADER options do not error out when 7957 working with a non-writable stream). (Ilia) 7958- Fixed bug #48206 (Iterating over an invalid data structure with 7959 RecursiveIteratorIterator leads to a segfault). (Scott) 7960- Fixed bug #48204 (xmlwriter_open_uri() does not emit warnings on invalid 7961 paths). (Ilia) 7962- Fixed bug #48203 (Crash when CURLOPT_STDERR is set to regular file). (Jani) 7963- Fixed bug #48202 (Out of Memory error message when passing invalid file 7964 path) (Pierre) 7965- Fixed bug #48156 (Added support for lcov v1.7). (Ilia) 7966- Fixed bug #48132 (configure check for curl ssl support fails with 7967 --disable-rpath). (Jani) 7968- Fixed bug #48131 (Don't try to bind ipv4 addresses to ipv6 ips via bindto). 7969 (Ilia) 7970- Fixed bug #48070 (PDO_OCI: Segfault when using persistent connection). 7971 (Pierre, Matteo, jarismar dot php at gmail dot com) 7972- Fixed bug #48058 (Year formatter goes wrong with out-of-int range). (Derick) 7973- Fixed bug #48038 (odbc_execute changes variables used to form params array). 7974 (Felipe) 7975- Fixed bug #47997 (stream_copy_to_stream returns 1 on empty streams). (Arnaud) 7976- Fixed bug #47991 (SSL streams fail if error stack contains items). (Mikko) 7977- Fixed bug #47981 (error handler not called regardless). (Hannes) 7978- Fixed bug #47969 (ezmlm_hash() returns different values depend on OS). (Ilia) 7979- Fixed bug #47946 (ImageConvolution overwrites background). (Ilia) 7980- Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt) 7981- Fixed bug #47937 (system() calls sapi_flush() regardless of output 7982 buffering). (Ilia) 7983- Fixed bug #47903 ("@" operator does not work with string offsets). (Felipe) 7984- Fixed bug #47893 (CLI aborts on non blocking stdout). (Arnaud) 7985- Fixed bug #47849 (Non-deep import loses the namespace). (Rob) 7986- Fixed bug #47845 (PDO_Firebird omits first row from query). (Lars W) 7987- Fixed bug #47836 (array operator [] inconsistency when the array has 7988 PHP_INT_MAX index value). (Matt) 7989- Fixed bug #47831 (Compile warning for strnlen() in main/spprintf.c). 7990 (Ilia, rainer dot jung at kippdata dot de) 7991- Fixed bug #47828 (openssl_x509_parse() segfaults when a UTF-8 conversion 7992 fails). (Scott, Kees Cook, Pierre) 7993- Fixed bug #47818 (Segfault due to bound callback param). (Felipe) 7994- Fixed bug #47801 (__call() accessed via parent:: operator is provided 7995 incorrect method name). (Felipe) 7996- Fixed bug #47769 (Strange extends PDO). (Felipe) 7997- Fixed bug #47745 (FILTER_VALIDATE_INT doesn't allow minimum integer). 7998 (Dmitry) 7999- Fixed bug #47721 (Alignment issues in mbstring and sysvshm extension). 8000 (crrodriguez at opensuse dot org, Ilia) 8001- Fixed bug #47704 (PHP crashes on some "bad" operations with string 8002 offsets). (Dmitry) 8003- Fixed bug #47695 (build error when xmlrpc and iconv are compiled against 8004 different iconv versions). (Scott) 8005- Fixed bug #47667 (ZipArchive::OVERWRITE seems to have no effect). 8006 (Mikko, Pierre) 8007- Fixed bug #47644 (Valid integers are truncated with json_decode()). (Scott) 8008- Fixed bug #47639 (pg_copy_from() WARNING: nonstandard use of \\ in a 8009 string literal). (Ilia) 8010- Fixed bug #47616 (curl keeps crashing). (Felipe) 8011- Fixed bug #47598 (FILTER_VALIDATE_EMAIL is locale aware). (Ilia) 8012- Fixed bug #47566 (pcntl_wexitstatus() returns signed status). 8013 (patch by james at jamesreno dot com) 8014- Fixed bug #47564 (unpacking unsigned long 32bit bit endian returns wrong 8015 result). (Ilia) 8016- Fixed bug #47487 (performance degraded when reading large chunks after 8017 fix of bug #44607). (Arnaud) 8018- Fixed bug #47468 (enable cli|cgi-only extensions for embed sapi). (Jani) 8019- Fixed bug #47435 (FILTER_FLAG_NO_PRIV_RANGE does not work with ipv6 8020 addresses in the filter extension). (Ilia) 8021- Fixed bug #47430 (Errors after writing to nodeValue parameter of an absent 8022 previousSibling). (Rob) 8023- Fixed bug #47365 (ip2long() may allow some invalid values on certain 64bit 8024 systems). (Ilia) 8025- Fixed bug #47254 (Wrong Reflection for extends class). (Felipe) 8026- Fixed bug #47042 (cgi sapi is incorrectly removing SCRIPT_FILENAME). 8027 (Sriram Natarajan, David Soria Parra) 8028- Fixed bug #46882 (Serialize / Unserialize misbehaviour under OS with 8029 different bit numbers). (Matt) 8030- Fixed bug #46812 (get_class_vars() does not include visible private variable 8031 looking at subclass). (Arnaud) 8032- Fixed bug #46386 (Digest authentication with SOAP module fails against MSSQL 8033 SOAP services). (Ilia, lordelph at gmail dot com) 8034- Fixed bug #46109 (Memory leak when mysqli::init() is called multiple times). 8035 (Andrey) 8036- Fixed bug #45997 (safe_mode bypass with exec/system/passthru (windows only)). 8037 (Pierre) 8038- Fixed bug #45877 (Array key '2147483647' left as string). (Matt) 8039- Fixed bug #45822 (Near infinite-loops while parsing huge relative offsets). 8040 (Derick, Mike Sullivan) 8041- Fixed bug #45799 (imagepng() crashes on empty image). 8042 (Martin McNickle, Takeshi Abe) 8043- Fixed bug #45622 (isset($arrayObject->p) misbehaves with 8044 ArrayObject::ARRAY_AS_PROPS set). (robin_fernandes at uk dot ibm dot com, Arnaud) 8045- Fixed bug #45614 (ArrayIterator::current(), ::key() can show 1st private prop 8046 of wrapped object). (robin_fernandes at uk dot ibm dot com, Arnaud) 8047- Fixed bug #45540 (stream_context_create creates bad http request). (Arnaud) 8048- Fixed bug #45202 (zlib.output_compression can not be set with ini_set()). 8049 (Jani) 8050- Fixed bug #45191 (error_log ignores date.timezone php.ini val when setting 8051 logging timestamps). (Derick) 8052- Fixed bug #45092 (header HTTP context option not being used when compiled 8053 using --with-curlwrappers). (Jani) 8054- Fixed bug #44996 (xmlrpc_decode() ignores time zone on iso8601.datetime). 8055 (Ilia, kawai at apache dot org) 8056- Fixed bug #44827 (define() is missing error checks for class constants). 8057 (Ilia) 8058- Fixed bug #44214 (Crash using preg_replace_callback() and global variables). 8059 (Nuno, Scott) 8060- Fixed bug #43073 (TrueType bounding box is wrong for angle<>0). 8061 (Martin McNickle) 8062- Fixed bug #42663 (gzinflate() try to allocate all memory with truncated 8063 data). (Arnaud) 8064- Fixed bug #42414 (some odbc_*() functions incompatible with Oracle ODBC 8065 driver). (jhml at gmx dot net) 8066- Fixed bug #42362 (HTTP status codes 204 and 304 should not be gzipped). 8067 (Scott, Edward Z. Yang) 8068- Fixed bug #42143 (The constant NAN is reported as 0 on Windows) 8069 (Kanwaljeet Singla, Venkat Raman Don) 8070- Fixed bug #38805 (PDO truncates text from SQL Server text data type field). 8071 (Steph) 8072 807326 Feb 2009, PHP 5.2.9 8074- Changed __call() to be invoked on private/protected method access, similar to 8075 properties and __get(). (Andrei) 8076 8077- Added optional sorting type flag parameter to array_unique(). Default is 8078 SORT_REGULAR. (Andrei) 8079 8080- Fixed a crash on extract in zip when files or directories entry names contain 8081 a relative path. (Pierre) 8082- Fixed error conditions handling in stream_filter_append(). (Arnaud) 8083- Fixed zip filename property read. (Pierre) 8084- Fixed explode() behavior with empty string to respect negative limit. (Shire) 8085- Fixed security issue in imagerotate(), background colour isn't validated 8086 correctly with a non truecolour image. Reported by Hamid Ebadi, 8087 APA Laboratory (Fixes CVE-2008-5498). (Scott) 8088- Fixed a segfault when malformed string is passed to json_decode(). (Scott) 8089- Fixed bug in xml_error_string() which resulted in messages being 8090 off by one. (Scott) 8091 8092- Fixed bug #47422 (modulus operator returns incorrect results on 64 bit 8093 linux). (Matt) 8094- Fixed bug #47399 (mb_check_encoding() returns true for some illegal SJIS 8095 characters). (for-bugs at hnw dot jp, Moriyoshi) 8096- Fixed bug #47353 (crash when creating a lot of objects in object 8097 destructor). (Tony) 8098- Fixed bug #47322 (sscanf %d doesn't work). (Felipe) 8099- Fixed bug #47282 (FILTER_VALIDATE_EMAIL is marking valid email addresses 8100 as invalid). (Ilia) 8101- Fixed bug #47220 (segfault in dom_document_parser in recovery mode). (Rob) 8102- Fixed bug #47217 (content-type is not set properly for file uploads). (Ilia) 8103- Fixed bug #47174 (base64_decode() interprets pad char in mid string as 8104 terminator). (Ilia) 8105- Fixed bug #47165 (Possible memory corruption when passing return value by 8106 reference). (Dmitry) 8107- Fixed bug #47152 (gzseek/fseek using SEEK_END produces strange results). 8108 (Felipe) 8109- Fixed bug #47131 (SOAP Extension ignores "user_agent" ini setting). (Ilia) 8110- Fixed bug #47109 (Memory leak on $a->{"a"."b"} when $a is not an object). 8111 (Etienne, Dmitry) 8112- Fixed bug #47104 (Linking shared extensions fails with icc). (Jani) 8113- Fixed bug #47049 (SoapClient::__soapCall causes a segmentation fault). 8114 (Dmitry) 8115- Fixed bug #47048 (Segfault with new pg_meta_data). (Felipe) 8116- Fixed bug #47042 (PHP cgi sapi is removing SCRIPT_FILENAME for non 8117 apache). (Sriram Natarajan) 8118- Fixed bug #47037 (No error when using fopen with empty string). (Cristian 8119 Rodriguez R., Felipe) 8120- Fixed bug #47035 (dns_get_record returns a garbage byte at the end of a 8121 TXT record). (Felipe) 8122- Fixed bug #47027 (var_export doesn't show numeric indices on ArrayObject). 8123 (Derick) 8124- Fixed bug #46985 (OVERWRITE and binary mode does not work, regression 8125 introduced in 5.2.8). (Pierre) 8126- Fixed bug #46973 (IPv6 address filter rejects valid address). (Felipe) 8127- Fixed bug #46964 (Fixed pdo_mysql build with older version of MySQL). (Ilia) 8128- Fixed bug #46959 (Unable to disable PCRE). (Scott) 8129- Fixed bug #46918 (imap_rfc822_parse_adrlist host part not filled in 8130 correctly). (Felipe) 8131- Fixed bug #46889 (Memory leak in strtotime()). (Derick) 8132- Fixed bug #46887 (Invalid calls to php_error_docref()). (oeriksson at 8133 mandriva dot com, Ilia) 8134- Fixed bug #46873 (extract($foo) crashes if $foo['foo'] exists). (Arnaud) 8135- Fixed bug #46843 (CP936 euro symbol is not converted properly). (ty_c at 8136 cybozuy dot co dot jp, Moriyoshi) 8137- Fixed bug #46798 (Crash in mssql extension when retrieving a NULL value 8138 inside a binary or image column type). (Ilia) 8139- Fixed bug #46782 (fastcgi.c parse error). (Matt) 8140- Fixed bug #46760 (SoapClient doRequest fails when proxy is used). (Felipe) 8141- Fixed bug #46748 (Segfault when an SSL error has more than one error). 8142 (Scott) 8143- Fixed bug #46739 (array returned by curl_getinfo should contain 8144 content_type key). (Mikko) 8145- Fixed bug #46699 (xml_parse crash when parser is namespace aware). (Rob) 8146- Fixed bug #46419 (Elements of associative arrays with NULL value are 8147 lost). (Dmitry) 8148- Fixed bug #46282 (Corrupt DBF When Using DATE). (arne at bukkie dot nl) 8149- Fixed bug #46026 (bz2.decompress/zlib.inflate filter tries to decompress 8150 after end of stream). (Greg) 8151- Fixed bug #46005 (User not consistently logged under Apache2). (admorten 8152 at umich dot edu, Stas) 8153- Fixed bug #45996 (libxml2 2.7 causes breakage with character data in 8154 xml_parse()). (Rob) 8155- Fixed bug #45940 (MySQLI OO does not populate connect_error property on 8156 failed connect). (Johannes) 8157- Fixed bug #45923 (mb_st[r]ripos() offset not handled correctly). (Moriyoshi) 8158- Fixed bug #45327 (memory leak if offsetGet throws exception). (Greg) 8159- Fixed bug #45239 (Encoding detector hangs with mbstring.strict_detection 8160 enabled). (Moriyoshi) 8161- Fixed bug #45161 (Reusing a curl handle leaks memory). (Mark Karpeles, Jani) 8162- Fixed bug #44336 (Improve pcre UTF-8 string matching performance). (frode 8163 at coretrek dot com, Nuno) 8164- Fixed bug #43841 (mb_strrpos() offset is byte count for negative values). 8165 (Moriyoshi) 8166- Fixed bug #37209 (mssql_execute with non fatal errors). (Kalle) 8167- Fixed bug #35975 (Session cookie expires date format isn't the most 8168 compatible. Now matches that of setcookie()). (Scott) 8169 8170 817108 Dec 2008, PHP 5.2.8 8172- Reverted bug fix #42718 that broke magic_quotes_gpc (Scott) 8173 817404 Dec 2008, PHP 5.2.7 8175- Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371). (Ilia) 8176- Updated timezone database to version 2008.9. (Derick) 8177- Upgraded bundled libzip to 0.9.0. (Pierre) 8178 8179- Added logging option for error_log to send directly to SAPI. (Stas) 8180- Added PHP_MAJOR_VERSION, PHP_MINOR_VERSION, PHP_RELEASE_VERSION, 8181 PHP_EXTRA_VERSION, PHP_VERSION_ID, PHP_ZTS and PHP_DEBUG constants. (Pierre) 8182- Added "PHP_INI_SCAN_DIR" environment variable which can be used to 8183 either disable or change the compile time ini scan directory (FR #45114). 8184 (Jani) 8185 8186- Fixed missing initialization of BG(page_uid) and BG(page_gid), 8187 reported by Maksymilian Arciemowicz. (Stas) 8188- Fixed memory leak inside sqlite_create_aggregate(). (Felipe) 8189- Fixed memory leak inside PDO sqlite's sqliteCreateAggregate() method. 8190 (Felipe) 8191- Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). (Pierre) 8192- Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). 8193 (LaurentGaffie) 8194- Fixed incorrect php_value order for Apache configuration, reported by 8195 Maksymilian Arciemowicz. (Stas) 8196- Fixed memory leak inside readline_callback_handler_remove() function. 8197 (Felipe) 8198- Fixed sybase_fetch_*() to continue reading after CS_ROW_FAIL status (Timm) 8199- Fixed a bug inside dba_replace() that could cause file truncation 8200 withinvalid keys. (Ilia) 8201- Fixed memory leak inside readline_callback_handler_install() function.(Ilia) 8202- Fixed memory leak inside readline_completion_function() function. (Felipe) 8203- Fixed stream_get_contents() when using $maxlength and socket is notclosed. 8204 indeyets [at] php [dot] net on #46049. (Arnaud) 8205- Fixed stream_get_line() to behave as documented on non-blocking streams. 8206 (Arnaud) 8207- Fixed endless loop in PDOStatement::debugDumpParams(). 8208 (jonah.harris at gmail dot com) 8209- Fixed ability to use "internal" heaps in extensions. (Arnaud, Dmitry) 8210- Fixed weekdays adding/subtracting algorithm. (Derick) 8211- Fixed some ambiguities in the date parser. (Derick) 8212- Fixed a bug with the YYYY-MM format not resetting the day correctly. 8213 (Derick) 8214- Fixed a bug in the DateTime->modify() methods, it would not use the advanced 8215 relative time strings. (Derick) 8216- Fixed extraction of zip files or directories when the entry name is a 8217 relative path. (Pierre) 8218- Fixed read or write errors for large zip archives. (Pierre) 8219- Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666. 8220 (Christian Hoffmann) 8221- Fixed simplexml asXML() not to lose encoding when dumping entire 8222 document to file. (Ilia) 8223- Fixed a crash inside PDO when trying instantiate PDORow manually. 8224 (Felipe) 8225- Fixed build failure of ext/mysqli with libmysql 6.0 - missing 8226 rplfunctions. (Andrey) 8227- Fixed a regression when using strip_tags() and < is within an 8228 attribute.(Scott) 8229- Fixed a crash on invalid method in ReflectionParameter constructor. 8230 (Christian Seiler) 8231- Reverted fix for bug #44197 due to behaviour change in minor version. 8232 (Felipe) 8233 8234- Fixed bug #46732 (mktime.year description is wrong). (Derick) 8235- Fixed bug #46696 (cURL fails in upload files with specified content-type). 8236 (Ilia) 8237- Fixed bug #46673 (stream_lock call with wrong parameter). (Arnaud) 8238- Fixed bug #46649 (Setting array element with that same array produces 8239 inconsistent results). (Arnaud) 8240- Fixed bug #46626 (mb_convert_case does not handle apostrophe correctly). 8241 (Ilia) 8242- Fixed bug #46543 (ibase_trans() memory leaks when using wrong parameters). 8243 (Felipe) 8244- Fixed bug #46521 (Curl ZTS OpenSSL, error in config.m4 fragment). 8245 (jd at cpanel dot net) 8246- Fixed bug #46496 (wddx_serialize treats input as ISO-8859-1). (Mark Karpeles) 8247- Fixed bug #46427 (SoapClient() stumbles over its "stream_context" parameter). 8248 (Dmitry, Herman Radtke) 8249- Fixed bug #46426 (offset parameter of stream_get_contents() does not 8250 workfor "0"). (Felipe) 8251- Fixed bug #46406 (Unregistering nodeclass throws E_FATAL). (Rob) 8252- Fixed bug #46389 (NetWare needs small patch for _timezone). 8253 (patch by guenter@php.net) 8254- Fixed bug #46388 (stream_notification_callback inside of object destroys 8255 object variables). (Felipe) 8256- Fixed bug #46381 (wrong $this passed to internal methods causes segfault). 8257 (Tony) 8258- Fixed bug #46379 (Infinite loop when parsing '#' in one line file). (Arnaud) 8259- Fixed bug #46366 (bad cwd with / as pathinfo). (Dmitry) 8260- Fixed bug #46360 (TCP_NODELAY constant for socket_{get,set}_option). 8261 (bugs at trick dot vanstaveren dot us) 8262- Fixed bug #46343 (IPv6 address filter accepts invalid address). (Ilia) 8263- Fixed bug #46335 (DOMText::splitText doesn't handle multibyte characters). 8264 (Rob) 8265- Fixed bug #46323 (compilation of simplexml for NetWare breaks). 8266 (Patch by guenter [at] php [dot] net) 8267- Fixed bug #46319 (PHP sets default Content-Type header for HTTP 304 8268 response code, in cgi sapi). (Ilia) 8269- Fixed bug #46313 (Magic quotes broke $_FILES). (Arnaud) 8270- Fixed bug #46308 (Invalid write when changing property from inside getter). 8271 (Dmitry) 8272- Fixed bug #46292 (PDO::setFetchMode() shouldn't requires the 2nd arg when 8273 using FETCH_CLASSTYPE). (Felipe) 8274- Fixed bug #46274, #46249 (pdo_pgsql always fill in NULL for empty BLOB and 8275 segfaults when returned by SELECT). (Felipe) 8276- Fixed bug #46271 (local_cert option is not resolved to full path). (Ilia) 8277- Fixed bug #46247 (ibase_set_event_handler() is allowing to pass callback 8278 without event). (Felipe) 8279- Fixed bug #46246 (difference between call_user_func(array($this, $method)) 8280 and $this->$method()). (Dmitry) 8281- Fixed bug #46222 (ArrayObject EG(uninitialized_var_ptr) overwrite). 8282 (Etienne) 8283- Fixed bug #46215 (json_encode mutates its parameter and has some 8284 class-specific state). (Felipe) 8285- Fixed bug #46206 (pg_query_params/pg_execute convert passed values to 8286 strings). (Ilia) 8287- Fixed bug #46191 (BC break: DOMDocument saveXML() doesn't accept null). 8288 (Rob) 8289- Fixed bug #46164 (stream_filter_remove() closes the stream). (Arnaud) 8290- Fixed bug #46157 (PDOStatement::fetchObject prototype error). (Felipe) 8291- Fixed bug #46147 (after stream seek, appending stream filter reads 8292 incorrect data). (Greg) 8293- Fixed bug #46139 (PDOStatement->setFetchMode() forgets FETCH_PROPS_LATE). 8294 (chsc at peytz dot dk, Felipe) 8295- Fixed bug #46127 (php_openssl_tcp_sockop_accept forgets to set context 8296 on accepted stream) (Mark Karpeles, Pierre) 8297- Fixed bug #46110 (XMLWriter - openmemory() and openuri() leak memory on 8298 multiple calls). (Ilia) 8299- Fixed bug #46088 (RegexIterator::accept - segfault). (Felipe) 8300- Fixed bug #46082 (stream_set_blocking() can cause a crash in some 8301 circumstances). (Felipe) 8302- Fixed bug #46064 (Exception when creating ReflectionProperty object 8303 on dynamicly created property). (Felipe) 8304- Fixed bug #46059 (Compile failure under IRIX 6.5.30 building posix.c). 8305 (Arnaud) 8306- Fixed bug #46053 (SplFileObject::seek - Endless loop). (Arnaud) 8307- Fixed bug #46051 (SplFileInfo::openFile - memory overlap). (Arnaud) 8308- Fixed bug #46047 (SimpleXML converts empty nodes into object with 8309 nested array). (Rob) 8310- Fixed bug #46031 (Segfault in AppendIterator::next). (Arnaud) 8311- Fixed bug #46029 (Segfault in DOMText when using with Reflection). (Rob) 8312- Fixed bug #46026 (bzip2.decompress/zlib.inflate filter tries to decompress 8313 after end of stream). (Keisial at gmail dot com, Greg) 8314- Fixed bug #46024 (stream_select() doesn't return the correct number). 8315 (Arnaud) 8316- Fixed bug #46010 (warnings incorrectly generated for iv in ecb mode). 8317 (Felipe) 8318- Fixed bug #46003 (isset on nonexisting node return unexpected results). (Rob) 8319- Fixed bug #45956 (parse_ini_file() does not return false with syntax errors 8320 in parsed file). (Jani) 8321- Fixed bug #45901 (wddx_serialize_value crash with SimpleXMLElement object). 8322 (Rob) 8323- Fixed bug #45862 (get_class_vars is inconsistent with 'protected' and 8324 'private' variables). (ilewis at uk dot ibm dot com, Felipe) 8325- Fixed bug #45860 (header() function fails to correctly replace all Status 8326 lines). (Dmitry) 8327- Fixed bug #45805 (Crash on throwing exception from error handler). (Dmitry) 8328- Fixed bug #45765 (ReflectionObject with default parameters of self::xxx cause 8329 an error). (Felipe) 8330- Fixed bug #45751 (Using auto_prepend_file crashes (out of scope stack address 8331 use)). (basant dot kukreja at sun dot com) 8332- Fixed bug #45722 (mb_check_encoding() crashes). (Moriyoshi) 8333- Fixed bug #45705 (rfc822_parse_adrlist() modifies passed address parameter). 8334 (Jani) 8335- Fixed bug #45691 (Some per-dir or runtime settings may leak into other 8336 requests). (Moriyoshi) 8337- Fixed bug #45581 (htmlspecialchars() double encoding &#x hex items). (Arnaud) 8338- Fixed bug #45580 (levenshtein() crashes with invalid argument). (Ilia) 8339- Fixed bug #45575 (Segfault with invalid non-string as event handler callback). 8340 (Christian Seiler) 8341- Fixed bug #45568 (ISAPI doesn't properly clear auth_digest in header). 8342 (Patch by: navara at emclient dot com) 8343- Fixed bug #45556 (Return value from callback isn't freed). (Felipe) 8344- Fixed bug #45555 (Segfault with invalid non-string as 8345 register_introspection_callback). (Christian Seiler) 8346- Fixed bug #45553 (Using XPath to return values for attributes with a 8347 namespace does not work). (Rob) 8348- Fixed bug #45529 (new DateTimeZone() and date_create()->getTimezone() behave 8349 different). (Derick) 8350- Fixed bug #45522 (FCGI_GET_VALUES request does not return supplied values). 8351 (Arnaud) 8352- Fixed bug #45486 (mb_send_mail(); header 'Content-Type: text/plain; charset=' 8353 parsing incorrect). (Felipe) 8354- Fixed bug #45485 (strip_tags and <?XML tag). (Felipe) 8355- Fixed bug #45460 (imap patch for fromlength fix in imap_headerinfo doesn't 8356 accept lengths of 1024). (Felipe, andrew at lifescale dot com) 8357- Fixed bug #45449 (filesize() regression using ftp wrapper). 8358 (crrodriguez at suse dot de) 8359- Fixed bug #45423 (fastcgi parent process doesn't invoke php_module_shutdown 8360 before shutdown) (basant dot kukreja at sun dot com) 8361- Fixed bug #45406 (session.serialize_handler declared by shared extension fails). 8362 (Kalle, oleg dot grenrus at dynamoid dot com) 8363- Fixed bug #45405 (snmp extension memory leak). 8364 (Federico Cuello, Rodrigo Campos) 8365- Fixed bug #45382 (timeout bug in stream_socket_enable_crypto). (Ilia) 8366- Fixed bug #45373 (php crash on query with errors in params). (Felipe) 8367- Fixed bug #45352 (Segmentation fault because of tick function on second 8368 request). (Dmitry) 8369- Fixed bug #45312 (Segmentation fault on second request for array functions). 8370 (Dmitry) 8371- Fixed bug #45303 (Opening php:// wrapper in append mode results in a warning). 8372 (Arnaud) 8373- Fixed bug #45251 (double free or corruption with setAttributeNode()). (Rob) 8374- Fixed bug #45226 and #18916 (xmlrpc_set_type() segfaults and wrong behavior 8375 with valid ISO8601 date string). (Jeff Lawsons) 8376- Fixed bug #45220 (curl_read callback returns -1 when needs to return 8377 size_t (unsigned)). (Felipe) 8378- Fixed bug #45181 (chdir() should clear relative entries in stat cache). 8379 (Arnaud) 8380- Fixed bug #45178 (memory corruption on assignment result of "new" by 8381 reference). (Dmitry) 8382- Fixed bug #45166 (substr() overflow changes). (Felipe) 8383- Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)). 8384 (Fixes CVE-2008-3660) (Dmitry) 8385- Fixed bug #45139 (ReflectionProperty returns incorrect declaring class). 8386 (Felipe) 8387- Fixed bug #45124 ($_FILES['upload']['size'] sometimes return zero and some 8388 times the filesize). (Arnaud) 8389- Fixed bug #45028 (CRC32 output endianness is different between crc32() and 8390 hash()). (Tony) 8391- Fixed bug #45004 (pg_insert() does not accept 4 digit timezone format). 8392 (Ilia) 8393- Fixed bug #44991 (Compile Failure With freetds0.82). 8394 (jklowden at freetds dot org, matthias at dsx dot at) 8395- Fixed bug #44938 (gettext functions crash with overly long domain). 8396 (Christian Schneider, Ilia) 8397- Fixed bug #44925 (preg_grep() modifies input array). (Nuno) 8398- Fixed bug #44900 (OpenSSL extension fails to link with OpenSSL 0.9.6). 8399 (jd at cpanel dot net, Pierre) 8400- Fixed bug #44891 Memory leak using registerPHPFunctions and XSLT Variable 8401 as function parameter. (Rob) 8402- Fixed bug #44882 (SOAP extension object decoding bug). (Dmitry) 8403- Fixed bug #44830 (Very minor issue with backslash in heredoc). (Matt) 8404- Fixed bug #44818 (php://memory writeable when opened read only). (Arnaud) 8405- Fixed bug #44811 (Improve error message when creating a new SoapClient 8406 that contains invalid data). (Markus Fischer, David C) 8407- Fixed bug #44798 (Memory leak assigning value to attribute). (Ilia) 8408- Fixed bug #44716 (Progress notifications incorrect). (Hannes) 8409- Fixed bug #44712 (stream_context_set_params segfaults on invalid arguments). 8410 (Hannes) 8411- Fixed bug #44617 (wrong HTML entity output when substitute_character=entity). 8412 (Moriyoshi) 8413- Fixed bug #44607 (stream_get_line unable to correctly identify the "ending" 8414 in the stream content). (Arnaud) 8415- Fixed bug #44425 (Extending PDO/MySQL class with a __call() function doesn't 8416 work). (Johannes) 8417- Fixed bug #44327 (PDORow::queryString property & numeric offsets / Crash). 8418 (Felipe) 8419- Fixed bug #44251, #41125 (PDO + quote() + prepare() can result in segfault). 8420 (tsteiner at nerdclub dot net) 8421- Fixed bug #44246 (closedir() accepts a file resource opened by fopen()). 8422 (Dmitry, Tony) 8423- Fixed bug #44182 (extract($a, EXTR_REFS) can fail to split copy-on-write 8424 references). (robin_fernandes at uk dot ibm dot com) 8425- Fixed bug #44181 (extract($a, EXTR_OVERWRITE|EXTR_REFS) can fail to create 8426 references to $a). (robin_fernandes at uk dot ibm dot com) 8427- Fixed bug #44127 (UNIX abstract namespace socket connect does not work). 8428 (Jani) 8429- Fixed bug #43993 (mb_substr_count() behaves differently to substr_count() 8430 with overlapping needles). (Moriyoshi) 8431- Fixed Bug #43958 (class name added into the error message). (Dmitry) 8432- Fixed bug #43941 (json_encode silently cuts non-UTF8 strings). (Stas) 8433- Fixed bug #43925 (Incorrect argument counter in prepared statements with 8434 pgsql). (Felipe) 8435- Fixed bug #43731 (socket_getpeername: cannot use on stdin with inetd). 8436 (Arnaud) 8437- Fixed bug #43723 (SOAP not sent properly from client for <choice>). (Dmitry) 8438- Fixed bug #43668 (Added odbc.default_cursortype to control the ODBCcursor 8439 model). (Patrick) 8440- Fixed bug #43666 (Fixed code to use ODBC 3.52 datatypes for 64bit 8441 systems). (Patrick) 8442- Fixed bug #43540 (rfc1867 handler newlength problem). (Arnaud) 8443- Fixed bug #43452 (strings containing a weekday, or a number plus weekday 8444 behaved incorrect of the current day-of-week was the same as the one in the 8445 phrase). (Derick) 8446- Fixed bug #43353 (wrong detection of 'data' wrapper causes notice). 8447 (gk at gknw dot de, Arnaud) 8448- Fixed bug #43053 (Regression: some numbers shown in scientific notation). 8449 (int-e at gmx dot de) 8450- Fixed bug #43045 (SOAP encoding violation on "INF" for type double/float). 8451 (Dmitry) 8452- Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer 8453 overflow). (Fixes CVE-2008-2829) (Dmitry) 8454- Fixed bug #42855 (dns_get_record() doesn't return all text from TXT record). 8455 (a dot u dot savchuk at gmail dot com) 8456- Fixed bug #42737 (preg_split('//u') triggers a E_NOTICE with newlines). 8457 (Nuno) 8458- Fixed bug #42718 (FILTER_UNSAFE_RAW not applied when configured as default 8459 filter). (Arnaud) 8460- Fixed bug #42604 ("make test" fails with --with-config-file-scan-dir=path). 8461 (Jani) 8462- Fixed bug #42473 (ob_start php://output and headers). (Arnaud) 8463- Fixed bug #42318 (problem with nm on AIX, not finding object files). 8464 (Dmitry) 8465- Fixed bug #42294 (Unified solution for round() based on C99 round). (Ilia) 8466- Fixed bug #42078 (pg_meta_data mix tables metadata from different schemas). 8467 (Felipe) 8468- Fixed bug #41348 (OCI8: allow compilation with Oracle 8.1). (Chris Jones) 8469- Fixed bug #41033 (enable signing with DSA keys. 8470 (gordyf at google dot com, Pierre) 8471- Fixed bug #37100 (data is returned truncated with BINARY CURSOR). (Tony) 8472- Fixed bug #30312 (crash in sybase_unbuffered_query() function). (Timm) 8473- Fixed bug #24679 (pg_* functions doesn't work using schema). (Felipe) 8474- Fixed bug #14962 (PECL) (::extractTo 2nd argument is not really optional) 8475 (Mark van Der Velden) 8476- Fixed bug #14032 (Mail() always returns false but mail is sent). (Mikko) 8477 8478 847901 May 2008, PHP 5.2.6 8480- Fixed two possible crashes inside posix extension (Tony) 8481- Fixed incorrect heredoc handling when label is used within the block. 8482 (Matt) 8483- Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin) 8484- Fixed sending of uninitialized paddings which may contain some information. (Andrei Nigmatulin) 8485- Fixed a bug in formatting timestamps when DST is active in the default timezone (Derick) 8486- Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia, Stefan Esser) 8487- Fix integer overflow in printf(). (Stas, Maksymilian Aciemowicz) 8488- Fixed security issue detailed in CVE-2008-0599. (Rasmus) 8489- Fixed potential memleak in stream filter parameter for zlib filter. (Greg) 8490- Added Reflection API metadata for the methods of the DOM classes. (Sebastian) 8491- Fixed weird behavior in CGI parameter parsing. (Dmitry, Hannes Magnusson) 8492- Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. 8493 (Ilia) 8494- Fixed a bug with PDO::FETCH_COLUMN|PDO::FETCH_GROUP mode when a column # by 8495 which to group by data is specified. (Ilia) 8496- Fixed segfault in filter extension when using callbacks. (Arnar Mar Sig, 8497 Felipe) 8498- Fixed faulty fix for bug #40189 (endless loop in zlib.inflate stream filter). (Greg) 8499- Upgraded PCRE to version 7.6 (Nuno) 8500 8501- Fixed bug #44742 (timezone_offset_get() causes segmentation faults). (Derick) 8502- Fixed bug #44720 (Prevent crash within session_register()). (Scott) 8503- Fixed bug #44703 (htmlspecialchars() does not detect bad character set argument). (Andy Wharmby) 8504- Fixed bug #44673 (With CGI argv/argc starts from arguments, not from script) (Dmitry) 8505- Fixed bug #44667 (proc_open() does not handle pipes with the mode 'wb' correctly). (Jani) 8506- Fixed bug #44663 (Crash in imap_mail_compose if "body" parameter invalid). (Ilia) 8507- Fixed bug #44650 (escaepshellscmd() does not check arg count). (Ilia) 8508- Fixed bug #44613 (Crash inside imap_headerinfo()). (Ilia, jmessa) 8509- Fixed bug #44603 (Order issues with Content-Type/Length headers on POST). (Ilia) 8510- Fixed bug #44594 (imap_open() does not validate # of retries parameter). (Ilia) 8511- Fixed bug #44591 (imagegif's filename parameter). (Felipe) 8512- Fixed bug #44557 (Crash in imap_setacl when supplied integer as username) (Thomas Jarosch) 8513- Fixed bug #44487 (call_user_method_array issues a warning when throwing an exception). (David Soria Parra) 8514- Fixed bug #44478 (Inconsistent behaviour when assigning new nodes). (Rob, Felipe) 8515- Fixed bug #44445 (email validator does not handle domains starting/ending with a -). (Ilia) 8516- Fixed bug #44440 (st_blocks undefined under BeOS). (Felipe) 8517- Fixed bug #44394 (Last two bytes missing from output). (Felipe) 8518- Fixed bug #44388 (Crash inside exif_read_data() on invalid images) (Ilia) 8519- Fixed bug #44373 (PDO_OCI extension compile failed). (Felipe) 8520- Fixed bug #44333 (SEGFAULT when using mysql_pconnect() with client_flags). (Felipe) 8521- Fixed bug #44306 (Better detection of MIPS processors on Windows). (Ilia) 8522- Fixed bug #44242 (metaphone('CMXFXM') crashes PHP). (Felipe) 8523- Fixed bug #44233 (MSG_PEEK undefined under BeOS R5). (jonathonfreeman at gmail dot com, Ilia) 8524- Fixed bug #44216 (strftime segfaults on large negative value). (Derick) 8525- Fixed bug #44209 (strtotime() doesn't support 64 bit timestamps on 64 bit platforms). (Derick) 8526- Fixed bug #44206 (OCI8 selecting ref cursors leads to ORA-1000 maximum open cursors reached). (Oracle Corp.) 8527- Fixed bug #44200 (A crash in PDO when no bound targets exists and yet bound parameters are present). (Ilia) 8528- Fixed bug #44197 (socket array keys lost on socket_select). (Felipe) 8529- Fixed bug #44191 (preg_grep messes up array index). (Felipe) 8530- Fixed bug #44189 (PDO setAttribute() does not properly validate values for native numeric options). (Ilia) 8531- Fixed bug #44184 (Double free of loop-variable on exception). (Dmitry) 8532- Fixed bug #44171 (Invalid FETCH_COLUMN index does not raise an error). (Ilia) 8533- Fixed bug #44166 (Parameter handling flaw in PDO::getAvailableDrivers()). (Ilia) 8534- Fixed bug #44159 (Crash: $pdo->setAttribute(PDO::STATEMENT_ATTR_CLASS, NULL)). (Felipe) 8535- Fixed bug #44152 (Possible crash with syslog logging on ZTS builds). (Ilia) 8536- Fixed bug #44141 (private parent constructor callable through static function). (Dmitry) 8537- Fixed bug #44113 (OCI8 new collection creation can fail with OCI-22303). (Oracle Corp.) 8538- Fixed bug #44069 (Huge memory usage with concatenation using . instead of .=). (Dmitry) 8539- Fixed bug #44046 (crash inside array_slice() function with an invalid by-ref offset). (Ilia) 8540- Fixed bug #44028 (crash inside stream_socket_enable_crypto() when enabling encryption without crypto type). (Ilia) 8541- Fixed bug #44018 (RecursiveDirectoryIterator options inconsistancy). (Marcus) 8542- Fixed bug #44008 (OCI8 incorrect usage of OCI-Lob->close crashes PHP). (Oracle Corp.) 8543- Fixed bug #43998 (Two error messages returned for incorrect encoding for mb_strto[upper|lower]). (Rui) 8544- Fixed bug #43994 (mb_ereg 'successfully' matching incorrect). (Rui) 8545- Fixed bug #43954 (Memory leak when sending the same HTTP status code multiple times). (Scott) 8546- Fixed bug #43927 (koi8r is missing from html_entity_decode()). (andy at demos dot su, Tony) 8547- Fixed bug #43912 (Interbase column names are truncated to 31 characters). (Ilia) 8548- Fixed bug #43875 (Two error messages returned for $new and $flag argument in mysql_connect()). (Hannes) 8549- Fixed bug #43863 (str_word_count() breaks on cyrillic "ya" in locale cp1251). (phprus at gmail dot com, Tony) 8550- Fixed bug #43841 (mb_strrpos offset is byte count for negative values). (Rui) 8551- Fixed bug #43840 (mb_strpos bounds check is byte count rather than a character count). (Rui) 8552- Fixed bug #43808 (date_create never fails (even when it should)). (Derick) 8553- Fixed bug #43793 (zlib filter is unable to auto-detect gzip/zlib file headers). (Greg) 8554- Fixed bug #43703 (Signature compatibility check broken). (Dmitry) 8555- Fixed bug #43677 (Inconsistent behaviour of include_path set with php_value). (manuel at mausz dot at) 8556- Fixed bug #43663 (Extending PDO class with a __call() function doesn't work). (David Soria Parra) 8557- Fixed bug #43647 (Make FindFile use PATH_SEPARATOR instead of ";"). (Ilia) 8558- Fixed bug #43635 (mysql extension ingores INI settings on NULL values passed to mysql_connect()). (Ilia) 8559- Fixed bug #43620 (Workaround for a bug inside libcurl 7.16.2 that can result in a crash). (Ilia) 8560- Fixed bug #43614 (incorrect processing of numerical string keys of array in arbitrary serialized data). (Dmitriy Buldakov, Felipe) 8561- Fixed bug #43606 (define missing depencies of the exif extension). (crrodriguez at suse dot de) 8562- Fixed bug #43589 (a possible infinite loop in bz2_filter.c). (Greg) 8563- Fixed bug #43580 (removed bogus declaration of a non-existent php_is_url() function). (Ilia) 8564- Fixed bug #43559 (array_merge_recursive() doesn't behave as expected with duplicate NULL values). (Felipe, Tony) 8565- Fixed bug #43533 (escapeshellarg('') returns null). (Ilia) 8566- Fixed bug #43527 (DateTime created from a timestamp reports environment timezone). (Derick) 8567- Fixed bug #43522 (stream_get_line() eats additional characters). (Felipe, Ilia, Tony) 8568- Fixed bug #43507 (SOAPFault HTTP Status 500 - would like to be able to set the HTTP Status). (Dmitry) 8569- Fixed bug #43505 (Assign by reference bug). (Dmitry) 8570- Fixed bug #43498 (file_exists() on a proftpd server got SIZE not allowed in ASCII mode). (Ilia, crrodriguez at suse dot de) 8571- Fixed bug #43497 (OCI8 XML/getClobVal aka temporary LOBs leak UGA memory). (Chris) 8572- Fixed bug #43495 (array_merge_recursive() crashes with recursive arrays). (Ilia) 8573- Fixed bug #43493 (pdo_pgsql does not send username on connect when password is not available). (Ilia) 8574- Fixed bug #43491 (Under certain conditions, file_exists() never returns). (Dmitry) 8575- Fixed bug #43483 (get_class_methods() does not list all visible methods). (Dmitry) 8576- Fixed bug #43482 (array_pad() does not warn on very small pad numbers). (Ilia) 8577- Fixed bug #43457 (Prepared statement with incorrect parms doesn't throw exception with pdo_pgsql driver). (Ilia) 8578- Fixed bug #43450 (Memory leak on some functions with implicit object __toString() call). (David C.) 8579- Fixed bug #43386 (array_globals not reset to 0 properly on init). (Ilia) 8580- Fixed bug #43377 (PHP crashes with invalid argument for DateTimeZone). (Ilia) 8581- Fixed bug #43373 (pcntl_fork() should not raise E_ERROR on error). (Ilia) 8582- Fixed bug #43364 (recursive xincludes don't remove internal xml nodes properly). (Rob, patch from ddb@bitxtender.de) 8583- Fixed bug #43301 (mb_ereg*_replace() crashes when replacement string is invalid PHP expression and 'e' option is used). (Jani) 8584- Fixed bug #43295 (crash because of uninitialized SG(sapi_headers).mimetype). (Dmitry) 8585- Fixed bug #43293 (Multiple segfaults in getopt()). (Hannes) 8586- Fixed bug #43279 (pg_send_query_params() converts all elements in 'params' to strings). (Ilia) 8587- Fixed bug #43276 (Incomplete fix for bug #42739, mkdir() under safe_mode). (Ilia) 8588- Fixed bug #43248 (backward compatibility break in realpath()). (Dmitry) 8589- Fixed bug #43221 (SimpleXML adding default namespace in addAttribute). (Rob) 8590- Fixed bug #43216 (stream_is_local() returns false on "file://"). (Dmitry) 8591- Fixed bug #43201 (Crash on using uninitialized vals and __get/__set). (Dmitry) 8592- Fixed bug #43182 (file_put_contents() LOCK_EX does not work properly on file truncation). (Ilia) 8593- Fixed bug #43175 (__destruct() throwing an exception with __call() causes segfault). (Dmitry) 8594- Fixed bug #43128 (Very long class name causes segfault). (Dmitry) 8595- Fixed bug #43105 (PHP seems to fail to close open files). (Hannes) 8596- Fixed bug #43092 (curl_copy_handle() crashes with > 32 chars long URL). (Jani) 8597- Fixed bug #43003 (Invalid timezone reported for DateTime objects constructed using a timestamp). (Derick) 8598- Fixed bug #42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql). (Ilia) 8599- Fixed bug #42945 (preg_split() swallows part of the string). (Nuno) 8600- Fixed bug #42937 (__call() method not invoked when methods are called on parent from child class). (Dmitry) 8601- Fixed bug #42841 (REF CURSOR and oci_new_cursor() crash PHP). (Chris) 8602- Fixed bug #42838 (Wrong results in array_diff_uassoc) (Felipe) 8603- Fixed bug #42779 (Incorrect forcing from HTTP/1.0 request to HTTP/1.1 response). (Ilia) 8604- Fixed bug #42736 (xmlrpc_server_call_method() crashes). (Tony) 8605- Fixed bug #42692 (Procedure 'int1' not present with doc/lit SoapServer). (Dmitry) 8606- Fixed bug #42548 (mysqli PROCEDURE calls can't return result sets). (Hartmut) 8607- Fixed bug #42505 (new sendmail default breaks on Netware platform) (Guenter Knauf) 8608- Fixed bug #42369 (Implicit conversion to string leaks memory). (David C., Rob). 8609- Fixed bug #42272 (var_export() incorrectly escapes char(0)). (Derick) 8610- Fixed bug #42261 (Incorrect lengths for date and boolean data types). (Ilia) 8611- Fixed bug #42190 (Constructing DateTime with TimeZone Indicator invalidates DateTimeZone). (Derick) 8612- Fixed bug #42177 (Warning "array_merge_recursive(): recursion detected" comes again...). (Felipe) 8613- Fixed bug #41941 (oci8 extension not lib64 savvy). (Chris) 8614- Fixed bug #41828 (Failing to call RecursiveIteratorIterator::__construct() causes a sefault). (Etienne) 8615- Fixed bug #41599 (setTime() fails after modify() is used). (Derick) 8616- Fixed bug #41562 (SimpleXML memory issue). (Rob) 8617- Fixed bug #40013 (php_uname() does not return nodename on Netware (Guenter Knauf) 8618- Fixed bug #38468 (Unexpected creation of cycle). (Dmitry) 8619- Fixed bug #32979 (OpenSSL stream->fd casts broken in 64-bit build) (stotty at tvnet dot hu) 8620 862108 Nov 2007, PHP 5.2.5 8622- Upgraded PCRE to version 7.3 (Nuno) 8623- Added optional parameter $provide_object to debug_backtrace(). (Sebastian) 8624- Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre) 8625- Added ability to control memory consumption between request using 8626 ZEND_MM_COMPACT environment variable. (Dmitry) 8627 8628- Improved speed of array_intersect_key(), array_intersect_assoc(), 8629 array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and 8630 array_udiff_assoc(). (Dmitry) 8631 8632- Fixed move_uploaded_file() to always set file permissions of resulting file 8633 according to UMASK. (Andrew Sitnikov) 8634- Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf) 8635- Fixed regression in glob() when enforcing safe_mode/open_basedir checks on 8636 paths containing '*'. (Ilia) 8637- Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable 8638 in .htaccess due to the security implications - reported by SecurityReason. 8639 (Stas) 8640- Fixed PDO crash when driver returns empty LOB stream. (Stas) 8641- Fixed dl() to only accept filenames - reported by Laurent Gaffie. (Stas) 8642- Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887). 8643 (Christian Hoffmann) 8644- Fixed iconv_*() functions to limit argument sizes as workaround to libc 8645 bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie). 8646 (Christian Hoffmann, Stas) 8647- Fixed missing brackets leading to build warning and error in the log. 8648 Win32 code. (Andrey) 8649- Fixed leaks with multiple connects on one mysqli object. (Andrey) 8650- Fixed endianness detection on MacOS when building universal binary. 8651 (Uwe Schindler, Christian Speich, Tony) 8652- Fixed possible triggering of buffer overflows inside glibc 8653 implementations of the fnmatch(), setlocale() and glob() functions. 8654 Reported by Laurent Gaffie. (Ilia) 8655- Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre) 8656- Fixed htmlentities/htmlspecialchars not to accept partial multibyte 8657 sequences. (Stas) 8658 8659- Fixed bug #43196 (array_intersect_assoc() crashes with non-array input). 8660 (Jani) 8661- Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with 8662 fetchAll()). (Ilia) 8663- Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani) 8664- Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia) 8665- Fixed bug #43099 (XMLWriter::endElement() does not check # of params). 8666 (Ilia) 8667- Fixed bug #43020 (Warning message is missing with shuffle() and more 8668 than one argument). (Scott) 8669- Fixed bug #42976 (Crash when constructor for newInstance() or 8670 newInstanceArgs() fails) (Ilia) 8671- Fixed bug #42943 (ext/mssql: Move *timeout initialization from RINIT 8672 to connect time). (Ilia) 8673- Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode). 8674 (Ilia) 8675- Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client). 8676 (Andrey) 8677- Fixed bug #42869 (automatic session id insertion adds sessions id to 8678 non-local forms). (Ilia) 8679- Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry) 8680- Fixed bug #42817 (clone() on a non-object does not result in a fatal 8681 error). (Ilia) 8682- Fixed bug #42785 (json_encode() formats doubles according to locale rather 8683 then following standard syntax). (Ilia) 8684- Fixed bug #42783 (pg_insert() does not accept an empty list for 8685 insertion). (Ilia) 8686- Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry) 8687- Fixed bug #42772 (Storing $this in a static var fails while handling a cast 8688 to string). (Dmitry) 8689- Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia) 8690- Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is 8691 enabled). (Ilia) 8692- Fixed bug #42703 (Exception raised in an iterator::current() causes segfault 8693 in FilterIterator) (Marcus) 8694- Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry) 8695- Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves) 8696 (Marcus) 8697- Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia) 8698- Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran) 8699- Fixed bug #42629 (Dynamically loaded PHP extensions need symbols exported 8700 on MacOSX). (jdolecek at NetBSD dot org) 8701- Fixed bug #42627 (bz2 extension fails to build with -fno-common). 8702 (dolecek at netbsd dot org) 8703- Fixed Bug #42596 (session.save_path MODE option does not work). (Ilia) 8704- Fixed bug #42590 (Make the engine recognize \v and \f escape sequences). 8705 (Ilia) 8706- Fixed bug #42587 (behavior change regarding symlinked .php files). (Dmitry) 8707- Fixed bug #42579 (apache_reset_timeout() does not exist). (Jani) 8708- Fixed bug #42549 (ext/mysql failed to compile with libmysql 3.23). (Scott) 8709- Fixed bug #42523 (PHP_SELF duplicates path). (Dmitry) 8710- Fixed bug #42512 (ip2long('255.255.255.255') should return 4294967295 on 8711 64-bit PHP). (Derick) 8712- Fixed bug #42506 (php_pgsql_convert() timezone parse bug) (nonunnet at 8713 gmail dot com, Ilia) 8714- Fixed bug #42496 (OCI8 cursor is not closed when using 2 clobs in a select 8715 query). (Oracle Corp.) 8716- Fixed bug #42462 (Segmentation when trying to set an attribute in a 8717 DOMElement). (Rob) 8718- Fixed bug #42453 (CGI SAPI does not shut down cleanly with -i/-m/-v cmdline 8719 options). (Dmitry) 8720- Fixed bug #42452 (PDO classes do not expose Reflection API information). 8721 (Hannes) 8722- Fixed bug #42468 (Write lock on file_get_contents fails when using a 8723 compression stream). (Ilia) 8724- Fixed bug #42488 (SoapServer reports an encoding error and the error itself 8725 breaks). (Dmitry) 8726- Fixed bug #42378 (mysqli_stmt_bind_result memory exhaustion). (Andrey) 8727- Fixed bug #42359 (xsd:list type not parsed). (Dmitry) 8728- Fixed bug #42326 (SoapServer crash). (Dmitry) 8729- Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry) 8730- Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime 8731 values). (Ilia) 8732- Fixed bug #42139 (XMLReader option constants are broken using XML()). (Rob) 8733- Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic 8734 compliant wsdl). (Dmitry) 8735- Fixed bug #41822 (Relative includes broken when getcwd() fails). (Ab5602, 8736 Jani) 8737- Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten 8738 with ini_set()). (Stas, Jani) 8739- Fixed bug #39651 (proc_open() append mode doesn't work on windows). (Nuno) 8740 874130 Aug 2007, PHP 5.2.4 8742- Removed --enable-versioning configure option. (Jani) 8743 8744- Upgraded PCRE to version 7.2 (Nuno) 8745- Updated timezone database to version 2007.6. (Derick) 8746 8747- Improved openssl_x509_parse() to return extensions in readable form. (Dmitry) 8748 8749- Enabled changing the size of statement cache for non-persistent OCI8 8750 connections. (Chris Jones, Tony) 8751 8752- Changed "display_errors" php.ini option to accept "stderr" as value which 8753 makes the error messages to be outputted to STDERR instead of STDOUT with 8754 CGI and CLI SAPIs (FR #22839). (Jani) 8755- Changed error handler to send HTTP 500 instead of blank page on PHP errors. 8756 (Dmitry, Andrei Nigmatulin) 8757- Changed mail() function to be always available. (Johannes) 8758 8759- Added check for unknown options passed to configure. (Jani) 8760- Added persistent connection status checker to pdo_pgsql. 8761 (Elvis Pranskevichus, Ilia) 8762- Added support for ATTR_TIMEOUT inside pdo_pgsql driver. (Ilia) 8763- Added php_ini_loaded_file() function which returns the path to the actual 8764 php.ini in use. (Jani) 8765- Added GD version constants GD_MAJOR_VERSION, GD_MINOR_VERSION, 8766 GD_RELEASE_VERSION, GD_EXTRA_VERSION and GD_VERSION_STRING. (Pierre) 8767- Added missing open_basedir checks to CGI. 8768 (anight at eyelinkmedia dot com, Tony) 8769- Added missing format validator to unpack() function. (Ilia) 8770- Added missing error check inside bcpowmod(). (Ilia) 8771- Added CURLOPT_PRIVATE & CURLINFO_PRIVATE constants. 8772 (Andrey A. Belashkov, Tony) 8773- Added missing MSG_EOR and MSG_EOF constants to sockets extension. (Jani) 8774- Added PCRE_VERSION constant. (Tony) 8775- Added ReflectionExtension::info() function to print the phpinfo() 8776 block for an extension. (Johannes) 8777 8778- Implemented FR #41884 (ReflectionClass::getDefaultProperties() does not 8779 handle static attributes). (Tony) 8780 8781- Fixed "Floating point exception" inside wordwrap(). 8782 (Mattias Bengtsson, Ilia) 8783- Fixed several integer overflows in ImageCreate(), ImageCreateTrueColor(), 8784 ImageCopyResampled() and ImageFilledPolygon() reported by Mattias Bengtsson. 8785 (Tony) 8786- Fixed size calculation in chunk_split(). (Stas) 8787- Fixed integer overflow in str[c]spn(). (Stas) 8788- Fixed money_format() not to accept multiple %i or %n tokens. 8789 (Stas, Ilia) 8790- Fixed zend_alter_ini_entry() memory_limit interruption 8791 vulnerability. (Ilia) 8792- Fixed INFILE LOCAL option handling with MySQL extensions not to be 8793 allowed when open_basedir or safe_mode is active. (Stas) 8794- Fixed session.save_path and error_log values to be checked against 8795 open_basedir and safe_mode (CVE-2007-3378) (Stas, Maksymilian Arciemowicz) 8796- Fixed possible invalid read in glob() win32 implementation (CVE-2007-3806). 8797 (Tony) 8798- Improved fix for MOPB-03-2007. (Ilia) 8799- Corrected fix for CVE-2007-2872. (Ilia) 8800 8801- Fixed possible crash in imagepsloadfont(), work around a bug in the pslib on 8802 Windows. (Pierre) 8803- Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g 8804 client libraries. (Chris Jones) 8805- Fixed EOF handling in case of reading from file opened in write only mode. 8806 (Dmitry) 8807- Fixed var_export() to use the new H modifier so that it can generate 8808 parseable PHP code for floats, independent of the locale. (Derick) 8809- Fixed regression introduced by the fix for the libgd bug #74. (Pierre) 8810- Fixed SimpleXML's behavior when used with empty(). (Sara) 8811- Fixed crash in OpenSSL extension because of non-string passphrase. (Dmitry) 8812 8813- Fixed PECL Bug #11345 (PDO_OCI crash after National language Support "NLS" 8814 environment initialization error). (Chris Jones) 8815- Fixed PECL bug #11216 (crash in ZipArchive::addEmptyDir when a directory 8816 already exists). (Pierre) 8817 8818- Fixed bug #43926 (isInstance() isn't equivalent to instanceof operator). (Marcus) 8819- Fixed bug #42368 (Incorrect error message displayed by pg_escape_string). 8820 (Ilia) 8821- Fixed bug #42365 (glob() crashes and/or accepts way too many flags). 8822 (Jani) 8823- Fixed Bug #42364 (Crash when using getRealPath with DirectoryIterator). 8824 (Johannes) 8825- Fixed bug #42292 ($PHP_CONFIG not set for phpized builds). (Jani) 8826- Fixed bug #42261 (header wrong for date field). 8827 (roberto at spadim dot com dot br, Ilia) 8828- Fixed bug #42259 (SimpleXMLIterator loses ancestry). (Rob) 8829- Fixed bug #42247 (ldap_parse_result() not defined under win32). (Jani) 8830- Fixed bug #42243 (copy() does not output an error when the first arg is a 8831 dir). (Ilia) 8832- Fixed bug #42242 (sybase_connect() crashes). (Ilia) 8833- Fixed bug #42237 (stream_copy_to_stream returns invalid values for mmaped 8834 streams). (andrew dot minerd at sellingsource dot com, Ilia) 8835- Fixed bug #42233 (Problems with æøå in extract()). (Jani) 8836- Fixed bug #42222 (possible buffer overflow in php_openssl_make_REQ). (Pierre) 8837- Fixed bug #42211 (property_exists() fails to find protected properties 8838 from a parent class). (Dmitry) 8839- Fixed bug #42208 (substr_replace() crashes when the same array is passed 8840 more than once). (crrodriguez at suse dot de, Ilia) 8841- Fixed bug #42198 (SCRIPT_NAME and PHP_SELF truncated when inside a userdir 8842 and using PATH_INFO). (Dmitry) 8843- Fixed bug #42195 (C++ compiler required always). (Jani) 8844- Fixed bug #42183 (classmap causes crash in non-wsdl mode). (Dmitry) 8845- Fixed bug #42173 (oci8 INTERVAL and TIMESTAMP type fixes). (Chris) 8846- Fixed bug #42151 (__destruct functions not called after catching a SoapFault 8847 exception). (Dmitry) 8848- Fixed bug #42142 (substr_replace() returns FALSE when length > string length). 8849 (Ilia) 8850- Fixed bug #42135 (Second call of session_start() causes creation of SID). 8851 (Ilia) 8852- Fixed bug #42134 (oci_error() returns false after oci_new_collection() fails). 8853 (Tony) 8854- Fixed bug #42119 (array_push($arr,&$obj) doesn't work with 8855 zend.ze1_compatibility_mode On). (Dmitry) 8856- Fixed bug #42117 (bzip2.compress loses data in internal buffer). 8857 (Philip, Ilia) 8858- Fixed bug #42112 (deleting a node produces memory corruption). (Rob) 8859- Fixed bug #42107 (sscanf broken when using %2$s format parameters). (Jani) 8860- Fixed bug #42090 (json_decode causes segmentation fault). (Hannes) 8861- Fixed bug #42082 (NodeList length zero should be empty). (Hannes) 8862- Fixed bug #42072 (No warning message for clearstatcache() with arguments). 8863 (Ilia) 8864- Fixed bug #42071 (ini scanner allows using NULL as option name). (Jani) 8865- Fixed bug #42027 (is_file() / is_dir() matches file/dirnames with wildcard char 8866 or trailing slash in Windows). (Dmitry) 8867- Fixed bug #42019 (configure option --with-adabas=DIR does not work). (Jani) 8868- Fixed bug #42015 (ldap_rename(): server error "DSA is unwilling to perform"). 8869 (bob at mroczka dot com, Jani) 8870- Fixed bug #42009 (is_a() and is_subclass_of() should NOT call autoload, in the 8871 same way as "instanceof" operator). (Dmitry) 8872- Fixed bug #41989 (move_uploaded_file() & relative path in ZTS mode). (Tony) 8873- Fixed bug #41984 (Hangs on large SoapClient requests). (Dmitry) 8874- Fixed bug #41983 (Error Fetching http headers terminated by '\n'). (Dmitry) 8875- Fixed bug #41973 (--with-ldap=shared fails with LDFLAGS="-Wl,--as-needed"). (Nuno) 8876- Fixed bug #41971 (PDOStatement::fetch and PDOStatement::setFetchMode causes 8877 unexpected behavior). (Ilia) 8878- Fixed bug #41964 (strtotime returns a timestamp for non-time string of 8879 pattern '(A|a) .+'). (Derick) 8880- Fixed bug #41961 (Ensure search for hidden private methods does not stray from 8881 class hierarchy). (robin_fernandes at uk dot ibm dot com) 8882- Fixed bug #41947 (SimpleXML incorrectly registers empty strings asnamespaces). 8883 (Rob) 8884- Fixed bug #41929 (Foreach on object does not iterate over all visible properties). 8885 (Dmitry) 8886- Fixed bug #41919 (crash in string to array conversion). 8887 (judas dot iscariote at gmail dot com, Ilia) 8888- Fixed bug #41909 (var_export() is locale sensitive when exporting float 8889 values). (Derick) 8890- Fixed bug #41908 (CFLAGS="-Os" ./configure --enable-debug fails). 8891 (christian at hoffie dot info, Tony) 8892- Fixed bug #41904 (proc_open(): empty env array should cause empty environment 8893 to be passed to process). (Jani) 8894- Fixed bug #41867 (SimpleXML: getName is broken). (Rob) 8895- Fixed bug #41865 (fputcsv(): 2nd parameter is not optional). (Jani) 8896- Fixed bug #41861 (SimpleXML: getNamespaces() returns the namespaces of a node's 8897 siblings). (Rob) 8898- Fixed bug #41845 (pgsql extension does not compile with PostgreSQL <7.4). (Ilia) 8899- Fixed bug #41844 (Format returns incorrect number of digits for negative years 8900 -0001 to -0999). (Derick) 8901- Fixed bug #41842 (Cannot create years < 0100 & negative years with date_create 8902 or new DateTime). (Derick) 8903- Fixed bug #41833 (addChild() on a non-existent node, no node created, 8904 getName() segfaults). (Rob) 8905- Fixed bug #41831 (pdo_sqlite prepared statements convert resources to 8906 strings). (Ilia) 8907- Fixed bug #41815 (Concurrent read/write fails when EOF is reached). (Sascha) 8908- Fixed bug #41813 (segmentation fault when using string offset as an object). 8909 (judas dot iscariote at gmail dot com, Tony) 8910- Fixed bug #41795 (checkdnsrr does not support DNS_TXT type). 8911 (lucas at facebook dot com, Tony) 8912- Fixed bug #41773 (php_strip_whitespace() sends headers with errors 8913 suppressed). (Tony) 8914- Fixed bug #41770 (SSL: fatal protocol error due to buffer issues). (Ilia) 8915- Fixed bug #41765 (Recode crashes/does not work on amd64). 8916 (nexus at smoula dot net, Stas) 8917- Fixed bug #41724 (libxml_get_last_error() - errors service request scope). 8918 (thekid at php dot net, Ilia) 8919- Fixed bug #41717 (imagepolygon does not respect thickness). (Pierre) 8920- Fixed bug #41713 (Persistent memory consumption on win32 since 5.2). (Dmitry) 8921- Fixed bug #41711 (NULL temporary lobs not supported in OCI8). 8922 (Chris Jones, Tony) 8923- Fixed bug #41709 (strtotime() does not handle 00.00.0000). (Derick) 8924- Fixed bug #41698 (float parameters truncated to integer in prepared 8925 statements). (Ilia) 8926- Fixed bug #41692 (ArrayObject shows weird behavior in respect to 8927 inheritance). (Tony) 8928- Fixed bug #41691 (ArrayObject::exchangeArray hangs Apache). (Tony) 8929- Fixed bug #41686 (Omitting length param in array_slice not possible). (Ilia) 8930- Fixed bug #41685 (array_push() fails to warn when next index is 8931 already occupied). (Ilia) 8932- Fixed bug #41655 (open_basedir bypass via glob()). (Ilia) 8933- Fixed bug #41640 (get_class_vars produces error on class constants). 8934 (Johannes) 8935- Fixed bug #41635 (SoapServer and zlib.output_compression with FastCGI 8936 result in major slowdown). (Dmitry) 8937- Fixed bug #41633 (Crash instantiating classes with self-referencing 8938 constants). (Dmitry) 8939- Fixed bug #41630 (segfault when an invalid color index is present in the 8940 image data). (Reported by Elliot <wccoder@gmail dot com>) (Pierre) 8941- Fixed bug #41628 (PHP settings leak between Virtual Hosts in Apache 1.3). 8942 (Scott, manuel at mausz dot at) 8943- Fixed bug #41608 (segfault on a weird code with objects and switch()). 8944 (Tony) 8945- Fixed bug #41600 (url rewriter tags doesn't work with namespaced tags). 8946 (Ilia) 8947- Fixed bug #41596 (Fixed a crash inside pdo_pgsql on some non-well-formed 8948 SQL queries). (Ilia) 8949- Fixed bug #41594 (OCI8 statement cache is flushed too frequently). (Tony) 8950- Fixed bug #41582 (SimpleXML crashes when accessing newly created element). 8951 (Tony) 8952- Fixed bug #41576 (configure failure when using --without-apxs or some other 8953 SAPIs disabling options). (Jani) 8954- Fixed bug #41567 (json_encode() double conversion is inconsistent with PHP). 8955 (Lucas, Ilia) 8956- Fixed bug #41566 (SOAP Server not properly generating href attributes). 8957 (Dmitry) 8958- Fixed bug #41555 (configure failure: regression caused by fix for #41265). 8959 (Jani) 8960- Fixed bug #41527 (WDDX deserialize numeric string array key). 8961 (Matt, Ilia) 8962- Fixed bug #41523 (strtotime('0000-00-00 00:00:00') is parsed as 1999-11-30). 8963 (Derick) 8964- Fixed bug #41518 (file_exists() warns of open_basedir restriction on 8965 non-existent file). (Tony) 8966- Fixed bug #41445 (parse_ini_file() has a problem with certain types of 8967 integer as sections). (Tony) 8968- Fixed bug #41433 (DBA: configure fails to include correct db.h for db4). 8969 (Jani) 8970- Fixed bug #41372 (Internal pointer of source array resets during array 8971 copying). (Dmitry) 8972- Fixed bug #41350 (my_thread_global_end() error during request shutdown on 8973 Windows). (Scott, Andrey) 8974- Fixed bug #41278 (get_loaded_extensions() should list Zend extensions). 8975 (Johannes) 8976- Fixed bug #41127 (Memory leak in ldap_{first|next}_attribute functions). 8977 (Jani) 8978- Fixed bug #40757 (get_object_vars get nothing in child class). (Dmitry) 8979- Fixed bug #40705 (Iterating within function moves original array pointer). 8980 (Dmitry) 8981- Fixed bug #40509 (key() function changed behaviour if global array is used 8982 within function). (Dmitry) 8983- Fixed bug #40419 (Trailing slash in CGI request does not work). (Dmitry) 8984- Fixed bug #39330 (apache2handler does not call shutdown actions before 8985 apache child die). (isk at ecommerce dot com, Gopal, Tony) 8986- Fixed bug #39291 (ldap_sasl_bind() misses the sasl_authc_id parameter). 8987 (diafour at gmail dot com, Jani) 8988- Fixed bug #37715 (array pointers resetting on copy). (Dmitry) 8989- Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir 8990 bypass). (Ilia) 8991- Fixed bug #36492 (Userfilters can leak buckets). (Sara) 8992- Fixed bugs #36796, #36918, #41371 (stream_set_blocking() does not work). 8993 (Jani) 8994- Fixed bug #35981 (pdo-pgsql should not use pkg-config when not present). 8995 (Jani) 8996- Fixed bug #31892 (PHP_SELF incorrect without cgi.fix_pathinfo, but turning on 8997 screws up PATH_INFO). (Dmitry) 8998- Fixed bug #21197 (socket_read() outputs error with PHP_NORMAL_READ). 8999 (Nuno, Jani) 9000 900131 May 2007, PHP 5.2.3 9002- Changed CGI install target to php-cgi and 'make install' to install CLI 9003 when CGI is selected. (Jani) 9004- Changed JSON maximum nesting depth from 20 to 128. (Rasmus) 9005 9006- Improved compilation of heredocs and interpolated strings. (Matt, Dmitry) 9007- Optimized out a couple of per-request syscalls. (Rasmus) 9008- Optimized digest generation in md5() and sha1() functions. (Ilia) 9009- Upgraded bundled SQLite 3 to version 3.3.17. (Ilia) 9010 9011- Added "max_input_nesting_level" php.ini option to limit nesting level of 9012 input variables. Fix for MOPB-03-2007. (Stas) 9013- Added a 4th parameter flag to htmlspecialchars() and htmlentities() that 9014 makes the function not encode existing html entities. (Ilia) 9015- Added PDO::FETCH_KEY_PAIR mode that will fetch a 2 column result set into 9016 an associated array. (Ilia) 9017- Added CURLOPT_TIMEOUT_MS and CURLOPT_CONNECTTIMEOUT_MS cURL constants. (Sara) 9018- Added --ini switch to CLI that prints out configuration file names. (Marcus) 9019- Added mysql_set_charset() to allow runtime altering of connection encoding. 9020 (Scott) 9021 9022- Implemented FR #41416 (getColumnMeta() should also return table name). (Tony) 9023 9024- Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner. 9025 (Ilia) 9026- Fixed SOAP extension's handler() to work even when 9027 "always_populate_raw_post_data" is off. (Ilia) 9028- Fixed possible infinite loop in imagecreatefrompng. (libgd #86) 9029 (by Xavier Roche, CVE-2007-2756). (Pierre) 9030- Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser). 9031 (Ilia) 9032- Fixed altering $this via argument named "this". (Dmitry) 9033- Fixed PHP CLI usage of php.ini from the binary location. (Hannes) 9034- Fixed segfault in strripos(). (Tony, Joxean Koret) 9035- Fixed bug #41693 (scandir() allows empty directory names). (Ilia) 9036- Fixed bug #41673 (json_encode breaks large numbers in arrays). (Ilia) 9037- Fixed bug #41525 (ReflectionParameter::getPosition() not available). (Marcus) 9038- Fixed bug #41511 (Compile failure under IRIX 6.5.30 building md5.c). (Jani) 9039- Fixed bug #41504 (json_decode() incorrectly decodes JSON arrays with empty 9040 string keys). (Ilia) 9041- Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()). (Ilia) 9042- Fixed bug #41477 (no arginfo about SoapClient::__soapCall()). (Ilia) 9043- Fixed bug #41455 (ext/dba/config.m4 pollutes global $LIBS and $LDFLAGS). 9044 (mmarek at suse dot cz, Tony) 9045- Fixed bug #41442 (imagegd2() under output control). (Tony) 9046- Fixed bug #41430 (Fatal error with negative values of maxlen parameter of 9047 file_get_contents()). (Tony) 9048- Fixed bug #41423 (PHP assumes wrongly that certain ciphers are enabled in 9049 OpenSSL). (Pierre) 9050- Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults). 9051 (Tony, Dmitry) 9052- Fixed bug #41403 (json_decode cannot decode floats if localeconv 9053 decimal_point is not '.'). (Tony) 9054- Fixed bug #41401 (wrong unary operator precedence). (Stas) 9055- Fixed bug #41394 (dbase_create creates file with corrupted header). (Tony) 9056- Fixed bug #41390 (Clarify error message with invalid protocol scheme). 9057 (Scott) 9058- Fixed bug #41378 (fastcgi protocol lacks support for Reason-Phrase in 9059 "Status:" header). (anight at eyelinkmedia dot com, Dmitry) 9060- Fixed bug #41374 (whole text concats values of wrong nodes). (Rob) 9061- Fixed bug #41358 (configure cannot determine SSL lib with libcurl >= 7.16.2). 9062 (Mike) 9063- Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input). (Ilia) 9064- Fixed bug #41351 (Invalid opcode with foreach ($a[] as $b)). (Dmitry, Tony) 9065- Fixed bug #41347 (checkdnsrr() segfaults on empty hostname). (Scott) 9066- Fixed bug #41337 (WSDL parsing doesn't ignore non soap bindings). (Dmitry) 9067- Fixed bug #41326 (Writing empty tags with Xmlwriter::WriteElement[ns]) 9068 (Pierre) 9069- Fixed bug #41321 (downgrade read errors in getimagesize() to E_NOTICE). 9070 (Ilia) 9071- Fixed bug #41304 (compress.zlib temp files left). (Dmitry) 9072- Fixed bug #41293 (Fixed creation of HTTP_RAW_POST_DATA when there is no 9073 default post handler). (Ilia) 9074- Fixed bug #41291 (FastCGI does not set SO_REUSEADDR). 9075 (fmajid at kefta dot com, Dmitry) 9076- Fixed gd build when used with freetype 1.x (Pierre, Tony) 9077- Fixed bug #41287 (Namespace functions don't allow xmlns definition to be 9078 optional). (Rob) 9079- Fixed bug #41285 (Improved fix for CVE-2007-1887 to work with non-bundled 9080 sqlite2 lib). (Ilia) 9081- Fixed bug #41283 (Bug with deserializing array key that are doubles or 9082 floats in wddx). (Ilia) 9083- Fixed bug #41257 (lookupNamespaceURI does not work as expected). (Rob) 9084- Fixed bug #41236 (Regression in timeout handling of non-blocking SSL 9085 connections during reads and writes). (Ilia) 9086- Fixed bug #41134 (zend_ts_hash_clean not thread-safe). 9087 (marco dot cova at gmail dot com, Tony) 9088- Fixed bug #41097 (ext/soap returning associative array as indexed without 9089 using WSDL). (Dmitry) 9090- Fixed bug #41004 (minOccurs="0" and null class member variable). (Dmitry) 9091- Fixed bug #39542 (Behavior of require/include different to < 5.2.0). 9092 (Dmitry) 9093 909403 May 2007, PHP 5.2.2 9095- Improved bundled GD 9096 . Sync to 2.0.35 9097 . Added imagegrabwindow and imagegrabscreen, capture a screen or a 9098 window using its handle (Pierre) 9099 . colors allocated henceforth from the resulting image overwrite the palette 9100 colors (Rob Leslie) 9101 . Improved thread safety of the gif support (Roman Nemecek, Nuno, Pierre) 9102 . Use the dimension of the GIF frame to create the destination image (Pierre) 9103 . Load only once the local color map from a GIF data (Pierre) 9104 . Improved thread safety of the freetype cache (Scott MacVicar, Nuno, Pierre) 9105 . imagearc huge CPU usage with large angles, libgd bug #74 (Pierre) 9106- Improved FastCGI SAPI to support external pipe and socket servers on win32. 9107 (Dmitry) 9108- Improved Zend Memory Manager 9109 . guarantee of reasonable time for worst cases of best-fit free block 9110 searching algorithm. (Dmitry) 9111 . better cache usage and less fragmentation on erealloc() (Tony, Dmitry) 9112- Improved SPL (Marcus) 9113 . Added SplFileInfo::getBasename(), DirectoryIterator::getBasename(). 9114 . Added SplFileInfo::getLinkTarget(), SplFileInfo::getRealPath(). 9115 . Made RecursiveFilterIterator::accept() abstract as stated in documentation. 9116- Improved SOAP 9117 . Added ability to encode arrays with "SOAP-ENC:Array" type instead of WSDL 9118 type. To activate the ability use "feature"=>SOAP_USE_XSI_ARRAY_TYPE 9119 option in SoapClient/SoapServer constructors. (Rob, Dmitry) 9120 9121- Added GMP_VERSION constant. (Tony) 9122- Added --ri switch to CLI which allows to check extension information. (Marcus) 9123- Added tidyNode::getParent() method (John, Nuno) 9124- Added openbasedir and safemode checks in zip:// stream wrapper and 9125 ZipArchive::open (Pierre) 9126- Added php_pdo_sqlite_external.dll, a version of the PDO SQLite driver that 9127 links against an external sqlite3.dll. This provides Windows users to upgrade 9128 their sqlite3 version outside of the PHP release cycle. (Wez, Edin) 9129- Added linenumbers to array returned by token_get_all(). (Johannes) 9130 9131- Upgraded SQLite 3 to version 3.3.16 (Ilia) 9132- Upgraded libraries bundled in the Windows distribution. (Edin) 9133 . c-client (imap) to version 2006e 9134 . libpq (PostgreSQL) to version 8.2.3 9135 . libmysql (MySQL) to version 5.0.37 9136 . openssl to version 0.9.8e 9137- Upgraded PCRE to version 7.0 (Nuno) 9138 9139- Updated timezone database to version 2007.5. (Derick) 9140 9141- Fixed commandline handling for CLI and CGI. (Marcus, Johannes) 9142- Fixed iterator_apply() with a callback using __call(). (Johannes) 9143- Fixed possible multi bytes issues in openssl csr parser (Pierre) 9144- Fixed shmop_open() with IPC_CREAT|IPC_EXCL flags on Windows. 9145 (Vladimir Kamaev, Tony). 9146- Fixed possible leak in ZipArchive::extractTo when safemode checks fails (Ilia) 9147- Fixed possible relative path issues in zip_open and TS mode (old API) (Pierre) 9148- Fixed zend_llist_remove_tail (Michael Wallner, Dmitry) 9149- Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek) 9150- Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre) 9151- Fixed unallocated memory access/double free in in array_user_key_compare() 9152 (MOPB-24 by Stefan Esser) (Stas) 9153- Fixed wrong length calculation in unserialize S type 9154 (MOPB-29 by Stefan Esser) (Stas) 9155 9156- Fixed bug #41215 (setAttribute return code reversed). (Ilia) 9157- Fixed bug #41192 (Per Directory Values only work for one key). (Dmitry) 9158- Fixed bug #41175 (addAttribute() fails to add an attribute with an empty 9159 value). (Ilia) 9160- Fixed bug #41159 (mysql_pconnect() hash does not account for connect 9161 flags). (Ilia) 9162- Fixed bug #41121 (range() overflow handling for large numbers on 32bit 9163 machines). (Ilia) 9164- Fixed bug #41118 (PHP does not handle overflow of octal integers). (Tony) 9165- Fixed bug #41109 (recursiveiterator.inc says "implements" Iterator instead of 9166 "extends"). (Marcus) 9167- Fixed bug #40130 (TTF usage doesn't work properly under Netware). (Scott, 9168 gk at gknw dot de) 9169- Fixed bug #41093 (magic_quotes_gpc ignores first arrays keys). (Arpad, Ilia) 9170- Fixed bug #41075 (memleak when creating default object caused exception). 9171 (Dmitry) 9172- Fixed bug #41067 (json_encode() problem with UTF-16 input). (jp at df5ea 9173 dot net. Ilia) 9174- Fixed bug #41063 (chdir doesn't like root paths). (Dmitry) 9175- Fixed bug #41061 ("visibility error" in ReflectionFunction::export()). 9176 (Johannes) 9177- Fixed bug #41043 (pdo_oci crash when freeing error text with persistent 9178 connection). (Tony) 9179- Fixed bug #41037 (unregister_tick_function() inside the tick function crash PHP). 9180 (Tony) 9181- Fixed bug #41034 (json_encode() ignores null byte started keys in arrays). 9182 (Ilia) 9183- Fixed bug #41026 (segfault when calling "self::method()" in shutdown functions). 9184 (Tony) 9185- Fixed bug #40999 (mcrypt_create_iv() not using random seed). (Ilia) 9186- Fixed bug #40998 (long session array keys are truncated). (Tony) 9187- Implement feature request #40947, allow a single filter as argument 9188 for filter_var_array (Pierre) 9189- Fixed bug #40935 (pdo_mysql does not raise an exception on empty 9190 fetchAll()). (Ilia) 9191- Fixed bug #40931 (open_basedir bypass via symlink and move_uploaded_file()). 9192 (Tony) 9193- Fixed bug #40921 (php_default_post_reader crashes when post_max_size is 9194 exceeded). (trickie at gmail dot com, Ilia) 9195- Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony) 9196- Fixed bug #40899 (memory leak when nesting list()). (Dmitry) 9197- Fixed bug #40897 (error_log file not locked). (Ilia) 9198- Fixed bug #40883 (mysql_query() is allocating memory incorrectly). (Tony) 9199- Fixed bug #40872 (inconsistency in offsetSet, offsetExists treatment of 9200 string enclosed integers). (Marcus) 9201- Fixed bug #40861 (strtotime() doesn't handle double negative relative time 9202 units correctly). (Derick, Ilia) 9203- Fixed bug #40854 (imap_mail_compose() creates an invalid terminator for 9204 multipart e-mails). (Ilia) 9205- Fixed bug #40848 (sorting issue on 64-bit Solaris). (Wez) 9206- Fixed bug #40836 (Segfault in ext/dom). (Rob) 9207- Fixed bug #40833 (Crash when using unset() on an ArrayAccess object retrieved 9208 via __get()). (Dmitry) 9209- Fixed bug #40822 (pdo_mysql does not return rowCount() on select). (Ilia) 9210- Fixed bug #40815 (using strings like "class::func" and static methods in 9211 set_exception_handler() might result in crash). (Tony) 9212- Fixed bug #40809 (Poor performance of ".="). (Dmitry) 9213- Fixed bug #40805 (Failure executing function ibase_execute()). (Tony) 9214- Fixed bug #40800 (cannot disable memory_limit with -1). (Dmitry, Tony) 9215- Fixed bug #40794 (ReflectionObject::getValues() may crash when used with 9216 dynamic properties). (Tony) 9217- Fixed bug #40784 (Case sensitivity in constructor's fallback). (Tony) 9218- Fixed bug #40770 (Apache child exits when PHP memory limit reached). (Dmitry) 9219- Fixed bug #40764 (line thickness not respected for horizontal and vertical 9220 lines). (Pierre) 9221- Fixed bug #40758 (Test fcgi_is_fastcgi() is wrong on windows). (Dmitry) 9222- Fixed bug #40754 (added substr() & substr_replace() overflow checks). (Ilia) 9223- Fixed bug #40752 (parse_ini_file() segfaults when a scalar setting is 9224 redeclared as an array). (Tony) 9225- Fixed bug #40750 (openssl stream wrapper ignores default_stream_timeout). 9226 (Tony) 9227- Fixed bug #40727 (segfault in PDO when failed to bind parameters). (Tony) 9228- Fixed bug #40709 (array_reduce() behaves strange with one item stored arrays). 9229 (Ilia) 9230- Fixed bug #40703 (Resolved a possible namespace conflict between libxmlrpc 9231 and MySQL's NDB table handler). (Ilia) 9232- Fixed bug #40961 (Incorrect results of DateTime equality check). (Mike) 9233- Fixed bug #40678 (Cross compilation fails). (Tony) 9234- Fixed bug #40621 (Crash when constructor called inappropriately). (Tony) 9235- Fixed bug #40609 (Segfaults when using more than one SoapVar in a request). 9236 (Rob, Dmitry) 9237- Fixed bug #40606 (umask is not being restored when request is finished). 9238 (Tony) 9239- Fixed bug #40598 (libxml segfault). (Rob) 9240- Fixed bug #40591 (list()="string"; gives invalid opcode). (Dmitry) 9241- Fixed bug #40578 (imagettftext() multithreading issue). (Tony, Pierre) 9242- Fixed bug #40576 (double values are truncated to 6 decimal digits when 9243 encoding). (Tony) 9244- Fixed bug #40560 (DIR functions do not work on root UNC path). (Dmitry) 9245- Fixed bug #40548 (SplFileInfo::getOwner/getGroup give a warning on broken 9246 symlink). (Marcus) 9247- Fixed bug #40546 (SplFileInfo::getPathInfo() throws an exception if directory 9248 is in root dir). (Marcus) 9249- Fixed bug #40545 (multithreading issue in zend_strtod()). (Tony) 9250- Fixed bug #40503 (json_encode() value corruption on 32bit systems with 9251 overflown values). (Ilia) 9252- Fixed bug #40467 (Partial SOAP request sent when XSD sequence or choice 9253 include minOccurs=0). (Dmitry) 9254- Fixed bug #40465 (Ensure that all PHP elements are printed by var_dump). 9255 (wharmby at uk dot ibm dot com, Ilia) 9256- Fixed bug #40464 (session.save_path wont use default-value when safe_mode 9257 or open_basedir is enabled). (Ilia) 9258- Fixed bug #40455 (proc_open() uses wrong command line when safe_mode_exec_dir 9259 is set). (Tony) 9260- Fixed bug #40432 (strip_tags() fails with greater than in attribute). (Ilia) 9261- Fixed bug #40431 (dynamic properties may cause crash in ReflectionProperty 9262 methods). (Tony) 9263- Fixed bug #40451 (addAttribute() may crash when used with non-existent child 9264 node). (Tony) 9265- Fixed bug #40442 (ArrayObject::offsetExists broke in 5.2.1, works in 5.2.0). 9266 (olivier at elma dot fr, Marcus) 9267- Fixed bug #40428 (imagepstext() doesn't accept optional parameter). (Pierre) 9268- Fixed bug #40417 (Allow multiple instances of the same named PDO token in 9269 prepared statement emulation code). (Ilia) 9270- Fixed bug #40414 (possible endless fork() loop when running fastcgi). 9271 (Dmitry) 9272- Fixed bug #40410 (ext/posix does not compile on MacOS 10.3.9). (Tony) 9273- Fixed bug #40392 (memory leaks in PHP milter SAPI). 9274 (tuxracer69 at gmail dot com, Tony) 9275- Fixed bug #40371 (pg_client_encoding() not working on Windows). (Edin) 9276- Fixed bug #40352 (FCGI_WEB_SERVER_ADDRS function get lost). (Dmitry) 9277- Fixed bug #40290 (strtotime() returns unexpected result with particular 9278 timezone offset). (Derick) 9279- Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when 9280 parent is killed). (Dmitry) 9281- Fixed bug #40261 (Extremely slow data handling due to memory fragmentation). 9282 (Dmitry) 9283- Fixed bug #40236 (php -a function allocation eats memory). (Dmitry) 9284- Fixed bug #40109 (iptcembed fails on non-jfif jpegs). (Tony) 9285- Fixed bug #39965 (Latitude and longitude are backwards in date_sun_info()). 9286 (Derick) 9287- Implement #39867 (openssl PKCS#12 support) (Marc Delling, Pierre) 9288- Fixed bug #39836 (SplObjectStorage empty after unserialize). (Marcus) 9289- Fixed bug #39416 (Milliseconds in date()). (Derick) 9290- Fixed bug #39396 (stream_set_blocking crashes on Win32). (Ilia, maurice at 9291 iceblog dot de) 9292- Fixed bug #39351 (relative include fails on Solaris). (Dmitry, Tony) 9293- Fixed bug #39322 (proc_terminate() destroys process resource). (Nuno) 9294- Fixed bug #38406 (crash when assigning objects to SimpleXML attributes). (Tony) 9295- Fixed bug #37799 (ftp_ssl_connect() falls back to non-ssl connection). (Nuno) 9296- Fixed bug #36496 (SSL support in imap_open() not working on Windows). (Edin) 9297- Fixed bug #36226 (Inconsistent handling when passing nillable arrays). 9298 (Dmitry) 9299- Fixed bug #35872 (Avoid crash caused by object store being referenced during 9300 RSHUTDOWN). (Andy) 9301- Fixed bug #34794 (proc_close() hangs when used with two processes). 9302 (jdolecek at netbsd dot org, Nuno) 9303- Fixed PECL bug #10194 (crash in Oracle client when memory limit reached in 9304 the callback). (Tony) 9305- Fixed substr_compare and substr_count information leak (MOPB-14) (Stas, Ilia) 9306- Fixed crash on op-assign where argument is string offset (Brian, Stas) 9307- Fixed bug #38710 (data leakage because of nonexisting boundary checking in 9308 statements in mysqli) (Stas) 9309- Fixed bug #37386 (autocreating element doesn't assign value to first node). 9310 (Rob) 9311- Fixed bug #37013 (server hangs when returning circular object references). 9312 (Dmitry) 9313- Fixed bug #33664 Console window appears when using exec() 9314 (Richard Quadling, Stas) 9315 9316 931708 Feb 2007, PHP 5.2.1 9318- Added read-timeout context option "timeout" for HTTP streams. (Hannes, Ilia). 9319- Added CURLOPT_TCP_NODELAY constant to Curl extension. (Sara) 9320- Added support for hex numbers of any size. (Matt) 9321- Added function stream_socket_shutdown(). It is a wrapper for system 9322 shutdown() function, that shut downs part of a full-duplex connection. 9323 (Dmitry) 9324- Added internal heap protection (Dmitry) 9325 . memory-limit is always enabled (--enable-memory-limit removed) 9326 . default value if memory-limit is set to 128M 9327 . safe unlinking 9328 . cookies 9329 . canary protection (debug build only) 9330 . random generation of cookies and canaries 9331- Added forward support for 'b' prefix in front of string literals. (Andrei) 9332- Added three new functions to ext/xmlwriter (Rob, Ilia) 9333 . xmlwriter_start_dtd_entity() 9334 . xmlwriter_end_dtd_entity() 9335 . xmlwriter_write_dtd_entity() 9336- Added a meta tag to phpinfo() output to prevent search engines from indexing 9337 the page. (Ilia) 9338- Added new function, sys_get_temp_dir(). (Hartmut) 9339- Added missing object support to file_put_contents(). (Ilia) 9340- Added support for md2, ripemd256 and ripemd320 algos to hash(). (Sara) 9341- Added forward support for (binary) cast. (Derick) 9342- Added optimization for imageline with horizontal and vertical lines (Pierre) 9343 9344- Removed dependency from SHELL32.DLL. (Dmitry) 9345- Removed double "wrong parameter count" warnings in various functions. 9346 (Hannes) 9347- Moved extensions to PECL: 9348 . ext/informix (Derick, Tony) 9349 9350- Changed double-to-string utilities to use BSD implementation. (Dmitry, Tony) 9351- Updated bundled libcURL to version 7.16.0 in the Windows distro. (Edin) 9352- Updated timezone database to version 2006.16. (Derick) 9353- cgi.* and fastcgi.* directives are moved to INI subsystem. The new directive 9354 cgi.check_shebang_line can be used to omitting check for "#! /usr/bin/php" 9355 line. (Dmitry). 9356- Improved proc_open(). Now on Windows it can run external commands not 9357 through CMD.EXE. (Dmitry) 9358- VCWD_REALPATH() is improved to use realpath cache without VIRTUAL_DIR. 9359 (Dmitry) 9360- ext/bcmath initialization code is moved from request startup to module 9361 startup. (Dmitry) 9362- Zend Memory Manager Improvements (Dmitry) 9363 . use HeapAlloc() instead of VirtualAlloc() 9364 . use "win32" storage manager (instead of "malloc") on Windows by default 9365- Zip Extension Improvements (Pierre) 9366 . Fixed leak in statName and stateIndex 9367 . Fixed return setComment (Hannes) 9368 . Added addEmptyDir method 9369- Filter Extension Improvements (Ilia, Pierre) 9370 . Fixed a bug when callback function returns a non-modified value. 9371 . Added filter support for $_SERVER in cgi/apache2 sapis. 9372 . Make sure PHP_SELF is filtered in Apache 1 sapi. 9373 . Fixed bug #39358 (INSTALL_HEADERS contains incorrect reference to 9374 php_filter.h). 9375 . Added "default" option that allows a default value to be set for an 9376 invalid or missing value. 9377 . Invalid filters fails instead of returning unsafe value 9378 . Fixed possible double encoding problem with sanitizing filters 9379 . Make use of space-strict strip_tags() function 9380 . Fixed whitespace trimming 9381 . Added support for FastCGI environment variables. (Dmitry) 9382- PDO_MySQL Extension Improvements (Ilia) 9383 . Enabled buffered queries by default. 9384 . Enabled prepared statement emulation by default. 9385 9386- Small optimization of the date() function. (Matt,Ilia) 9387- Optimized the internal is_numeric_string() function. (Matt,Ilia) 9388- Optimized array functions utilizing php_splice(). (Ilia) 9389- Windows related optimizations (Dmitry, Stas) 9390 . COM initialization/deinitialization are done only if necessary 9391 . removed unnecessary checks for ISREG file and corresponding stat() calls 9392 . opendir() is reimplementation using GetFistFile/GetNextFile those are 9393 faster then _findfirst/_findnext 9394 . implemented registry cache that prevent registry lookup on each request. 9395 In case of modification of corresponding registry-tree PHP will reload it 9396 automatic 9397 . start timeout thread only if necessary 9398 . stat() is reimplementation using GetFileAttributesEx(). The new 9399 implementation is faster then implementation in MS VC CRT, but it doesn't 9400 support Windows 95. 9401- Streams optimization (Dmitry) 9402 . removed unnecessary ftell() calls (one call for each included PHP file) 9403 . disabled calls to read() after EOF 9404 9405- Fixed incorrect function names on FreeBSD where inet_pton() was named 9406 __inet_pton() and inet_ntop() was named __inet_ntop(). (Hannes) 9407- Fixed FastCGI impersonation for persistent connections on Windows. (Dmitry) 9408- Fixed wrong signature initialization in imagepng (Takeshi Abe) 9409- Fixed ftruncate() with negative size on FreeBSD. (Hannes) 9410- Fixed segfault in RegexIterator when given invalid regex. (Hannes) 9411- Fixed segfault in SplFileObject->openFile()->getPathname(). (Hannes) 9412- Fixed segfault in ZTS mode when OCI8 statements containing sub-statements 9413 are destroyed in wrong order. (Tony) 9414- Fixed the validate email filter so that the letter "v" can also be used in 9415 the user part of the email address. (Derick) 9416- Fixed bug #40297 (compile failure in ZTS mode when collections support is 9417 missing). (Tony) 9418- Fixed bug #40285 (The PDO prepare parser goes into an infinite loop in 9419 some instances). (Ilia) 9420- Fixed bug #40274 (Sessions fail with numeric root keys). (Ilia) 9421- Fixed bug #40259 (ob_start call many times - memory error). (Dmitry) 9422- Fixed bug #40231 (file_exists incorrectly reports false). (Dmitry) 9423- Fixed bug #40228 (ZipArchive::extractTo does create empty directories 9424 recursively). (Pierre) 9425- Fixed bug #40200 (The FastCgi version has different realpath results than 9426 thread safe version). (Dmitry) 9427- Fixed bug #40191 (use of array_unique() with objects triggers segfault). 9428 (Tony) 9429- Fixed bug #40189 (possible endless loop in zlib.inflate stream filter). 9430 (Greg, Tony) 9431- Fixed bug #40169 (CURLOPT_TCP_NODELAY only available in curl >= 7.11.2). 9432 (Tony) 9433- Fixed bug #40129 (iconv extension doesn't compile with CodeWarrior on 9434 Netware). (gk at gknw dot de, Tony) 9435- Fixed bug #40127 (apache2handler doesn't compile on Netware). 9436 (gk at gknw dot de) 9437- Fixed bug #40121 (PDO_DBLIB driver wont free statements). (Ilia) 9438- Fixed bug #40098 (php_fopen_primary_script() not thread safe). (Ilia) 9439- Fixed bug #40092 (chroot() doesn't clear realpath cache). (Dmitry) 9440- Fixed bug #40091 (spl_autoload_register with 2 instances of the same class). 9441 (Ilia) 9442- Fixed bug #40083 (milter SAPI functions always return false/null). (Tony) 9443- Fixed bug #40079 (php_get_current_user() not thread safe). 9444 (Ilia, wharmby at uk dot ibm dot com) 9445- Fixed bug #40078 (ORA-01405 when fetching NULL values using 9446 oci_bind_array_by_name()). (Tony) 9447- Fixed bug #40076 (zend_alloc.c: Value of enumeration constant must be in 9448 range of signed integer). (Dmitry) 9449- Fixed bug #40073 (exif_read_data dies on certain images). (Tony, Marcus) 9450- Fixed bug #40036 (empty() does not work correctly with ArrayObject when 9451 using ARRAY_AS_PROPS). (Ilia) 9452- Fixed bug #40012 (php_date.c doesn't compile on Netware). 9453 (gk at gknw dot de, Derick) 9454- Fixed bug #40009 (http_build_query(array()) returns NULL). (Ilia) 9455- Fixed bug #40002 (Try/Catch performs poorly). (Dmitry) 9456- Fixed bug #39993 (tr_TR.UTF-8 locale has problems with PHP). (Ilia) 9457- Fixed bug #39990 (Cannot "foreach" over overloaded properties). (Dmitry) 9458- Fixed bug #39988 (type argument of oci_define_by_name() is ignored). 9459 (Chris Jones, Tony) 9460- Fixed bug #39984 (redirect response code in header() could be ignored 9461 in CGI sapi). (Ilia) 9462- Fixed bug #39979 (PGSQL_CONNECT_FORCE_NEW will causes next connect to 9463 establish a new connection). (Ilia) 9464- Fixed bug #39971 (pg_insert/pg_update do not allow now() to be used 9465 for timestamp fields). (Ilia) 9466- Fixed bug #39969 (ini setting short_open_tag has no effect when using 9467 --enable-maintainer-zts). (Dmitry) 9468- Fixed bug #39952 (zip ignoring --with-libdir on zlib checks) 9469 (judas dot iscariote at gmail dot com) 9470- Fixed bug #39944 (References broken). (Dmitry) 9471- Fixed bug #39935 (Extensions tidy,mcrypt,mhash,pdo_sqlite ignores 9472 --with-libdir). (judas dot iscariote at gmail dot com, Derick) 9473- Fixed bug #39903 (Notice message when executing __halt_compiler() more than 9474 once). (Tony) 9475- Fixed bug #39898 (FILTER_VALIDATE_URL validates \r\n\t etc). (Ilia) 9476- Fixed bug #39890 (using autoconf 2.6x and --with-layout=GNU breaks PEAR 9477 install path). (Tony) 9478- Fixed bug #39884 (ReflectionParameter::getClass() throws exception for 9479 type hint self). (thekid at php dot net) 9480- Fixed bug #39878 (CURL doesn't compile on Sun Studio Pro). (Ilia) 9481- Fixed bug #39873 (number_format() breaks with locale & decimal points). 9482 (Ilia) 9483- Fixed bug #39869 (safe_read does not initialize errno). 9484 (michiel at boland dot org, Dmitry) 9485- Fixed bug #39850 (SplFileObject throws contradictory/wrong error messages 9486 when trying to open "php://wrong"). (Tony) 9487- Fixed bug #39846 (Invalid IPv4 treated as valid). (Ilia) 9488- Fixed bug #39845 (Persistent connections generate a warning in pdo_pgsql). 9489 (Ilia) 9490- Fixed bug #39832 (SOAP Server: parameter not matching the WSDL specified 9491 type are set to 0). (Dmitry) 9492- Fixed bug #39825 (foreach produces memory error). (Dmitry) 9493- Fixed bug #39816 (apxs2filter ignores httpd.conf & .htaccess php config 9494 settings). (Ilia) 9495- Fixed bug #39815 (SOAP double encoding is not locale-independent). (Dmitry) 9496- Fixed bug #39797 (virtual() does not reset changed INI settings). (Ilia) 9497- Fixed bug #39795 (build fails on AIX because crypt_r() uses different 9498 data struct). (Tony) 9499- Fixed bug #39791 (Crash in strtotime() on overly long relative date 9500 multipliers). (Ilia) 9501- Fixed bug #39787 (PHP doesn't work with Apache 2.3). 9502 (mv at binarysec dot com). 9503- Fixed bug #39782 (setTime() on a DateTime constructed with a Weekday 9504 yields incorrect results). (Ilia) 9505- Fixed bug #39780 (PNG image with CRC/data error raises fatal error) (Pierre) 9506- Fixed bug #39779 (Enable AUTH PLAIN mechanism in underlying libc-client). 9507 (michael dot heimpold at s2000 dot tu-chemnitz dot de, Ilia) 9508- Fixed bug #39775 ("Indirect modification ..." message is not shown). 9509 (Dmitry) 9510- Fixed bug #39763 (magic quotes are applied twice by ext/filter in 9511 parse_str()). (Ilia) 9512- Fixed bug #39760 (cloning fails on nested SimpleXML-Object). (Rob) 9513- Fixed bug #39759 (Can't use stored procedures fetching multiple result 9514 sets in pdo_mysql). (Ilia) 9515- Fixed bug #39754 (Some POSIX extension functions not thread safe). 9516 (Ilia, wharmby at uk dot ibm dot com) 9517- Fixed bug #39751 (putenv crash on Windows). (KevinJohnHoffman at gmail.com) 9518- Fixed bug #39732 (oci_bind_array_by_name doesn't work on Solaris 64bit). 9519 (Tony) 9520- Fixed bug #39724 (Broken build due to spl/filter usage of pcre extension). 9521 (Tony, Ilia) 9522- Fixed bug #39718 (possible crash if assert.callback is set in ini). (Ilia) 9523- Fixed bug #39702 (php crashes in the allocator on linux-m68k). (Dmitry) 9524- Fixed bug #39685 (iconv() - undefined function). (Hannes) 9525- Fixed bug #39673 (file_get_contents causes bus error on certain offsets). 9526 (Tony) 9527- Fixed bug #39663 (Memory leak in pg_get_notify() and a possible memory 9528 corruption on Windows in pgsql and pdo_pgsql extensions). 9529 (Ilia, matteo at beccati dot com) 9530- Fixed bug #39662 (Segfault when calling asXML() of a cloned 9531 SimpleXMLElement). (Rob, Tony) 9532- Fixed bug #39656 (crash when calling fetch() on a PDO statment object after 9533 closeCursor()). (Ilia, Tony) 9534- Fixed bug #39653 (ext/dba doesn't check for db-4.5 and db-4.4 when db4 9535 support is enabled). (Tony) 9536- Fixed bug #39652 (Wrong negative results from memory_get_usage()). (Dmitry) 9537- Fixed bug #39648 (Implementation of PHP functions chown() and chgrp() are 9538 not thread safe). (Ilia, wharmby at uk dot ibm dot com) 9539- Fixed bug #39640 (Segfault with "Allowed memory size exhausted"). (Dmitry) 9540- Fixed bug #39625 (Apache crashes on importStylesheet call). (Rob) 9541- Fixed bug #39623 (thread safety fixes on *nix for putenv() & mime_magic). 9542 (Ilia, wharmby at uk dot ibm dot com) 9543- Fixed bug #39621 (str_replace() is not binary safe on strings with equal 9544 length). (Tony) 9545- Fixed bug #39613 (Possible segfault in imap initialization due to missing 9546 module dependency). (wharmby at uk dot ibm dot com, Tony) 9547- Fixed bug #39606 (Use of com.typelib_file in PHP.ini STILL causes A/V). (Rob) 9548- Fixed bug #39602 (Invalid session.save_handler crashes PHP). (Dmitry) 9549- Fixed bug #39596 (Creating Variant of type VT_ARRAY). (Rob) 9550- Fixed bug #39583 (ftp_put() does not change transfer mode to ASCII). (Tony) 9551- Fixed bug #39576 (array_walk() doesn't separate user data zval). (Tony) 9552- Fixed bug #39575 (move_uploaded_file() no longer working (safe mode 9553 related)). (Tony) 9554- Fixed bug #39571 (timeout ssl:// connections). (Ilia) 9555- Fixed bug #39564 (PDO::errorInfo() returns inconsistent information when 9556 sqlite3_step() fails). (Tony) 9557- Fixed bug #39548 (ZMSG_LOG_SCRIPT_NAME not routed to OutputDebugString() 9558 on Windows). (Dmitry) 9559- Fixed bug #39538 (fgetcsv can't handle starting newlines and trailing odd 9560 number of backslashes). (David Soria Parra, Pierre) 9561- Fixed bug #39534 (Error in maths to calculate of 9562 ZEND_MM_ALIGNED_MIN_HEADER_SIZE). (wharmby at uk dot ibm dot com, Dmitry) 9563- Fixed bug #39527 (Failure to retrieve results when multiple unbuffered, 9564 prepared statements are used in pdo_mysql). (Ilia) 9565- Fixed bug #39508 (imagefill crashes with small images 3 pixels or less). 9566 (Pierre) 9567- Fixed bug #39506 (Archive corrupt with ZipArchive::addFile method). (Pierre) 9568- Fixed bug #39504 (xmlwriter_write_dtd_entity() creates Attlist tag, not 9569 entity). (Hannes) 9570- Fixed bug #39483 (Problem with handling of \ char in prepared statements). 9571 (Ilia, suhachov at gmail dot com) 9572- Fixed bug #39458 (ftp_nlist() returns false on empty dirs). (Nuno) 9573- Fixed bug #39454 (Returning a SOAP array segfaults PHP). (Dmitry) 9574- Fixed bug #39450 (getenv() fills other super-globals). (Ilia, Tony) 9575- Fixed bug #39449 (Overloaded array properties do not work correctly). 9576 (Dmitry) 9577- Fixed bug #39445 (Calling debug_backtrace() in the __toString() 9578 function produces a crash). (Dmitry) 9579- Fixed bug #39438 (Fatal error: Out of memory). (Dmitry) 9580- Fixed bug #39435 ('foo' instanceof bar gives invalid opcode error). (Sara) 9581- Fixed bug #39414 (Syntax error while compiling with Sun Workshop Complier). 9582 (Johannes) 9583- Fixed bug #39398 (Booleans are not automatically translated to integers). 9584 (Ilia) 9585- Fixed bug #39394 (Missing check for older variants of openssl). (Ilia) 9586- Fixed bug #39367 (clearstatcache() doesn't clear realpath cache). 9587 (j at pureftpd dot org, Dmitry) 9588- Fixed bug #39366 (imagerotate does not use alpha with angle > 45 degrees) 9589 (Pierre) 9590- Fixed bug #39364 (Removed warning on empty haystack inside mb_strstr()). 9591 (Ilia) 9592- Fixed bug #39362 (Added an option to imap_open/imap_reopen to control the 9593 number of connection retries). (Ilia) 9594- Fixed bugs #39361 & #39400 (mbstring function overloading problem). (Seiji) 9595- Fixed bug #39354 (Allow building of curl extension against libcurl 9596 7.16.0). (Ilia) 9597- Fixed bug #39350 (crash with implode("\n", array(false))). (Ilia) 9598- Fixed bug #39344 (Unnecessary calls to OnModify callback routine for 9599 an extension INI directive). (wharmby at uk dot ibm dot com, Dmitry) 9600- Fixed bug #39320 (ZEND_HASH_APPLY_STOP causes deletion). (Marcus) 9601- Fixed bug #39313 (spl_autoload triggers Fatal error). (Marcus) 9602- Fixed bug #39300 (make install fails if wget is not available). (Tony) 9603- Fixed bug #39297 (Memory corruption because of indirect modification of 9604 overloaded array). (Dmitry) 9605- Fixed bug #39286 (misleading error message when invalid dimensions are 9606 given) (Pierre) 9607- Fixed bug #39273 (imagecopyresized may ignore alpha channel) (Pierre) 9608- Fixed bug #39265 (Fixed path handling inside mod_files.sh). 9609 (michal dot taborsky at gmail dot com, Ilia) 9610- Fixed bug #39217 (serialNumber might be -1 when the value is too large). 9611 (Pierre, Tony) 9612- Fixed bug #39215 (Inappropriate close of stdin/stdout/stderr). (Wez, Ilia) 9613- Fixed bug #39201 (Possible crash in Apache 2 with 413 ErrorHandler). (Ilia) 9614- Fixed bug #39151 (Parse error in recursiveiteratoriterator.php). (Marcus) 9615- Fixed bug #39121 (Incorrect return array handling in non-wsdl soap client). 9616 (Dmitry) 9617- Fixed bug #39090 (DirectoryFilterDots doxygen docs and example is wrong). 9618 (Marcus) 9619- Fixed bug #38852 (XML-RPC Breaks iconv). (Hannes) 9620- Fixed bug #38770 (unpack() broken with longs on 64 bit machines). 9621 (Ilia, David Soria Parra). 9622- Fixed bug #38698 (for some keys cdbmake creates corrupted db and cdb can't 9623 read valid db). (Marcus) 9624- Fixed bug #38680 (Added missing handling of basic types in json_decode). 9625 (Ilia) 9626- Fixed bug #38604 (Fixed request time leak inside foreach() when iterating 9627 through virtual properties). (Dmitry) 9628- Fixed bug #38602 (header( "HTTP/1.0 ..." ) does not change proto version). 9629 (Ilia) 9630- Fixed bug #38542 (proc_get_status() returns wrong PID on windows). (Nuno) 9631- Fixed bug #38536 (SOAP returns an array of values instead of an object). 9632 (Dmitry) 9633- Fixed bug #38456 (Apache2 segfaults when virtual() is called in .php 9634 ErrorDocument). (Ilia) 9635- Fixed bug #38325 (spl_autoload_register() gives wrong line for "class not 9636 found"). (Ilia) 9637- Fixed bug #38319 (Remove bogus warnings from persistent PDO connections). 9638 (Ilia) 9639- Fixed bug #38274 (Memlimit fatal error sent to "wrong" stderr when using 9640 fastcgi). (Dmitry) 9641- Fixed bug #38252 (Incorrect PDO error message on invalid default fetch 9642 mode). (Ilia) 9643- Fixed bug #37927 (Prevent trap when COM extension processes argument of 9644 type VT_DISPATCH|VT_REF) (Andy) 9645- Fixed bug #37773 (iconv_substr() gives "Unknown error" when string 9646 length = 1"). (Ilia) 9647- Fixed bug #37627 (session save_path check checks the parent directory). 9648 (Ilia) 9649- Fixed bug #37619 (proc_open() closes stdin on fork() failure). 9650 (jdolecek at NetBSD dot org, Nuno) 9651- Fixed bug #37588 (COM Property propputref converts to PHP function 9652 and can't be accesed). (Rob) 9653- Fixed bug #36975 (natcasesort() causes array_pop() to misbehave). 9654 (Hannes) 9655- Fixed bug #36812 (pg_execute() modifies input array). (Ilia) 9656- Fixed bug #36798 (Error parsing named parameters with queries containing 9657 high-ascii chars). (Ilia) 9658- Fixed bug #36644 (possible crash in variant_date_from_timestamp()). (Ilia) 9659- Fixed bug #36427 (proc_open() / proc_close() leak handles on windows). 9660 (jdolecek at NetBSD dot org, Nuno) 9661- Fixed bug #36392 (wrong number of decimal digits with %e specifier in 9662 sprintf). (Matt,Ilia) 9663- Fixed bug #36214 (__get method works properly only when conditional 9664 operator is used). (Dmitry) 9665- Fixed bug #35634 (Erroneous "Class declarations may not be nested" 9666 error raised). (Carl P. Corliss, Dmitry) 9667- Fixed bug #35106 (nested foreach fails when array variable has a 9668 reference). (Dmitry) 9669- Fixed bug #34564 (COM extension not returning modified "out" argument) (Andy) 9670- Fixed bug #33734 (Something strange with COM Object). (Rob) 9671- Fixed bug #33386 (ScriptControl only sees last function of class). (Rob) 9672- Fixed bug #33282 (Re-assignment by reference does not clear the is_ref 9673 flag) (Ilia, Dmitry, Matt Wilmas) 9674- Fixed bug #30074 (apparent symbol table error with 9675 extract($blah, EXTR_REFS)) (Brian) 9676- Fixed bug #29840 (is_executable() does not honor safe_mode_exec_dir 9677 setting). (Ilia) 9678- Fixed PECL bug #7295 (ORA-01405: fetched column value is NULL on LOB 9679 fields). (Tony) 9680 968102 Nov 2006, PHP 5.2.0 9682- Updated bundled OpenSSL to version 0.9.8d in the Windows distro. (Edin) 9683- Updated Postgresql client libraries to 8.1.4 in the Windows distro. (Edin) 9684- Updated PCRE to version 6.7. (Ilia) 9685- Updated libsqlite in ext/pdo_sqlite to 3.3.7. (Ilia) 9686- Updated bundled MySQL client library to version 5.0.22 in the Windows 9687 distribution. (Edin) 9688- Updated timezonedb to version 2006.7. (Derick) 9689 9690- Added ability to make SOAP call userspace PHP<->XML converters. (Dmitry) 9691- Added support for character sets in pg_escape_string() for PostgreSQL 8.1.4 9692 and higher. (Ilia) 9693- Added support for character sets in PDO quote() method for PostgreSQL 8.1.4 9694 and higher. (Ilia) 9695- Added DSA key generation support to openssl_pkey_new(), FR #38731 (marci 9696 at balabit dot hu, Tony) 9697- Added SoapServer::setObject() method (it is a simplified version of 9698 SoapServer::setClass() method). (Dmitry) 9699- Added support for hexadecimal entity in imagettftext() for the bundled GD. 9700 (Pierre) 9701- Added support for httpOnly flag for session extension and cookie setting 9702 functions. (Scott MacVicar, Ilia) 9703- Added version specific registry keys to allow different configurations for 9704 different php version. (Richard, Dmitry) 9705- Added "PHPINIDir" Apache directive to apache and apache_hooks SAPIs. 9706 (Dmitry) 9707- Added an optional boolean parameter to memory_get_usage() and 9708 memory_get_peak_usage() to get memory size allocated by emalloc() or real 9709 size of memory allocated from system. (Dmitry) 9710- Added Zip Archive extension. (Pierre) 9711- Added RFC1867 fileupload processing hook. (Stefan E.) 9712- Added JSON and Filter extensions. (Derick, Rasmus) 9713- Added error messages to disk_free_space() and disk_total_space() functions. 9714 FR #37971 (Tony) 9715- Added PATHINFO_FILENAME option to pathinfo() to get the filename. 9716 (Toby S. and Christian S.) 9717- Added array_fill_keys() function. (Marcus, Matt Wilmas) 9718- Added posix_initgroups() function. (Ilia) 9719- Added an optional parameter to parse_url() to allow retrieval of distinct 9720 URL components. (Ilia) 9721- Added optional parameter to http_build_query() to allow specification of 9722 string separator. (Ilia) 9723- Added image_type_to_extension() function. (Hannes, Ilia) 9724- Added allow_url_include ini directive to complement allow_url_fopen. (Rasmus) 9725- Added automatic module globals management. (Dmitry) 9726- Added RFC2397 (data: stream) support. (Marcus) 9727- Added new error mode E_RECOVERABLE_ERROR. (Derick, Marcus, Tony) 9728- Added support for getenv() input filtering. (Rasmus) 9729- Added support for constructors in interfaces to force constructor signature 9730 checks in implementations. (Marcus) 9731- Added memory_get_peak_usage() function for retrieving peak memory usage of 9732 a PHP script. (Ilia) 9733- Added pg_field_table() function. (Edin) 9734- Added SimpleXMLElement::saveXML() as an alias for SimpleXMLElement::asXML(). 9735 (Hannes) 9736- Added DOMNode::getNodePath() for getting an XPath for a node. (Christian) 9737- Added gmp_nextprime() function. (ants dot aasma at gmail dot com, Tony) 9738- Added error_get_last() function. (Mike) 9739 9740- Removed current working directory from the php.ini search path for CLI and 9741 re-added it for other SAPIs (restore to pre 5.1.x behavior). (Edin) 9742- Moved extensions to PECL: 9743 . ext/filepro (Derick, Tony) 9744 . ext/hwapi (Derick, Tony) 9745- Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or 9746 safe_mode are enabled. (Stefan E., Ilia) 9747 9748- Increased default memory limit to 16 megabytes to accommodate for a more 9749 accurate memory utilization measurement. 9750- In addition to path to php.ini, PHPRC now may specify full file name. 9751 (Dmitry) 9752 9753- Optimized array/HashTable copying. (Matt Wilmas, Dmitry) 9754- Optimized zend_try/zend_catch macros by eliminating memcpy(3). (Dmitry) 9755- Optimized require_once() and include_once() by eliminating fopen(3) on 9756 second usage. (Dmitry) 9757- Optimized request shutdown sequence. Restoring ini directives now iterates 9758 only over modified directives instead of all. (Dmitry) 9759 9760- Changed priority of PHPRC environment variable on win32 to be higher then 9761 value from registry. (Dmitry) 9762- Changed __toString() to be called wherever applicable. (Marcus) 9763- Changed E_ALL error reporting mode to include E_RECOVERABLE_ERROR. (Marcus) 9764- Changed realpath cache to be disabled when "open_basedir" or "safe_mode" 9765 are enabled on per-request basis. (Ilia) 9766 9767- Improved SNMP extension: (Jani) 9768 . Renamed snmp_set_oid_numeric_print() to snmp_set_oid_output_format(). 9769 . Added 2 new constants: SNMP_OID_OUTPUT_FULL and SNMP_OID_OUTPUT_NUMERIC 9770 . Fixed bug #37564 (AES privacy encryption not possible due to net-snmp 5.2 9771 compatibility issue). (Patch: scott dot moynes+php at gmail dot com) 9772- Improved OpenSSL extension: (Pierre) 9773 . Added support for all supported algorithms in openssl_verify 9774 . Added openssl_pkey_get_details, returns the details of a key 9775 . Added x509 v3 extensions support 9776 . Added openssl_csr_get_subject() and openssl_csr_get_public_key() 9777 . Added 3 new constants OPENSSL_VERSION_TEXT and OPENSSL_VERSION_NUMBER and 9778 OPENSSL_KEYTYPE_EC 9779- Improved the Zend memory manager: (Dmitry) 9780 . Removed unnecessary "--disable-zend-memory-manager" configure option. 9781 . Added "--enable-malloc-mm" configure option which is enabled by default in 9782 debug builds to allow using internal and external memory debuggers. 9783 . Allow tweaking the memory manager with ZEND_MM_MEM_TYPE and ZEND_MM_SEG_SIZE 9784 environment variables. 9785 . For more information: Zend/README.ZEND_MM 9786- Improved safe_mode check for the error_log() function. (Ilia) 9787- Improved the error reporting in SOAP extension on request failure. (Ilia) 9788- Improved crypt() on win32 to be about 10 times faster and to have friendlier 9789 license. (Frank, Dmitry) 9790- Improved performance of the implode() function on associated arrays. (Ilia) 9791- Improved performance of str_replace() when doing 1 char to 1 char or 1 char 9792 to many chars replacement. (Ilia) 9793- Improved apache2filter SAPI: 9794 . Allowed PHP to be an arbitrary filter in the chain and read the script from 9795 the Apache stream. (John) 9796 . Added support for apache2filter in the Windows build including binary 9797 support for both Apache 2.0.x (php5apache2_filter.dll) and Apache 2.2.x 9798 (php5apache2_2_filter.dll). (Edin) 9799- Improved apache2handler SAPI: 9800 . Changed ap_set_content_type() to be called only once. (Mike) 9801 . Added support for Apache 2.2 handler in the Windows distribution. (Edin) 9802- Improved FastCGI SAPI: (Dmitry) 9803 . Removed source compatibility with libfcgi. 9804 . Optimized access to FastCGI environment variables by using HashTable 9805 instead of linear search. 9806 . Allowed PHP_FCGI_MAX_REQUESTS=0 that assumes no limit. 9807 . Allowed PHP_FCGI_CHILDREN=0 that assumes no worker children. (FastCGI 9808 requests are handled by main process itself) 9809- Improved CURL: 9810 . Added control character checks for "open_basedir" and "safe_mode" checks. 9811 (Ilia) 9812 . Added implementation of curl_multi_info_read(). (Brian) 9813- Improved PCRE: (Andrei) 9814 . Added run-time configurable backtracking/recursion limits. 9815 . Added preg_last_error(). (Andrei) 9816- Improved PDO: 9817 . Added new attribute ATTR_DEFAULT_FETCH_MODE. (Pierre) 9818 . Added FETCH_PROPS_LATE. (Marcus) 9819- Improved SPL: (Marcus) 9820 . Made most iterator code exception safe. 9821 . Added RegExIterator and RecursiveRegExIterator. 9822 . Added full caching support and ArrayAccess to CachingIterator. 9823 . Added array functions to ArrayObject/ArrayIterator and made them faster. 9824 . Added support for reading csv and skipping empty lines in SplFileObject. 9825 . Added CachingIterator::TOSTRING_USE_INNER, calls inner iterator __toString. 9826 . Added ability to set the CSV separator per SplFileObject. 9827- Improved xmlReader: (Rob) 9828 . Added readInnerXml(), xmlReader::setSchema(). 9829 . Added readInnerXML(), readOuterXML(), readString(), setSchema(). (2.6.20+) 9830 . Changed to passing libxml options when loading reader. 9831 9832- Fixed invalid read in imagecreatefrompng when an empty file is given 9833 (Pierre, Tony) 9834- Fixed infinite loop when a wrong color index is given to imagefill (Pierre) 9835- Fixed mess with CGI/CLI -d option (now it works with cgi; constants are 9836 working exactly like in php.ini; with FastCGI -d affects all requests). 9837 (Dmitry) 9838- Fixed missing open_basedir check inside chdir() function. (Ilia) 9839- Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.) 9840- Fixed XSLTProcessor::importStylesheet() to return TRUE on success 9841 (Christian) 9842- Fixed leaks in openssl_csr_sign and openssl_csr_new (Pierre) 9843- Fixed phpinfo() cutoff of variables at \0. (Ilia) 9844- Fixed a bug in the filter extension that prevented magic_quotes_gpc from 9845 being applied when RAW filter is used. (Ilia) 9846- Fixed memory leaks in openssl streams context options. (Pierre) 9847- Fixed handling of extremely long paths inside tempnam() function. (Ilia) 9848- Fixed bug #39721 (Runtime inheritance causes data corruption). (Dmitry) 9849- Fixed bug #39304 (Segmentation fault with list unpacking of string offset). 9850 (Dmitry) 9851- Fixed bug #39192 (Not including nsapi.h properly with SJSWS 7). This will 9852 make PHP 5.2 compatible to new Sun Webserver. (Uwe) 9853- Fixed bug #39140 (Uncaught exception may cause crash). (Dmitry) 9854- Fixed bug #39125 (Memleak when reflecting non-existing class/method). (Tony) 9855- Fixed bug #39067 (getDeclaringClass() and private properties). (Tony) 9856- Fixed bug #39039 (SSL: fatal protocol error when fetching HTTPS from servers 9857 running Google web server). (Ilia) 9858- Fixed bug #39035 (Compatibility issue between DOM and 9859 zend.ze1_compatibility_mode). (Rob) 9860- Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty 9861 files). (Ilia) 9862- Fixed bug #39032 (strcspn() stops on null character). (Tony) 9863- Fixed bug #39020 (PHP in FastCGI server mode crashes). (Dmitry) 9864- Fixed bug #39017 (foreach(($obj = new myClass) as $v); echo $obj; 9865 segfaults). (Dmitry) 9866- Fixed bug #39004 (Fixed generation of config.nice with autoconf 2.60). (Ilia) 9867- Fixed bug #39003 (__autoload() is called for type hinting). (Dmitry, Tony) 9868- Fixed bug #39001 (ReflectionProperty returns incorrect declaring class for 9869 protected properties). (Tony) 9870- Fixed bug #38996 (PDO_MYSQL doesn't check connections for liveness). (Tony) 9871- Fixed bug #38993 (Fixed safe_mode/open_basedir checks for session.save_path, 9872 allowing them to account for extra parameters). (Ilia) 9873- Fixed bug #38989 (Absolute path with slash at beginning doesn't work on win). 9874 (Dmitry) 9875- Fixed bug #38985 (Can't cast COM objects). (Wez) 9876- Fixed bug #38981 (using FTP URLs in get_headers() causes crash). (Tony) 9877- Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia) 9878- Fixed bug #38961 (metaphone() results in segmentation fault on NetBSD). 9879 (Tony) 9880- Fixed bug #38949 (Cannot get xmlns value attribute). (Rob) 9881- Fixed bug #38942 (Double old-style-ctor inheritance). (Dmitry) 9882- Fixed bug #38941 (imap extension does not compile against new version of the 9883 imap library). (Ilia) 9884- Fixed bug #38934 (move_uploaded_file() cannot read uploaded file outside of 9885 open_basedir). (Ilia) 9886- Fixed bug #38904 (apache2filter changes cwd to /). (Ilia, Hannes) 9887- Fixed bug #38891 (get_headers() do not work with curl-wrappers). (Ilia) 9888- Fixed bug #38882 (ldap_connect causes segfault with newer versions of 9889 OpenLDAP). (Tony) 9890- Fixed bug #38859 (parse_url() fails if passing '@' in passwd). (Tony) 9891- Fixed bug #38850 (lookupNamespaceURI doesn't return default namespace). (Rob) 9892- Fixed bug #38844 (curl_easy_strerror() is defined only since cURL 7.12.0). 9893 (Tony) 9894- Fixed bug #38813 (DOMEntityReference->__construct crashes when called 9895 explicitly). (Rob) 9896- Fixed bug #38808 ("maybe ref" issue for current() and others). (Dmitry) 9897- Fixed bug #38779 (engine crashes when require()'ing file with syntax error 9898 through userspace stream wrapper). (Tony, Dmitry) 9899- Fixed bug #38772 (inconsistent overriding of methods in different visibility 9900 contexts). (Dmitry) 9901- Fixed bug #38759 (PDO sqlite2 empty query causes segfault). (Tony) 9902- Fixed bug #38721 (Invalid memory read in date_parse()). (Tony, Derick) 9903- Fixed bug #38700 (SoapClient::__getTypes never returns). (Dmitry) 9904- Fixed bug #38693 (curl_multi_add_handle() set curl handle to null). (Ilia) 9905- Fixed bug #38687 (sockaddr local storage insufficient for all sock families). 9906 (Sara) 9907- Fixed bug #38661 (mixed-case URL breaks url-wrappers). (Ilia) 9908- Fixed bug #38653 (memory leak in ReflectionClass::getConstant()). (Tony) 9909- Fixed bug #38649 (uninit'd optional arg in stream_socket_sendto()). (Sara) 9910- Fixed bug #38637 (curl_copy_handle() fails to fully copy the cURL handle). 9911 (Tony, Ilia) 9912- Fixed bug #38624 (Strange warning when incrementing an object property and 9913 exception is thrown from __get method). (Tony) 9914- Fixed bug #38623 (leaks in a tricky code with switch() and exceptions). 9915 (Dmitry) 9916- Fixed bug #38579 (include_once() may include the same file twice). (Dmitry) 9917- Fixed bug #38574 (missing curl constants and improper constant detection). 9918 (Ilia) 9919- Fixed bug #38543 (shutdown_executor() may segfault when memory_limit is too 9920 low). (Dmitry) 9921- Fixed bug #38535 (memory corruption in pdo_pgsql driver on error retrieval 9922 inside a failed query executed via query() method). (Ilia) 9923- Fixed bug #38534 (segfault when calling setlocale() in userspace session 9924 handler). (Tony) 9925- Fixed bug #38524 (strptime() does not initialize the internal date storage 9926 structure). (Ilia) 9927- Fixed bug #38511, #38473, #38263 (Fixed session extension request shutdown 9928 order to ensure it is shutdown before the extensions it may depend on). 9929 (Ilia) 9930- Fixed bug #38488 (Access to "php://stdin" and family crashes PHP on win32). 9931 (Dmitry) 9932- Fixed bug #38474 (getAttribute select attribute by order, even when 9933 prefixed). (Rob) 9934- Fixed bug #38467 (--enable-versioning causes make fail on OS X). (Tony) 9935- Fixed bug #38465 (ReflectionParameter fails if default value is an access 9936 to self::). (Johannes) 9937- Fixed bug #38464 (array_count_values() mishandles numeric strings). 9938 (Matt Wilmas, Ilia) 9939- Fixed bug #38461 (setting private attribute with __set() produces 9940 segfault). (Tony) 9941- Fixed bug #38458, PECL bug #8944, PECL bug #7775 (error retrieving columns 9942 after long/text columns with PDO_ODBC). (Wez) 9943- Fixed bug #38454 (warning upon disabling handler via 9944 xml_set_element_handler). (dtorop933 at gmail dot com, Rob) 9945- Fixed bug #38451 (PDO_MYSQL doesn't compile on Solaris). (Tony) 9946- Fixed bug #38450 (constructor is not called for classes used in userspace 9947 stream wrappers). (Tony) 9948- Fixed bug #38438 (DOMNodeList->item(0) segfault on empty NodeList). (Ilia) 9949- Fixed bug #38431 (xmlrpc_get_type() crashes PHP on objects). (Tony) 9950- Fixed bug #38427 (unicode causes xml_parser to misbehave). (Rob) 9951- Fixed bug #38424 (Different attribute assignment if new or existing). (Rob) 9952- Fixed bug #38400 (Use of com.typelib_file may cause a crash). (Ilia) 9953- Fixed bug #38394 (PDO fails to recover from failed prepared statement 9954 execution). (Ilia) 9955- Fixed bug #38377 (session_destroy() gives warning after 9956 session_regenerate_id()). (Ilia) 9957- Implemented #38357 (dbase_open can't open DBase 3 dbf file). 9958 (rodrigo at fabricadeideias dot com, Mike) 9959- Fixed bug #38354 (Unwanted reformatting of XML when using AsXML). (Christian) 9960- Fixed bug #38347 (Segmentation fault when using foreach with an unknown/empty 9961 SimpleXMLElement). (Tony) 9962- Fixed bug #38322 (reading past array in sscanf() leads to arbitrary code 9963 execution). (Tony) 9964- Fixed bug #38315 (Constructing in the destructor causes weird behavior). 9965 (Dmitry) 9966- Fixed bug #38303 (spl_autoload_register() suppress all errors silently). 9967 (Ilia) 9968- Fixed bug #38290 (configure script ignores --without-cdb,inifile,flatfile). 9969 (Marcus) 9970- Fixed bug #38289 (segfault in session_decode() when _SESSION is NULL). 9971 (Tony) 9972- Fixed bug #38287 (static variables mess up global vars). (Dmitry) 9973- Fixed bug #38278 (session_cache_expire()'s value does not match phpinfo's 9974 session.cache_expire). (Tony) 9975- Fixed bug #38276 (file_exists() works incorrectly with long filenames 9976 on Windows). (Ilia, Tony) 9977- Fixed bug #38269 (fopen wrapper doesn't fail on invalid hostname with 9978 curlwrappers enabled). (Tony) 9979- Fixed bug #38265 (heap corruption). (Dmitry) 9980- Fixed bug #38261 (openssl_x509_parse() leaks with invalid cert) (Pierre) 9981- Fixed bug #38255 (openssl possible leaks while passing keys) (Pierre) 9982- Fixed bug #38253 (PDO produces segfault with default fetch mode). (Tony) 9983- Fixed bug #38251 (socket_select() and invalid arguments). (Tony) 9984- Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST). 9985 (Ilia) 9986- Fixed bug #38234 (Exception in __clone makes memory leak). (Dmitry, Nuno) 9987- Fixed bug #38229 (strtotime() does not parse YYYY-MM format). (Ilia) 9988- Fixed bug #38224 (session extension can't handle broken cookies). (Ilia) 9989- Fixed bug #38220 (Crash on some object operations). (Dmitry) 9990- Fixed bug #38217 (ReflectionClass::newInstanceArgs() tries to allocate too 9991 much memory). (Tony) 9992- Fixed bug #38214 (gif interlace output cannot work). (Pierre) 9993- Fixed bug #38213, #37611, #37571 (wddx encoding fails to handle certain 9994 characters). (Ilia) 9995- Fixed bug #38212 (Segfault on invalid imagecreatefromgd2part() parameters). 9996 (Pierre) 9997- Fixed bug #38211 (variable name and cookie name match breaks script 9998 execution). (Dmitry) 9999- Fixed bug #38199 (fclose() unable to close STDOUT and STDERR). (Tony) 10000- Fixed bug #38198 (possible crash when COM reports an exception). (Ilia) 10001- Fixed bug #38194 (ReflectionClass::isSubclassOf() returns TRUE for the 10002 class itself). (Ilia) 10003- Fixed bug #38183 (disable_classes=Foobar causes disabled class to be 10004 called Foo). (Jani) 10005- Fixed bug #38179 (imagecopy from a palette to a truecolor image loose alpha 10006 channel) (Pierre) 10007- Fixed bug #38173 (Freeing nested cursors causes OCI8 to segfault). (Tony) 10008- Fixed bug #38168 (Crash in pdo_pgsql on missing bound parameters). (Ilia) 10009- Fixed bug #38161 (oci_bind_by_name() returns garbage when Oracle didn't set 10010 the variable). (Tony) 10011- Fixed bug #38146 (Cannot use array returned from foo::__get('bar') in write 10012 context). (Dmitry) 10013- Fixed bug #38132 (ReflectionClass::getStaticProperties() retains \0 in key 10014 names). (Ilia) 10015- Fixed bug #38125 (undefined reference to spl_dual_it_free_storage). (Marcus) 10016- Fixed bug #38112 (corrupted gif segfaults) (Pierre) 10017- Fixed bug #38096 (large timeout values ignored on 32bit machines in 10018 stream_socket_accept() and stream_socket_client()). (Ilia) 10019- Fixed bug #38086 (stream_copy_to_stream() returns 0 when maxlen is bigger 10020 than the actual length). (Tony) 10021- Fixed bug #38072 (boolean arg for mysqli_autocommit() is always true on 10022 Solaris). (Tony) 10023- Fixed bug #38067 (Parameters are not decoded from utf-8 when using encoding 10024 option). (Dmitry) 10025- Fixed bug #38064 (ignored constructor visibility). (Marcus) 10026- Fixed bug #38055 (Wrong interpretation of boolean parameters). (Dmitry) 10027- Fixed bug #38047 ("file" and "line" sometimes not set in backtrace from 10028 inside error handler). (Dmitry) 10029- Fixed bug #38019 (segfault extending mysqli class). (Dmitry) 10030- Fixed bug #38005 (SoapFault faultstring doesn't follow encoding rules). 10031 (Dmitry) 10032- Fixed bug #38004 (Parameters in SoapServer are decoded twice). (Dmitry) 10033- Fixed bug #38003 (in classes inherited from MySQLi it's possible to call 10034 private constructors from invalid context). (Tony) 10035- Fixed bug #37987 (invalid return of file_exists() in safe mode). (Ilia) 10036- Fixed bug #37947 (zend_ptr_stack reallocation problem). (Dmitry) 10037- Fixed bug #37945 (pathinfo() cannot handle argument with special characters 10038 like German "Umlaut"). (Mike) 10039- Fixed bug #37931 (possible crash in OCI8 after database restart 10040 when using persistent connections). (Tony) 10041- Fixed bug #37923 (Display constant value in reflection::export). (Johannes) 10042- Fixed bug #37920 (compilation problems on z/OS). (Tony) 10043- Fixed bug #37870 (pgo_pgsql tries to de-allocate unused statements). 10044 (Ilia, ce at netage dot bg) 10045- Fixed bug #37864 (file_get_contents() leaks on empty file). (Hannes) 10046- Fixed bug #37862 (Integer pointer comparison to numeric value). 10047 (bugs-php at thewrittenword dot com) 10048- Fixed bug #37846 (wordwrap() wraps incorrectly). (ddk at krasn dot ru, Tony) 10049- Fixed bug #37816 (ReflectionProperty does not throw exception when accessing 10050 protected attribute). (Marcus) 10051- Fixed bug #37811 (define not using toString on objects). (Marcus) 10052- Fixed bug #37807 (segmentation fault during SOAP schema import). (Tony) 10053- Fixed bug #37806 (weird behavior of object type and comparison). (Marcus) 10054- Fixed bug #37780 (memory leak trying to execute a non existing file (CLI)). 10055 (Mike) 10056- Fixed bug #37779 (empty include_path leads to search for files inside /). 10057 (jr at terragate dot net, Ilia) 10058- Fixed bug #37747 (strtotime segfaults when given "nextyear"). (Derick) 10059- Fixed bug #37720 (merge_php_config scrambles values). 10060 (Mike, pumuckel at metropolis dot de) 10061- Fixed bug #37709 (Possible crash in PDO::errorCode()). (Ilia) 10062- Fixed bug #37707 (clone without assigning leaks memory). (Ilia, Nuno, Dmitri) 10063- Fixed bug #37705 (Semaphore constants not available). (Ilia) 10064- Fixed bug #37671 (MySQLi extension fails to recognize BIT column). (Ilia) 10065- Fixed bug #37667 (Object is not added into array returned by __get). (Marcus) 10066- Fixed bug #37635 (parameter of pcntl signal handler is trashed). (Mike) 10067- Fixed bug #37632 (Protected method access problem). (Marcus) 10068- Fixed bug #37630 (MySQL extensions should link against thread safe client 10069 libs if built with ZTS). (Mike) 10070- Fixed bug #37620 (mysqli_ssl_set validation is inappropriate). (Georg) 10071- Fixed bug #37616 (DATE_RFC822 does not product RFC 822 dates). 10072 (Hannes Magnusson, Derick) 10073- Fixed bug #37614 (Class name lowercased in error message). (Johannes) 10074- Fixed bug #37587 (var without attribute causes segfault). (Marcus) 10075- Fixed bug #37586 (Bumped minimum PCRE version to 6.6, needed for recursion 10076 limit support). (Ilia) 10077- Fixed bug #37581 (oci_bind_array_by_name clobbers input array when using 10078 SQLT_AFC, AVC). (Tony) 10079- Fixed bug #37569 (WDDX incorrectly encodes high-ascii characters). (Ilia) 10080- Fixed bug #37565 (Using reflection::export with simplexml causing a crash). 10081 (Marcus) 10082- Fixed bug #37564 (AES privacy encryption not possible due to net-snmp 5.2 10083 compatibility issue). (Jani, patch by scott dot moynes+php at gmail dot com) 10084- Fixed bug #37563 (array_key_exists performance is poor for &$array). (Ilia) 10085- Fixed bug #37558 (timeout functionality doesn't work after a second PHP 10086 start-up on the same thread). (p dot desarnaud at wanadoo dot fr) 10087- Fixed bug #37531 (oci8 persistent connection corruption). (Tony) 10088- Fixed bug #37523 (namespaces added too late, leads to missing xsi:type 10089 attributes. Incompatibility with libxml2-2.6.24). (Dmitry) 10090- Fixed bug #37514 (strtotime doesn't assume year correctly). (Derick) 10091- Fixed bug #37510 (session_regenerate_id changes session_id() even on 10092 failure). (Hannes) 10093- Fixed bug #37505 (touch() truncates large files). (Ilia) 10094- Fixed bug #37499 (CLI segmentation faults during cleanup with sybase-ct 10095 extension enabled). (Tony) 10096- Fixed bug #37496 (FastCGI output buffer overrun). (Piotr, Dmitry) 10097- Fixed bug #37487 (oci_fetch_array() array-type should always default to 10098 OCI_BOTH). (Tony) 10099- Fixed bug #37457 (Crash when an exception is thrown in accept() method of 10100 FilterIterator). (Marcus) 10101- Fixed bug #37456 (DOMElement->setAttribute() loops forever). (Rob) 10102- Fixed bug #37445 (Fixed crash in pdo_mysql resulting from premature object 10103 destruction). (Ilia) 10104- Fixed bug #37428 (PHP crashes on windows if there are start-up errors and 10105 event log is used for logging them). (Edin) 10106- Fixed bug #37418 (tidy module crashes on shutdown). (Tony) 10107- Fixed bug #37416 (iterator_to_array() hides exceptions thrown in rewind() 10108 method). (Tony) 10109- Fixed bug #37413 (Rejected versions of flex that don't work). (Ilia) 10110- Fixed bug #37395 (recursive mkdir() fails to create nonexistent directories 10111 in root dir). (Tony) 10112- Fixed bug #37394 (substr_compare() returns an error when offset equals 10113 string length). (Ilia) 10114- Fixed bug #37392 (Unnecessary call to OCITransRollback() at the end of 10115 request). (Tony) 10116- Fixed bug #37376 (fastcgi.c compile fail with gcc 2.95.4). (Ilia) 10117- Fixed bug #37368 (Incorrect timestamp returned for strtotime()). (Derick) 10118- Fixed bug #37363 (PDO_MYSQL does not build if no other mysql extension is 10119 enabled). (Mike) 10120- Fixed bug #37348 (make PEAR install ignore open_basedir). (Ilia) 10121- Fixed bug #37341 ($_SERVER in included file is shortened to two entries, 10122 if $_ENV gets used). (Dmitry) 10123- Fixed bug #37313 (sigemptyset() used without including <signal.h>). 10124 (jdolecek) 10125- Fixed bug #37306 (max_execution_time = max_input_time). (Dmitry) 10126- Fixed bug #37278 (SOAP not respecting uri in __soapCall). (Dmitry) 10127- Fixed bug #37265 (Added missing safe_mode & open_basedir checks to 10128 imap_body()). (Ilia) 10129- Fixed bug #37262 (var_export() does not escape \0 character). (Ilia) 10130- Fixed bug #37256 (php-fastcgi doesn't handle connection abort). (Dmitry) 10131- Fixed bug #37244 (Added strict flag to base64_decode() that enforces 10132 RFC3548 compliance). (Ilia) 10133- Fixed bug #37144 (PHP crashes trying to assign into property of dead object). 10134 (Dmitry) 10135- Fixed bug #36949 (invalid internal mysqli objects dtor). (Mike) 10136- Implement #36732 (req/x509 extensions support for openssl_csr_new and 10137 openssl_csr_sign) (ben at psc dot edu, Pierre) 10138- Fixed bug #36759 (Objects destructors are invoked in wrong order when script 10139 is finished). (Dmitry) 10140- Fixed bug #36681 (pdo_pgsql driver incorrectly ignored some errors). 10141 (Wez, Ilia) 10142- Fixed bug #36630 (umask not reset at the end of the request). (Ilia) 10143- Fixed bug #36515 (Unlinking buckets from non-existent brigades). (Sara) 10144- Fixed bug #35973 (Error ORA-24806 occurs when trying to fetch a NCLOB 10145 field). (Tony) 10146- Fixed bug #35886 (file_get_contents() fails with some combinations of 10147 offset & maxlen). (Nuno) 10148- Fixed bug #35512 (Lack of read permission on main script results in 10149 E_WARNING rather then E_ERROR). (Ilia) 10150- Fixed bug #34180 (--with-curlwrappers causes PHP to disregard some HTTP 10151 stream context options). (Mike) 10152- Fixed bug #34066 (recursive array_walk causes segfault). (Tony) 10153- Fixed bug #34065 (throw in foreach causes memory leaks). (Dmitry) 10154- Fixed bug #34005 (oci_password_change() fails). 10155 (pholdaway at technocom-wireless dot com, Tony) 10156- Fixed bug #33895 (Missing math constants). (Hannes) 10157- Fixed bug #33770 (https:// or ftps:// do not work when --with-curlwrappers 10158 is used and ssl certificate is not verifiable). (Ilia) 10159- Fixed bug #29538 (number_format and problem with 0). (Matt Wilmas) 10160- Implement #28382 (openssl_x509_parse() extensions support) (Pierre) 10161- Fixed PECL bug #9061 (oci8 might reuse wrong persistent connection). (Tony) 10162- Fixed PECL bug #8816 (issue in php_oci_statement_fetch with more than one 10163 piecewise column) (jeff at badtz-maru dot com, Tony) 10164- Fixed PECL bug #8112 (OCI8 persistent connections misbehave when Apache 10165 process times out). (Tony) 10166- Fixed PECL bug #7755 (error selecting DOUBLE fields with PDO_ODBC). 10167 ("slaws", Wez) 10168 10169 1017004 May 2006, PHP 5.1.4 10171- Added "capture_peer_cert" and "capture_peer_cert_chain" context options 10172 for SSL streams. (Wez). 10173- Added PDO::PARAM_EVT_* family of constants. (Sara) 10174- Fixed possible crash in highlight_string(). (Dmitry) 10175- Fixed bug #37291 (FastCGI no longer works with isapi_fcgi.dll). (Dmitry) 10176- Fixed bug #37277 (cloning Dom Documents or Nodes does not work). (Rob) 10177- Fixed bug #37276 (problems with $_POST array). (Dmitry) 10178- Fixed bug #36632 (bad error reporting for pdo_odbc exec UPDATE). (Wez). 10179- Fixed bug #35552 (crash when pdo_odbc prepare fails). (Wez). 10180 1018128 Apr 2006, PHP 5.1.3 10182- Updated bundled PCRE library to version 6.6. (Andrei) 10183- Moved extensions to PECL: 10184 . ext/msession (Derick) 10185- Reimplemented FastCGI interface. (Dmitry) 10186- Improved SPL: (Marcus) 10187 - Fixed issues with not/double calling of constructors of SPL iterators. 10188 - Fixed issues with info-class/file-class in SPL directory handling classes. 10189 - Fixed ArrayIterator::seek(). 10190 - Added SimpleXMLIterator::count(). 10191 - Dropped erroneous RecursiveDirectoryIterator::getSubPathInfo(). 10192- Improved SimpleXML: (Marcus, Rob) 10193 . Added SimpleXMLElement::getName() to retrieve name of element. 10194 . Added ability to create elements on the fly. 10195 . Added addChild() method for element creation supporting namespaces. 10196 . Added addAttribute() method for attribute creation supporting namespaces. 10197 . Added ability to delete specific elements and attributes by offset. 10198- Improved Reflection API: (Marcus) 10199 . Added ReflectionClass::newInstanceArgs($args). 10200 . Added ability to analyze extension dependency. 10201 . Added ReflectionFunction::isDeprecated() and constant IS_DEPRECATED. 10202 . Added ReflectionParameter::getDeclaringClass(). 10203 . Changed reflection constants to be prefixed with IS_. (Johannes) 10204- Improved cURL extension: (Ilia) 10205 . Added curl_setopt_array() function that allows setting of multiple 10206 options via an associated array. 10207 . Added the ability to retrieve the request message sent to the server. 10208- Improved GD extension: (Pierre) 10209 . Added a weak/tolerant mode to the JPEG loader. 10210 . Added filtering mode option to imagepng() to allow reducing file size. 10211 . Fixed imagecolorallocate() and imagecolorallocatelapha() to return FALSE 10212 on error. 10213- Changed get_headers() to retrieve headers also from non-200 responses. 10214 (Ilia) 10215- Changed get_headers() to use the default context. (Ilia) 10216- Added lchown() and lchgrp() to change user/group ownership of symlinks. 10217 (Derick) 10218- Added support for exif date format in strtotime(). (Derick) 10219- Added a check for special characters in the session name. (Ilia) 10220- Added "consumed" stream filter. (Marcus) 10221- Added new mysqli constants for BIT and NEW_DECIMAL field types: 10222 MYSQLI_TYPE_NEWDECIMAL and MYSQLI_TYPE_BIT. FR #36007. (Georg) 10223- Added imap_savebody() that allows message body to be written to a 10224 file. (Mike) 10225- Added overflow checks to wordwrap() function. (Ilia) 10226- Added support for BINARY_DOUBLE and BINARY_FLOAT to PDO_OCI and OCI8 10227 (also fixes bug #36764). (Tony) 10228- Eliminated run-time constant fetching for TRUE, FALSE and NULL. (Dmitry) 10229- Removed the E_STRICT deprecation notice from "var". (Ilia) 10230- Fixed reading stream filters never notified about EOF. (Mike) 10231- Fixed tempnam() 2nd parameter to be checked against path components. (Ilia) 10232- Fixed a bug that would not fill in the fifth argument to preg_replace() 10233 properly, if the variable was not declared previously. (Andrei) 10234- Fixed safe_mode check for source argument of the copy() function. (Ilia) 10235- Fixed mysqli bigint conversion under Windows (Georg) 10236- Fixed XSS inside phpinfo() with long inputs. (Ilia) 10237- Fixed Apache2 SAPIs header handler modifying header strings. (Mike) 10238- Fixed 'auto_globals_jit' to work together with 'register_argc_argv'. (Dmitry) 10239- Fixed offset/length parameter validation in substr_compare() function. (Ilia) 10240- Fixed debug_zval_dump() to support private and protected members. (Dmitry) 10241- Fixed SoapFault::getMessage(). (Dmitry) 10242- Fixed issue with iconv_mime_decode where the "encoding" would only allow 10243 upper case specifiers. (Derick) 10244- Fixed tiger hash algorithm generating wrong results on big endian platforms. 10245 (Mike) 10246- Fixed crash with DOMImplementation::createDocumentType("name:"). (Mike) 10247- Fixed bug #37205 (Serving binary content/images fails with "comm with server 10248 aborted" FastCGI err). (Dmitry) 10249- Fixed bug #37192 (cc may complain about non-constant initializers in 10250 hash_adler.c). (Mike) 10251- Fixed bug #37191 (chmod takes off sticky bit when safe_mode is On). (Tony) 10252- Fixed bug #37167 (PDO segfaults when throwing exception from the 10253 fetch handler). (Tony) 10254- Fixed bug #37162 (wddx does not build as a shared extension). 10255 (jdolecek at NetBSD dot org, Ilia) 10256- Fixed bug #37158 (fread behavior changes after calling 10257 stream_wrapper_register). (Wez) 10258- Fixed bug #37138 (__autoload tries to load callback'ed self and parent). 10259 (Dmitry) 10260- Fixed bug #37103 (libmbfl headers not installed). (Jani) 10261- Fixed bug #37062 (compile failure on ARM architecture). (Tony) 10262- Fixed bug #37061 (curl_exec() doesn't zero-terminate binary strings). (Tony) 10263- Fixed bug #37060 (Type of retval of Countable::count() is not checked). 10264 (Johannes) 10265- Fixed bug #37059 (oci_bind_by_name() doesn't support RAW and LONG RAW 10266 fields). (Tony) 10267- Fixed bug #37057 (xmlrpc_decode() may produce arrays with numeric strings, 10268 which are unaccessible). (Tony) 10269- Fixed bug #37055 (incorrect reference counting for persistent OCI8 10270 connections). (Tony) 10271- Fixed bug #37054 (SoapClient Error Fetching http headers). (Dmitry) 10272- Fixed bug #37053 (html_errors with internal classes produces wrong links). 10273 (Tony) 10274- Fixed bug #37046 (foreach breaks static scope). (Dmitry) 10275- Fixed bug #37045 (Fixed check for special chars for http redirects). (Ilia) 10276- Fixed bug #37017 (strtotime fails before 13:00:00 with some time zones 10277 identifiers). (Derick) 10278- Fixed bug #37002 (Have to quote literals in INI when concatenating with 10279 vars). (Dmitry)z 10280- Fixed bug #36988 (mktime freezes on long numbers). (Derick) 10281- Fixed bug #36981 (SplFileObject->fgets() ignores max_length). (Tony) 10282- Fixed bug #36957 (serialize() does not handle recursion). (Ilia) 10283- Fixed bug #36944 (strncmp & strncasecmp do not return false on negative 10284 string length). (Tony) 10285- Fixed bug #36941 (ArrayIterator does not clone itself). (Marcus) 10286- Fixed bug #36934 (OCILob->read() doesn't move internal pointer when 10287 reading 0's). (Tony) 10288- Fixed bug #36908 (wsdl default value overrides value in soap request). 10289 (Dmitry) 10290- Fixed bug #36898 (__set() leaks in classes extending internal ones). 10291 (Tony, Dmitry) 10292- Fixed bug #36886 (User filters can leak buckets in some situations). (Ilia) 10293- Fixed bug #36878 (error messages are printed even though an exception has 10294 been thrown). (Tony) 10295- Fixed bug #36875 (is_*() functions do not account for open_basedir). (Ilia) 10296- Fixed bug #36872 (session_destroy() fails after call to 10297 session_regenerate_id(true)). (Ilia) 10298- Fixed bug #36869 (memory leak in output buffering when using chunked 10299 output). (Tony) 10300- Fixed bug #36859 (DOMElement crashes when calling __construct when 10301 cloning). (Tony) 10302- Fixed bug #36857 (Added support for partial content fetching to the 10303 HTTP streams wrapper). (Ilia) 10304- Fixed bug #36851 (Documentation and code discrepancies for NULL 10305 data in oci_fetch_*() functions). (Tony) 10306- Fixed bug #36825 (Exceptions thrown in ArrayObject::offsetGet cause 10307 segfault). (Tony) 10308- Fixed bug #36820 (Privileged connection with an Oracle password file 10309 fails). (Tony) 10310- Fixed bug #36809 (__FILE__ behavior changed). (Dmitry) 10311- Fixed bug #36808 (syslog ident becomes garbage between requests). (Tony) 10312- Fixed bug #36802 (mysqli_set_charset() crash with a non-open connection). 10313 (Ilia) 10314- Fixed bug #36756 (DOMDocument::removeChild corrupts node). (Rob) 10315- Fixed bug #36749 (SOAP: 'Error Fetching http body' when using HTTP Proxy). 10316 (Dmitry) 10317- Fixed bug #36745 (No error message when load data local file isn't found). 10318 (Georg) 10319- Fixed bug #36743 (In a class extending XMLReader array properties are not 10320 writable). (Tony) 10321- Fixed bug #36727 (segfault in pdo_pgsql bindValue() when no parameters are 10322 defined). (Tony) 10323- Fixed bug #36721 (The SoapServer is not able to send a header that it didn't 10324 receive). (Dmitry) 10325- Fixed bug #36697 (Transparency is lost when using imagecreatetruecolor). 10326 (Pierre) 10327- Fixed bug #36689 (Removed arbitrary limit on the length of syslog messages). 10328 (Ilia) 10329- Fixed bug #36656 (http_build_query generates invalid URIs due to use of 10330 square brackets). (Mike) 10331- Fixed bug #36638 (strtotime() returns false when 2nd argument < 1). (Derick) 10332- Fixed bug #36629 (SoapServer::handle() exits on SOAP faults). (Dmitry) 10333- Fixed bug #36625 (pg_trace() does not work). (iakio at mono-space dot net) 10334- Fixed bug #36614 (Segfault when using Soap). (Dmitry) 10335- Fixed bug #36611 (assignment to SimpleXML object attribute changes argument 10336 type to string). (Tony) 10337- Fixed bug #36606 (pg_query_params() changes arguments type to string). (Tony) 10338- Fixed bug #36599 (DATE_W3C format constant incorrect). (Derick) 10339- Fixed bug #36575 (SOAP: Incorrect complex type instantiation with 10340 hierarchies). (Dmitry) 10341- Fixed bug #36572 (Added PDO::MYSQL_ATTR_DIRECT_QUERY constant that should 10342 be set when executing internal queries like "show master status" via MySQL). 10343 (Ilia) 10344- Fixed bug #36568 (memory_limit setting on win32 has no effect). (Dmitry) 10345- Fixed bug #36513 (comment will be outputted in last line). (Dmitry) 10346- Fixed bug #36510 (strtotime() fails to parse date strings with tabs). 10347 (Ilia, Derick) 10348- Fixed bug #36459 (Incorrect adding PHPSESSID to links, which contains \r\n). 10349 (Ilia) 10350- Fixed bug #36458 (sleep() accepts negative values). (Ilia) 10351- Fixed bug #36436 (DBA problem with Berkeley DB4). (Marcus) 10352- Fixed bug #36434 (Improper resolution of declaring class name of an 10353 inherited property). (Ilia) 10354- Fixed bug #36420 (segfault when access result->num_rows after calling 10355 result->close()). (Ilia,Tony) 10356- Fixed bug #36403 (oci_execute() no longer supports OCI_DESCRIBE_ONLY). (Tony) 10357- Fixed bug #36400 (Custom 5xx error does not return correct HTTP response error 10358 code). (Tony) 10359- Fixed bug #36396 (strtotime() fails to parse dates in dd-mm-yyyy format). 10360 (Derick) 10361- Fixed bug #36388 (ext/soap crashes when throwing exception and session 10362 persistence). (David) 10363- Fixed bug #36382 (PDO/PgSQL's getColumnMeta() crashes). (Derick) 10364- Fixed bug #36359 (splFileObject::fwrite() doesn't write when no data 10365 length specified). (Tony) 10366- Fixed bug #36351 (parse_url() does not parse numeric paths properly). (Ilia) 10367- Fixed bug #36345 (PDO/MySQL problem loading BLOB over 1MB). (Ilia) 10368- Fixed bug #36337 (ReflectionProperty fails to return correct visibility). 10369 (Ilia) 10370- Fixed bug #36334 (Added missing documentation about realpath cache INI 10371 settings). (Ilia) 10372- Fixed bug #36308 (ReflectionProperty::getDocComment() does not reflect 10373 extended class commentary). (Ilia) 10374- Fixed bug #36306 (crc32() differ on 32-bit and 64-bit platforms) 10375 (anight@eyelinkmedia dot com, Pierre) 10376- Fixed bug #36303 (foreach on error_zval produces segfault). (Dmitry) 10377- Fixed bug #36295 (typo in SplFileObject::flock() parameter name). (Tony) 10378- Fixed bug #36287 (Segfault with SplFileInfo conversion). (Marcus) 10379- Fixed bug #36283 (SOAPClient Compression Broken). (Dmitry) 10380- Fixed bug #36268 (Object destructors called even after fatal errors). (Dmitry) 10381- Fixed bug #36258 (SplFileObject::getPath() may lead to segfault). (Tony) 10382- Fixed bug #36250 (PHP causes ORA-07445 core dump in Oracle server 9.2.x). 10383 (Tony) 10384- Fixed bug #36242 (Possible memory corruption in stream_select()). (Tony) 10385- Fixed bug #36235 (ocicolumnname returns false before a successful fetch). 10386 (Tony) 10387- Fixed bug #36226 (Inconsistent handling when passing potential arrays). 10388 (Dmitry) 10389- Fixed bug #36224 (date(DATE_ATOM) gives wrong results). 10390 (Derick, Hannes Magnusson) 10391- Fixed bug #36222 (errorInfo in PDOException is always NULL). (Ilia) 10392- Fixed bug #36208 (symbol namespace conflicts using bundled gd). (Jakub Moc) 10393- Fixed bug #36205 (Memory leaks on duplicate cookies). (Dmitry) 10394- Fixed bug #36185 (str_rot13() crash on non-string parameter). (Pierre) 10395- Fixed bug #36176 (PDO_PGSQL - PDO::exec() does not return number of rows 10396 affected by the operation). (Ilia) 10397- Fixed bug #36158 (SIGTERM is not handled correctly when running as a 10398 FastCGI server). (Dmitry) 10399- Fixed bug #36152 (problems with curl+ssl and pgsql+ssl in same PHP). (Mike) 10400- Fixed bug #36148 (unpack("H*hex", $data) is adding an extra character to 10401 the end of the string). (Ilia) 10402- Fixed bug #36134 (DirectoryIterator constructor failed to detect empty 10403 directory names). (Ilia) 10404- Fixed bug #36113 (Reading records of unsupported type causes segfault). 10405 (Tony) 10406- Fixed bug #36096 (oci_result() returns garbage after oci_fetch() failed). 10407 (Tony) 10408- Fixed bug #36083 (SoapClient waits for responses on one-way operations). 10409 (Dmitry) 10410- Fixed bug #36071 (Engine Crash related with 'clone'). (Dmitry) 10411- Fixed bug #36055 (possible OCI8 crash in multi-threaded environment). (Tony) 10412- Fixed bug #36046 (parse_ini_file() miscounts lines in multi-line values). 10413 (Ilia) 10414- Fixed bug #36038 (ext/hash compile failure on Mac OSX). (Tony) 10415- Fixed bug #36037 (heredoc adds extra line number). (Dmitry) 10416- Fixed bug #36016 (realpath cache memleaks). (Dmitry, Nuno) 10417- Fixed bug #36011 (Strict errormsg wrong for call_user_func() and the likes). 10418 (Marcus) 10419- Fixed bug #36010 (Segfault when re-creating and re-executing statements with 10420 bound parameters). (Tony) 10421- Fixed bug #36006 (Problem with $this in __destruct()). (Dmitry) 10422- Fixed bug #35999 (recursive mkdir() does not work with relative path 10423 like "foo/bar"). (Tony) 10424- Fixed bug #35998 (SplFileInfo::getPathname() returns unix style filenames 10425 in win32). (Marcus) 10426- Fixed bug #35988 (Unknown persistent list entry type in module shutdown). 10427 (Dmitry) 10428- Fixed bug #35954 (Fatal com_exception casting object). (Rob) 10429- Fixed bug #35900 (stream_select() should warning when tv_sec is negative). 10430 (Ilia) 10431- Fixed bug #35785 (SimpleXML causes memory read error zend engine). (Marcus) 10432- Fixed bug #34272 (empty array onto COM object blows up). (Rob) 10433- Fixed bug #33292 (apache_get_modules() crashes on Windows). (Edin) 10434- Fixed bug #29476 (sqlite_fetch_column_types() locks the database forever). 10435 (Ilia) 10436 1043712 Jan 2006, PHP 5.1.2 10438- Updated libsqlite in ext/sqlite to 2.8.17. (Ilia) 10439- Updated libsqlite in ext/pdo_sqlite to 3.2.8. (Ilia) 10440- Updated to libxml2-2.6.22 and libxslt-1.1.15 in the win32 bundle. (Rob) 10441- Added new extensions: (Ilia, Wez) 10442 . XMLWriter 10443 . Hash 10444- Added PNG compression support to GD extension. (Pierre) 10445- Added reflection constants as class constants. (Johannes) 10446- Added --enable-gcov configure option to enable C-level code coverage. 10447 (John, Jani, Ilia, Marcus) 10448- Added missing support for 'B' format identifier to date() function. (Ilia) 10449- Changed reflection to be an extension. (Marcus) 10450- Improved SPL extension: (Marcus) 10451 . Added class SplFileInfo as root class for DirectoryIterator and 10452 SplFileObject 10453 . Added SplTempFileObject 10454- Improved SimpleXML extension: (Marcus) 10455 . Fixed memleaks 10456 . Fixed var_dump() 10457 . Fixed isset/empty/(bool) behavior 10458 . Fixed iterator edge cases 10459 . Added methods getNamespaces(), getDocNamespaces() 10460- Upgraded pear to version 1.4.6. (Greg) 10461- Added constants for libxslt and libexslt versions: LIBXSLT_VERSION, 10462 LIBXSLT_DOTTED_VERSION, LIBEXSLT_VERSION and LIBEXSLT_DOTTED_VERSION. (Pierre) 10463- Fixed possible crash in apache_getenv()/apache_setenv() on invalid parameters. 10464 (Ilia) 10465- Changed errors to warnings in imagecolormatch(). (Pierre) 10466- Fixed segfault/leak in imagecolormatch(). (Pierre) 10467- Fixed small leak in mysqli_stmt_fetch() when bound variable was empty string. 10468 (Andrey) 10469- Fixed prepared statement name conflict handling in PDO_PGSQL. (Thies, Ilia) 10470- Fixed memory corruption when PDO::FETCH_LAZY mode is being used. (Ilia) 10471- Fixed possible leaks in imagecreatefromstring() with invalid data. (Pierre) 10472- Fixed possible memory corruption inside mb_strcut(). (Ilia) 10473- Fixed possible header injection by limiting each header to a single line. 10474 (Ilia) 10475- Fixed possible XSS inside error reporting functionality. (Ilia) 10476- Fixed many bugs in OCI8. (Tony) 10477- Fixed crash and leak in mysqli when using 4.1.x client libraries and 10478 connecting to 5.x server. (Andrey) 10479- Fixed bug #35916 (Duplicate calls to stream_bucket_append() lead to a crash). 10480 (Ilia) 10481- Fixed bug #35908 (curl extension uses undefined GCRY_THREAD_OPTIONS_USER). 10482 (Ilia) 10483- Fixed bug #35907 (PDO_OCI uses hardcoded lib path $ORACLE_HOME/lib). (Tony) 10484- Fixed bug #35887 (wddx_deserialize not parsing dateTime fields properly). 10485 (Derick) 10486- Fixed bug #35885 (strtotime("NOW") no longer works). (Derick) 10487- Fixed bug #35821 (array_map() segfaults when exception is throwed from 10488 the callback). (Tony) 10489- Fixed bug #35817 (unpack() does not decode odd number of hexadecimal values). 10490 (Ilia) 10491- Fixed bug #35797 (segfault on PDOStatement::execute() with 10492 zend.ze1_compatibility_mode = On). (Tony, Ilia) 10493- Fixed bug #35781 (stream_filter_append() can cause segfault). (Tony) 10494- Fixed bug #35760 (sybase_ct doesn't compile on Solaris using old gcc). (Tony) 10495- Fixed bug #35759 (mysqli_stmt_bind_result() makes huge allocation when 10496 column empty). (Andrey) 10497- Fixed bug #35751 (using date with a timestamp makes httpd segfault). (Derick) 10498- Fixed bug #35740 (memory leak when including a directory). (Tony) 10499- Fixed bug #35730 (ext/mssql + freetds: Use correct character encoding 10500 and allow setting it). (Frank) 10501- Fixed bug #35723 (xmlrpc_introspection.c fails compile per C99 std). (Jani) 10502- Fixed bug #35720 (A final constructor can be overwritten). (Marcus) 10503- Fixed bug #35713 (getopt() returns array with numeric strings when passed 10504 options like '-1'). (Tony) 10505- Fixed bug #35705 (strtotime() fails to parse soap date format without TZ). 10506 (Ilia) 10507- Fixed bug #35699 (date() can't handle leap years before 1970). (Derick) 10508- Fixed bug #35694 (Improved error message for invalid fetch mode). (Ilia) 10509- Fixed bug #35692 (iconv_mime_decode() segmentation fault; with libiconv 10510 only). (Tony) 10511- Fixed bug #35690 (pack() tries to allocate huge memory block when packing 10512 float values to strings). (Tony) 10513- Fixed bug #35669 (imap_mail_compose() crashes with 10514 multipart-multiboundary-email). (Ilia) 10515- Fixed bug #35660 (AIX TZ variable format not understood, yields UTC 10516 timezone). (Derick) 10517- Fixed bug #35655 (whitespace following end of heredoc is lost). (Ilia) 10518- Fixed bug #35630 (strtotime() crashes on certain relative identifiers). 10519 (Ilia) 10520- Fixed bug #35629 (crash in http:// wrapper on multiple redirects). (Ilia) 10521- Fixed bug #35624 (strtotime() does not handle 3 character weekdays). (Ilia) 10522- Fixed bug #35612 (iis6 Access Violation crash). (Dmitry, alacn.uhahaa) 10523- Fixed bug #35594 (Multiple calls to getopt() may result in a crash). 10524 (rabbitt at gmail dot com, Ilia) 10525- Fixed bug #35571 (Fixed crash in Apache 2 SAPI when more then one php 10526 script is loaded via SSI include). (Ilia) 10527- Fixed bug #35570 (segfault when re-using soap client object). (Dmitry) 10528- Fixed bug #35558 (mktime() interpreting 3 digit years incorrectly). (Ilia) 10529- Fixed bug #35543 (php crash when calling non existing method of a class 10530 that extends PDO). (Tony) 10531- Fixed bug #35539 (typo in error message for ErrorException). (Tony) 10532- FIxed bug #35536 (mysql_field_type() doesn't handle NEWDECIMAL). (Tony) 10533- Fixed bug #35517 (mysql_stmt_fetch returns NULL on data truncation). (Georg) 10534- Fixed bug #35509 (string constant as array key has different behavior inside 10535 object). (Dmitry) 10536- Fixed bug #35508 (PDO fails when unknown fetch mode specified). (Tony) 10537- Fixed bug #35499 (strtotime() does not handle whitespace around the date 10538 string). (Ilia) 10539- Fixed bug #35496 (Crash in mcrypt_generic()/mdecrypt_generic() without 10540 proper init). (Ilia) 10541- Fixed bug #35490 (socket_sendto() unable to handle IPv6 addresses). (Tony) 10542- Fixed bug #35461 (Ming extension fails to compile with ming 0.3beta1). (Jani) 10543- Fixed bug #35437 (Segfault or Invalid Opcode 137/1/4). (Dmitry) 10544- Fixed bug #35470 (Assigning global using variable name from array doesn't 10545 function). (Dmitry) 10546- Fixed bug #35456 (+ 1 [time unit] format did not work). (Ilia) 10547- Fixed bug #35447 (xml_parse_into_struct() chokes on the UTF-8 BOM). (Rob) 10548- Fixed bug #35431 (PDO crashes when using LAZY fetch with fetchAll). (Wez) 10549- Fixed bug #35430 (PDO crashes on incorrect FETCH_FUNC use). (Tony) 10550- Fixed bug #35427 (str_word_count() handles '-' incorrectly). (Ilia) 10551- Fixed bug #35425 (idate() function ignores timezone settings). (Ilia) 10552- Fixed bug #35422 (strtotime() does not parse times with UTC as timezone). 10553 (Ilia) 10554- Fixed bug #35414 (strtotime() no longer works with ordinal suffix). (Ilia) 10555- Fixed bug #35410 (wddx_deserialize() doesn't handle large ints as keys 10556 properly). (Ilia) 10557- Fixed bug #35409 (undefined reference to 'rl_completion_matches'). (Jani) 10558- Fixed bug #35399 (Since fix of bug #35273 SOAP decoding of 10559 soapenc:base64binary fails). (Dmitry) 10560- Fixed bug #35393 (changing static protected members from outside the class, 10561 one more reference issue). (Dmitry) 10562- Fixed bug #35381 (ssl library is not initialized properly). (Alan) 10563- Fixed bug #35377 (PDO_SQLITE: undefined reference to "fdatasync"). 10564 (Nuno, Jani) 10565- Fixed bug #35373 (HP-UX "alias not allowed in this configuration"). (Dmitry) 10566- Fixed bug #35288 (iconv() function defined as libiconv()). (Nuno) 10567- Fixed bug #35103 (mysqli handles bad unsigned (big)int incorrectly).(Andrey) 10568- Fixed bug #35062 (socket_read() produces warnings on non blocking sockets). 10569 (Nuno, Ilia) 10570- Fixed bug #35028 (SimpleXML object fails FALSE test). (Marcus) 10571- Fixed bug #34729 (Crash in ZTS mode under Apache). (Dmitry, Zeev) 10572- Fixed bug #34429 (Output buffering cannot be turned off with FastCGI). 10573 (Dmitry, Ilya) 10574- Fixed bug #34359 (Possible crash inside fopen http wrapper). (Ilia,Sara,Nuno) 10575- Fixed bug #33789 (Many Problems with SunFuncs). (Derick) 10576- Fixed bug #33671 (sun_rise and sun_set don't return a GMT timestamp if one 10577 passes an offset). (Derick) 10578- Fixed bug #32820 (date_sunrise and date_sunset don't handle GMT offset 10579 well). (Derick) 10580- Fixed bug #31347 (is_dir and is_file (incorrectly) return true for any string 10581 greater then 255 characters). (Nuno,Ilia) 10582- Fixed bug #30937 (date_sunrise() & date_sunset() don't handle endless 10583 day/night at high latitudes). (Derick) 10584- Fixed bug #30760 (Remove MessageBox on win32 for E_CORE errors if 10585 display_startup_error is off). (Ilia) 10586- Fixed bug #29955 (mb_strtoupper() / lower() broken with Turkish encoding). 10587 (Rui) 10588- Fixed bug #28899 (mb_substr() and substr() behave differently when 10589 "mbstring.func_overload" is enabled). (Rui) 10590- Fixed bug #27678 (number_format() crashes with large numbers). (Marcus) 10591 1059228 Nov 2005, PHP 5.1.1 10593- Disabled native date class to prevent pear::date conflict. (Ilia) 10594- Changed reflection constants be both PHP and class constants. (Johannes) 10595- Added an additional field $frame['object'] to the result array of 10596 debug_backtrace() that contains a reference to the respective object when the 10597 frame was called from an object. (Sebastian) 10598- Fixed bug #35423 (RecursiveDirectoryIterator doesnt appear to recurse with 10599 RecursiveFilterIterator). (Marcus) 10600- Fixed bug #35413 (Removed -dev flag from Zend Engine version). (Ilia) 10601- Fixed bug #35411 (Regression with \{$ handling). (Ilia) 10602- Fixed bug #35406 (eval hangs when evall'ed code ends with comment w/o 10603 newline). (Marcus) 10604- Fixed bug #35391 (pdo_mysql::exec does not return number of affected rows). 10605 (Tony) 10606- Fixed bug #35382 (Comment in end of file produces fatal error). (Ilia) 10607- Fixed bug #35360 (exceptions in interactive mode (php -a) may cause crash). 10608 (Dmitry) 10609- Fixed bug #35358 (Incorrect error messages for PDO class constants). (Ilia) 10610- Fixed bug #35338 (pdo_pgsql does not handle binary bound params). (Wez) 10611- Fixed bug #35316 (Application exception trying to create COM object). (Rob) 10612- Fixed bug #35170 (PHP_AUTH_DIGEST differs under Apache 1.x and 2.x). (Ilia) 10613 1061424 Nov 2005, PHP 5.1 10615- Added support for class constants and static members for internal classes. 10616 (Dmitry, Michael Wallner) 10617- Added "new_link" parameter to mssql_connect() (Bug #34369). (Frank) 10618- Added missing safe_mode checks for image* functions and cURL. (Ilia) 10619- Added missing safe_mode/open_basedir checks for file uploads. (Ilia) 10620- Added PDO_MYSQL_ATTR_USE_BUFFERED_QUERY parameter for pdo_mysql. (Ilia) 10621- Added date_timezone_set() function to set the timezone that the date 10622 function will use. (Derick) 10623- Added pg_fetch_all_columns() function to fetch all values of a column from a 10624 result cursor. (Ilia) 10625- Added support for LOCK_EX flag for file_put_contents(). (Ilia) 10626- Added bindto socket context option. (Ilia) 10627- Added offset parameter to the stream_copy_to_stream() function. (Ilia) 10628- Added offset & length parameters to substr_count() function. (Ilia) 10629- Added man pages for "phpize" and "php-config" scripts. (Jakub Vrana) 10630- Added support for .cc files in extensions. (Brian) 10631- Added PHP_INT_MAX and PHP_INT_SIZE as predefined constants. (Andrey) 10632- Added user opcode API that allow overloading of opcode handlers. (Dmitry) 10633- Added an optional remove old session parameter to session_regenerate_id(). 10634 (Ilia) 10635- Added array type hinting. (Dmitry) 10636- Added the tidy_get_opt_doc() function to return documentation for 10637 configuration options in tidy. (Patch by: nlopess@php.net) 10638- Added support for .cc files in extensions. (Brian) 10639- Added imageconvolution() function which can be used to apply a custom 3x3 10640 matrix convolution to an image. (Pierre) 10641- Added optional first parameter to XsltProcessor::registerPHPFunctions to 10642 only allow certain functions to be called from XSLT. (Christian) 10643- Added the ability to override the autotools executables used by the 10644 buildconf script via the PHP_AUTOCONF and PHP_AUTOHEADER environmental 10645 variables. (Jon) 10646- Added several new functions to support the PostgreSQL v3 protocol introduced 10647 in PostgreSQL 7.4. (Christopher) 10648 . pg_transaction_status() - in-transaction status of a database connection. 10649 . pg_query_params() - execution of parameterized queries. 10650 . pg_prepare() - prepare named queries. 10651 . pg_execute() - execution of named prepared queries. 10652 . pg_send_query_params() - async equivalent of pg_query_params(). 10653 . pg_send_prepare() - async equivalent of pg_prepare(). 10654 . pg_send_execute() - async equivalent of pg_execute(). 10655 . pg_result_error_field() - highly detailed error information, most 10656 importantly 10657 the SQLSTATE error code. 10658 . pg_set_error_verbosity() - set verbosity of errors. 10659- Added optional fifth parameter "count" to preg_replace_callback() and 10660 preg_replace() to count the number of replacements made. FR #32275. (Andrey) 10661- Added optional third parameter "charlist" to str_word_count() which contains 10662 characters to be considered as word part. FR #31560. (Andrey, Ilia) 10663- Added interface Serializable. (Stanislav, Marcus) 10664- Added pg_field_type_oid() PostgreSQL function. (mauroi at digbang dot com) 10665- Added zend_declare_property_...() and zend_update_property_...() API 10666 functions for bool, double and binary safe strings. (Hartmut) 10667- Added possibility to access INI variables from within .ini file. (Andrei) 10668- Added variable $_SERVER['REQUEST_TIME'] containing request start time. 10669 (Ilia) 10670- Added optional float parameter to gettimeofday(). (Ilia) 10671- Added apache_reset_timeout() Apache1 function. (Rasmus) 10672- Added sqlite_fetch_column_types() 3rd argument for arrays. (Ilia) 10673- Added optional offset parameter to stream_get_contents() and 10674 file_get_contents(). (Ilia) 10675- Added optional maxlen parameter to file_get_contents(). (Ilia) 10676- Added SAPI hook to get the current request time. (Rasmus) 10677- Added new functions: 10678 . array_diff_key() (Andrey) 10679 . array_diff_ukey() (Andrey) 10680 . array_intersect_key() (Christiano Duarte) 10681 . array_intersect_ukey() (Christiano Duarte) 10682 . array_product() (Andrey) 10683 . DomDocumentFragment::appendXML() (Christian) 10684 . fputcsv() (David Sklar) 10685 . htmlspecialchars_decode() (Ilia) 10686 . inet_pton() (Sara) 10687 . inet_ntop() (Sara) 10688 . mysqli::client_info property (Georg) 10689 . posix_access() (Magnus) 10690 . posix_mknod() (Magnus) 10691 . SimpleXMLElement::registerXPathNamespace() (Christian) 10692 . stream_context_get_default() (Wez) 10693 . stream_socket_enable_crypto() (Wez) 10694 . stream_wrapper_unregister() (Sara) 10695 . stream_wrapper_restore() (Sara) 10696 . stream_filter_remove() (Sara) 10697 . time_sleep_until() (Ilia) 10698- Added DomDocument::$recover property for parsing not well-formed XML 10699 Documents. (Christian) 10700- Added Cursor support for MySQL 5.0.x in mysqli (Georg) 10701- Added proxy support to ftp wrapper via http. (Sara) 10702- Added MDTM support to ftp_url_stat. (Sara) 10703- Added zlib stream filter support. (Sara) 10704- Added bz2 stream filter support. (Sara) 10705- Added max_redirects context option that specifies how many HTTP 10706 redirects to follow. (Ilia) 10707- Added support of parameter=>value arrays to 10708 xsl_xsltprocessor_set_parameter(). (Tony) 10709 10710- PHP extension loading mechanism with support for module 10711 dependencies and conflicts. (Jani, Dmitry) 10712- Improved interactive mode of PHP CLI (php -a). (Johannes, Marcus) 10713- Improved performance of: 10714 . general execution/compilation. (Andi, Thies, Sterling, Dmitry, Marcus) 10715 . switch() statement. (Dmitry) 10716 . several array functions. (Marcus) 10717 . virtual path handling by adding a realpath() cache. (Andi) 10718 . variable fetches. (Andi) 10719 . magic method invocations. (Marcus) 10720- Improved support for embedded server in mysqli. (Georg) 10721- Improved mysqli extension. (Georg) 10722 . added constructor for mysqli_stmt and mysqli_result classes 10723 . added new function mysqli_get_charset() 10724 . added new function mysqli_set_charset() 10725 . added new class mysqli_driver 10726 . added new class mysqli_warning 10727 . added new class mysqli_exception 10728 . added new class mysqli_sql_exception 10729- Improved SPL extension. (Marcus) 10730 . Moved RecursiveArrayIterator from examples into extension 10731 . Moved RecursiveFilterIterator from examples into extension 10732 . Added SplObjectStorage 10733 . Made all SPL constants class constants 10734 . Renamed CachingRecursiveIterator to RecursiveCachingIterator to follow 10735 Recursive<*>Iterator naming scheme. 10736 . added standard hierarchy of Exception classes 10737 . added interface Countable 10738 . added interfaces Subject and SplObserver 10739 . added spl_autoload*() functions 10740 . converted several 5.0 examples into c code 10741 . added class SplFileObject 10742 . added possibility to use a string with class_parents() and 10743 class_implements(). (Andrey) 10744 10745- Changed type hints to allow "null" as default value for class and array. 10746 (Marcus, Derick, Dmitry) 10747- Changed SQLite extension to be a shared module in Windows distribution. 10748 (Edin) 10749- Changed "instanceof" and "catch" operators, is_a() and is_subclass_of() 10750 functions to not call __autoload(). (Dmitry) 10751- Changed sha1_file() and md5_file() functions to use streams instead of low 10752 level IO. (Uwe) 10753- Changed abstract private methods to be not allowed anymore. (Stas) 10754- Changed stream_filter_(ap|pre)pend() to return resource. (Sara) 10755- Changed mysqli_exception and sqlite_exception to use RuntimeException as 10756 base if SPL extension is present. (Georg, Marcus) 10757 10758- Upgraded bundled libraries: 10759 . PCRE library to version 6.2. (Andrei) 10760 . SQLite 3 library in ext/pdo_sqlite to 3.2.7. (Ilia) 10761 . SQLite 2 library in ext/sqlite to 2.8.16. (Ilia) 10762- Upgraded bundled libraries in Windows distribution. (Edin) 10763 . zlib 1.2.3 10764 . curl 7.14.0 10765 . openssl 0.9.8 10766 . ming 0.3b 10767 . libpq (PostgreSQL) 8.0.1 10768 10769- Implemented feature request #33452 (Year belonging to ISO week). (Derick) 10770- Allowed return by reference from internal functions. (Marcus, Andi, Dmitry) 10771- Rewrote strtotime() with support for timezones and many new formats. 10772 Implements feature requests #21399, #26694, #28088, #29150, #29585 and 10773 #29595. (Derick) 10774 10775- Moved extensions to PECL: 10776 . ext/cpdf (Tony, Derick) 10777 . ext/dio (Jani, Derick) 10778 . ext/fam (Jani, Derick) 10779 . ext/ingres_ii (Jani, Derick) 10780 . ext/mnogosearch (Jani, Derick) 10781 . ext/w32api (Jani, Derick) 10782 . ext/yp (Jani, Derick) 10783 . ext/mcve (Jani, Derick, Pierre) 10784 . ext/oracle (Jani, Derick) 10785 . ext/ovrimos (Jani, Derick, Pierre) 10786 . ext/pfpro (Jani, Derick, Pierre) 10787 . ext/dbx (Jani, Derick) 10788 . ext/ircg (Jani, Derick) 10789 10790- Removed php_check_syntax() function which never worked properly. (Ilia) 10791- Removed garbage manager in Zend Engine which results in more aggressive 10792 freeing of data. (Dmitry, Andi) 10793 10794- Fixed "make test" to work for phpized extensions. (Hartmut, Jani) 10795- Fixed Apache 2 regression with sub-request handling on non-linux systems. 10796 (Ilia, Tony) 10797- Fixed PDO shutdown problem (possible infinite loop running rollback on 10798 shutdown). (Wez) 10799- Fixed PECL bug #3714 (PDO: beginTransaction doesn't work if you're in 10800 auto-commit mode). (Wez) 10801- Fixed ZTS destruction. (Marcus) 10802- Fixed __get/__set to allow recursive calls for different properties. (Dmitry) 10803- Fixed a bug where stream_get_meta_data() did not return the "uri" element 10804 for files opened with tmpname(). (Derick) 10805- Fixed a problem with SPL iterators aggregating the inner iterator. (Marcus) 10806- Fixed an error in mysqli_fetch_fields (returned NULL instead of an array 10807 when row number > field_count). (Georg) 10808- Fixed bug in mysql::client_version(). (Georg) 10809- Fixed bug in mysqli extension with unsigned int(11) being represented as 10810 signed integer in PHP instead of string in 32bit systems. (Andrey) 10811- Fixed bug with $HTTP_RAW_POST_DATA not getting set. (Brian) 10812- Fixed crash inside stream_get_line() when length parameter equals 0. (Ilia) 10813- Fixed ext/mysqli to allocate less memory when fetching bound params of type 10814 (MEDIUM|LONG)BLOB/(MEDIUM|LONG)TEXT. (Andrey) 10815- Fixed extension initialization to respect dependencies between extensions. 10816 (Wez) 10817- Fixed failing queries (FALSE returned) with mysqli_query() on 64 bit systems. 10818 (Andrey) 10819- Fixed fgetcsv() and fputcsv() inconsistency. (Dmitry) 10820- Fixed inheritance check to control return by reference and pass by 10821 reference correctly (ArrayAccess can no longer support references correctly). 10822 (Marcus, Andi, Dmitry) 10823- Fixed initializing and argument checking for posix_mknod(). (Derick) 10824- Fixed memory corruption in ImageTTFText() with 64bit systems. (Andrey) 10825- Fixed memory corruption in pg_copy_from() in case the as_null parameter was 10826 passed. (Derick) 10827- Fixed memory corruption in stristr(). (Derick) 10828- Fixed possible GLOBALS variable override when register_globals are ON. 10829 (Ilia, Stefan) 10830- Fixed possible INI setting leak via virtual() in Apache 2 sapi. (Ilia) 10831- Fixed possible register_globals toggle via parse_str(). (Ilia, Stefan) 10832- Fixed potential GLOBALS overwrite via import_request_variables() and 10833 possible crash and/or memory corruption. (Ilia) 10834- Fixed segfaults when CURL callback functions throw exception. (Tony) 10835- Fixed support for shared extensions on AIX. (Dmitry) 10836- Fixed bug #35342 (isset(DOMNodeList->length) returns false). (Rob) 10837- Fixed bug #35341 (Fix for bug #33760 breaks build with older curl). (Tony) 10838- Fixed bug #35336 (crash on PDO::FETCH_CLASS + __set()). (Tony) 10839- Fixed bug #35303 (PDO prepare() crashes with invalid parameters). (Ilia) 10840- Fixed bug #35293 (PDO segfaults when using persistent connections). (Tony) 10841- Fixed bug #35278 (Multiple virtual() calls crash Apache 2 php module). (Ilia) 10842- Fixed bug #35273 (Error in mapping soap - java types). (Dmitry) 10843- Fixed bug #35249 (compile failure when ext/readline is compiled as shared). 10844 (Jani) 10845- Fixed bug #35248 (sqlite_query() doesn't set error_msg when return value is 10846 being used). (Ilia) 10847- Fixed bug #35243 (php_mblen() crashes when compiled with thread-safety on 10848 Linux). (Patch: shulmanb at il dot ibm dot com, Jani) 10849- Fixed bug #35239 (Objects can lose references). (Dmitry) 10850- Fixed bug #35229 (call_user_func() crashes when argument_stack is nearly 10851 full). (Dmitry) 10852- Fixed bug #35197 (Destructor is not called). (Tony) 10853- Fixed bug #35179 (tokenizer extension needs T_HALT_COMPILER). (Greg) 10854- Fixed bug #35176 (include()/require()/*_once() produce wrong error messages 10855 about main()). (Dmitry) 10856- Fixed bug #35147 (__HALT_COMPILER() breaks with --enable-zend-multibyte). 10857 (Dmitry, Moriyoshi) 10858- Fixed bug #35143 (gettimeofday() ignores current time zone). (Derick) 10859- Fixed bug #35142 (SOAP Client/Server Complex Object Support). (Dmitry) 10860- Fixed bug #35135 (PDOStatment without related PDO object may crash). (Ilia) 10861- Fixed bug #35091 (SoapClient leaks memory). (Dmitry) 10862- Fixed bug #35079 (stream_set_blocking(true) toggles, not enables blocking). 10863 (askalski at gmail dot com, Tony) 10864- Fixed bug #35078 (configure does not find ldap_start_tls_s). (Jani) 10865- Fixed bug #35046 (phpinfo() uses improper css enclosure). (Ilia) 10866- Fixed bugs #35022, #35019 (Regression in the behavior of key() and 10867 current() functions). (Ilia) 10868- Fixed bug #35017 (Exception thrown in error handler may cause unexpected 10869 behavior). (Dmitry) 10870- Fixed bug #35014 (array_product() always returns 0). (Ilia) 10871- Fixed bug #35009 (ZTS: Persistent resource destruct crashes when extension 10872 is compiled as shared). (Dmitry) 10873- Fixed bug #34996 (ImageTrueColorToPalette() crashes when ncolors is zero). 10874 (Tony) 10875- Fixed bug #34982 (array_walk_recursive() modifies elements outside function 10876 scope). (Dmitry) 10877- Fixed bug #34977 (Compile failure on MacOSX due to use of varargs.h). (Tony) 10878- Fixed bug #34968 (bz2 extension fails on to build on some win32 setups). 10879 (Ilia) 10880- Fixed bug #34965 (tidy is not binary safe). (Mike) 10881- Fixed bug #34957 (PHP doesn't respect ACLs for access checks). (Wez) 10882- Fixed bug #34950 (Unable to get WSDL through proxy). (Dmitry) 10883- Fixed bug #34938 (dns_get_record() doesn't resolve long hostnames and 10884 leaks). (Tony) 10885- Fixed bug #34905 (Digest authentication does not work with Apache 1). (Ilia) 10886- Fixed bug #34902 (mysqli::character_set_name() - undefined method). (Tony) 10887- Fixed bug #34899 (Fixed sqlite extension compile failure). (Ilia) 10888- Fixed bug #34893 (PHP5.1 overloading, Cannot access private property). 10889 (Dmitry) 10890- Fixed bug #34884 (Possible crash in ext/sqlite when sqlite.assoc_case is 10891 being used). (Tony, Ilia) 10892- Fixed bug #34879 (str_replace, array_map corrupt negative array indexes on 10893 64-bit platforms). (Dmitry) 10894- Fixed bug #34873 (Segmentation Fault on foreach in object). (Dmitry) 10895- Fixed bug #34856 (configure fails to detect libiconv's type). (Tony) 10896- Fixed bug #34855 (ibase_service_attach() segfault on AMD64). 10897 (irie at gmx dot de, Tony) 10898- Fixed bug #34851 (SO_RECVTIMEO and SO_SNDTIMEO socket options expect 10899 integer parameter on Windows). (Mike) 10900- Fixed bug #34850 (--program-suffix and --program-prefix not included in 10901 man page names). (Jani) 10902- Fixed bug #34821 (zlib encoders fail on widely varying binary data on 10903 windows). (Mike, Ilia) 10904- Fixed bug #34818 (several functions crash when invalid mysqli_link object 10905 is passed). (Tony) 10906- Fixed bug #34810 (mysqli::init() and others use wrong $this pointer without 10907 checks). (Tony) 10908- Fixed bug #34809 (FETCH_INTO in PDO crashes without a destination object). 10909 (Ilia) 10910- Fixed bug #34802 (Fixed crash on object instantiation failure). (Ilia) 10911- Fixed bug #34796 (missing SSL linking in ext/ftp when configured as shared). 10912 (Jani) 10913- Fixed bug #34790 (preg_match_all(), named capturing groups, variable 10914 assignment/return => crash). (Dmitry) 10915- Fixed bug #34788 (SOAP Client not applying correct namespace to generated 10916 values). (Dmitry) 10917- Fixed bug #34787 (SOAP Client not handling boolean types correctly). (Dmitry) 10918- Fixed bug #34786 (2 @ results in change to error_reporting() to random 10919 value) (Dmitry, Tony) 10920- Fixed bug #34785 (subclassing of mysqli_stmt does not work). (Georg) 10921- Fixed bug #34782 (token_get_all() gives wrong result). (Dmitry) 10922- Fixed bug #34777 (Crash in dblib when fetching non-existent error info). 10923 (Ilia) 10924- Fixed bug #34771 (strtotime() fails with 1-12am/pm). (Derick) 10925- Fixed bug #34767 (Zend Engine 1 Compatibility not copying objects 10926 correctly). (Dmitry) 10927- Fixed bug #34758 (PDO_DBLIB did not implement rowCount()). (Ilia) 10928- Fixed bug #34757 (iconv_substr() gives "Unknown error" when offset > string 10929 length). (Tony) 10930- Fixed bug #34742 (ftp wrapper failures caused from segmented command 10931 transfer). (Ilia) 10932- Fixed bug #34725 (CLI segmentation faults during cleanup). (Dmitry) 10933- Fixed bug #34723 (array_count_values() strips leading zeroes). (Tony) 10934- Fixed bug #34712 (zend.ze1_compatibility_mode = on segfault). (Dmitry) 10935- Fixed bug #34704 (Infinite recursion due to corrupt JPEG). (Marcus) 10936- Fixed bug #34678 (__call(), is_callable() and static methods). (Dmitry) 10937- Fixed bug #34676 (missing support for strtotime("midnight") and 10938 strtotime("noon")). (Derick) 10939- Fixed bug #34645 (ctype corrupts memory when validating large numbers). 10940 (Ilia) 10941- Fixed bug #34643 (wsdl default value has no effect). (Dmitry) 10942- Fixed bug #34623 (Crash in pdo_mysql on longtext fields). (Ilia) 10943- Fixed bug #34617 (zend_deactivate: objects_store used after 10944 zend_objects_store_destroy is called). (Dmitry) 10945- Fixed bug #34590 (User defined PDOStatement class can't implement 10946 methods). (Marcus) 10947- Fixed bug #34584 (Segfault with SPL autoload handler). (Marcus) 10948- Fixed bug #34581 (crash with mod_rewrite). (Tony, Ilia) 10949- Fixed bug #34565 (mb_send_mail does not fetch 10950 mail.force_extra_parameters). (Marco, Ilia) 10951- Fixed bug #34557 (php -m exits with "error" 1). (Johannes) 10952- Fixed bug #34518 (Unset doesn't separate container in CV). (Dmitry) 10953- Fixed bug #34505 (Possible memory corruption when unmangling properties 10954 with empty names). (Tony) 10955- Fixed bug #34478 (Incorrect parsing of url's fragment (#...)). (Dmitry) 10956- Fixed bug #34467 (foreach + __get + __set inconsistency). (Dmitry) 10957- Fixed bug #34456 (Possible crash inside pspell extension). (Ilia) 10958- Fixed bug #34453 (parsing http://www.w3.org/2001/xml.xsd exception). (Dmitry) 10959- Fixed bug #34450 (Segfault when calling mysqli_close() in destructor). (Tony) 10960- Fixed bug #34449 (ext/soap: XSD_ANYXML functionality not exposed). (Dmitry) 10961- Fixed bug #34420 (Possible crash inside curl_multi_remove_handle()). (Ilia) 10962- Fixed bug #34358 (Fatal error: Cannot re-assign $this). (Dmitry) 10963- Fixed bug #34331 (php crashes when variables_order is empty). (Ilia) 10964- Fixed bug #34321 (Possible crash in filter code). (Ilia) 10965- Fixed bug #34311 (unserialize() crashes with chars above 191 dec). (Nuno) 10966- Fixed bug #34310 (foreach($arr as $c->d => $x) crashes). (Dmitry) 10967- Fixed bug #34307 (on_modify handler not called to set the default value if 10968 setting from php.ini was invalid). (Andrei) 10969- Fixed bug #34306 (wddx_serialize_value() crashes with long array keys). 10970 (Jani) 10971- Fixed bug #34304 (date() doesn't have a modifier for ISO Week Day). (Derick) 10972- Fixed bug #34302 (date('W') do not return leading zeros for week 1 to 9). 10973 (Derick) 10974- Fixed bug #34299 (ReflectionClass::isInstantiable() returns true for abstract 10975 classes). (Marcus) 10976- Fixed bug #34284 (CLI phpinfo showing html on _SERVER["argv"]). (Jani) 10977- Fixed bug #34277 (array_filter() crashes with references and objects). 10978 (Dmitry) 10979- Fixed bug #34276 (setAttributeNS doesn't work with default namespace). 10980 (Rob) 10981- Fixed bug #34260 (Segfault with callbacks (array_map) + overloading). 10982 (Dmitry) 10983- Fixed bug #34257 (lib64 not handled correctly in ming extension). (Marcus) 10984- Fixed bug #34221 (Compiling xmlrpc as shared fails other parts). (Jani) 10985- Fixed bug #34216 (Segfault with autoload). (Marcus) 10986- Fixed bug #34199 (if($obj)/if(!$obj) inconsistency because of cast handler). 10987 (Dmitry, Alex) 10988- Fixed bug #34191 (ob_gzhandler does not enforce trailing \0). (Ilia) 10989- Fixed bug #34156 (memory usage remains elevated after memory limit is 10990 reached). (Ilia) 10991- Fixed bug #34148 (+,- and . not supported as parts of scheme). (Ilia) 10992- Fixed bug #34137 (assigning array element by reference causes binary mess). 10993 (Dmitry) 10994- Fixed bug #34103 (line numbering not maintained in dom document). (Rob) 10995- Fixed bug #34078 (Reflection API problems in methods with boolean or 10996 null default values). (Tony) 10997- Fixed bug #34068 (Numeric string as array key not cast to integer in 10998 wddx_deserialize()). (Ilia) 10999- Fixed bug #34064 (arr[] as param to function in class gives invalid 11000 opcode). (Dmitry) 11001- Fixed bug #34062 (Crash in catch block when many arguments are used). 11002 (Dmitry) 11003- Fixed bug #34052 (date('U') returns %ld not unix timestamp). (Nuno) 11004- Fixed bug #34045 (Buffer overflow with serialized object). (Dmitry) 11005- Fixed bug #34001 (pdo_mysql truncates numeric fields at 4 chars). (Ilia) 11006- Fixed bug #33999 (object remains object when cast to int). (Dmitry) 11007- Fixed bug #33996 (No information given for fatal error on passing invalid 11008 value to typed argument). (Dmitry) 11009- Fixed bug #33989 (extract($GLOBALS,EXTR_REFS) crashes PHP). (Dmitry) 11010- Fixed bug #33987 (php script as ErrorDocument causes crash in Apache 2). 11011 (Ilia) 11012- Fixed bug #33967 (misuse of Exception constructor doesn't display 11013 errorfile). (Jani) 11014- Fixed bug #33966 (Wrong use of reflectionproperty causes a segfault). (Tony) 11015- Fixed bug #33963 (mssql_bind() fails on input parameters). (Frank) 11016- Fixed bug #33958 (duplicate cookies and magic_quotes=off may cause a crash). 11017 (Ilia) 11018- Fixed bug #33957 (gmdate('W')/date('W') sometimes returns wrong week number). 11019 (Derick) 11020- Fixed bug #33940 (array_map() fails to pass by reference when called 11021 recursively). (Dmitry) 11022- Fixed bug #33917 (number_format() output with > 1 char separators). (Jani) 11023- Fixed bug #33904 (input array keys being escaped when magic quotes is off). 11024 (Ilia) 11025- Fixed bug #33903 (spl_autoload_register class method). (Marcus) 11026- Fixed bug #33899 (CLI: setting extension_dir=some/path extension=foobar.so 11027 does not work). (Jani) 11028- Fixed bug #33882 (CLI was looking for php.ini in wrong path). (Hartmut) 11029- Fixed bug #33869 (strtotime() problem with "+1days" format). (Ilia) 11030- Fixed bug #33841 (pdo sqlite driver forgets to update affected column 11031 count on execution of prepared statments). (Ilia) 11032- Fixed bug #33837 (Informix ESQL version numbering schema changed). (Jani) 11033- Fixed bug #33829 (mime_content_type() returns text/plain for gzip and bzip 11034 files). (Derick) 11035- Fixed bug #33802 (throw Exception in error handler causes crash). (Dmitry) 11036- Fixed bug #33771 (error_reporting falls to 0 when @ was used inside 11037 try/catch block). (Tony) 11038- Fixed bug #33760 (cURL needs to implement CRYPTO_callback functions to 11039 prevent locking). (Mike, Ilia) 11040- Fixed bug #33732 (Wrong behavior of constants in class and interface 11041 extending). (Dmitry) 11042- Fixed bug #33723 (php_value overrides php_admin_value). (Dmitry) 11043- Fixed bug #33720 (mb_encode_mimeheader does not work for multibyte 11044 chars). (Rui) 11045- Fixed bug #33710 (ArrayAccess objects does not initialize $this). (Dmitry) 11046- Fixed bug #33690 (Crash setting some ini directives in httpd.conf). (Rasmus) 11047- Fixed bug #33673 (Added detection for partially uploaded files). (Ilia) 11048- Fixed bug #33605 (substr_compare() crashes with negative offset and length). 11049 (Tony) 11050- Fixed bug #33597 (setcookie() "expires" date format doesn't comply with RFC). 11051 (Tony) 11052- Fixed bug #33588 (LDAP: RootDSE query not possible). (Jani) 11053- Fixed bug #33578 (strtotime() problem with "Oct17" format). (Derick) 11054- Fixed bug #33578 (strtotime() doesn't understand "11 Oct" format). (Derick) 11055- Fixed bug #33562 (date("") crashes). (Derick) 11056- Fixed bug #33558 (warning with nested calls to functions returning by 11057 reference). (Dmitry) 11058- Fixed bug #33536 (strtotime() defaults to now even on non time string). 11059 (Derick) 11060- Fixed bug #33532 (Different output for strftime() and date()). (Derick) 11061- Fixed bug #33523 (Memory leak in xmlrpc_encode_request()). (Ilia) 11062- Fixed bug #33520 (crash if safe_mode is on and session.save_path is changed). 11063 (Dmitry) 11064- Fixed bug #33512 (Add missing support for isset()/unset() overloading to 11065 complement the property get/set methods). (Dmitry) 11066- Fixed bug #33491 (crash after extending MySQLi internal class). (Tony) 11067- Fixed bug #33475 (cURL handle is not closed on curl_close(). (Ilia) 11068- Fixed bug #33469 (Compile error undefined reference to ifx_checkAPI). (Jani) 11069- Fixed bug #33433 (strtoll not available on Tru64). (Jani, Derick) 11070- Fixed bug #33427 (ext/odbc: check if unixODBC header file exists). (Jani) 11071- Fixed bug #33415 (strtotime() related bugs). (Derick) 11072- Fixed bug #33414 (Comprehensive list of incorrect days returned after 11073 strtotime() / date() tests). (Derick) 11074- Fixed bug #33389 (double free() when exporting a ReflectionClass). (Marcus) 11075- Fixed bug #33383 (crash when retrieving empty LOBs). (Tony) 11076- Fixed bug #33382 (array_reverse() fails after *sort()), introduced by 11077 zend_hash_sort() optimizations in HEAD. (Tony) 11078- Fixed bug #33340 (CLI Crash when calling php:function from XSLT). (Rob) 11079- Fixed bug #33326 (Cannot build extensions with phpize on Macosx). (Jani) 11080- Fixed bug #33318 (throw 1; results in Invalid opcode 108/1/8). (Dmitry) 11081- Fixed bug #33312 (ReflectionParameter methods do not work correctly). 11082 (Dmitry) 11083- Fixed bug #33299 (php:function no longer handles returned dom objects). 11084 (Rob, Joe Orton) 11085- Fixed bug #33286 (nested array_walk() calls and user array compare functions 11086 broken; FCI cache). (Andrei, patch from m.bretz@metropolis-ag.de) 11087- Fixed bug #33277 (private method accessed by child class). (Dmitry) 11088- Fixed bug #33268 (iconv_strlen() works only with a parameter of < 3 in 11089 length). (Ilia) 11090- Fixed bug #33257 (array_splice() inconsistent when passed function instead of 11091 variable). (Dmitry) 11092- Fixed bug #33243 (ze1_compatibility_mode does not work as expected). (Dmitry) 11093- Fixed bug #33242 (Mangled error message when stream fails). (Derick) 11094- Fixed bug #33222 (segfault when CURL handle is closed in a callback). (Tony) 11095- Fixed bug #33214 (odbc_next_result does not signal SQL errors with 11096 2-statement SQL batches). (rich at kastle dot com, Tony) 11097- Fixed bug #33212 ([GCC 4]: 'zend_error_noreturn' aliased to external symbol 11098 'zend_error'). (Dmitry) 11099- Fixed bug #33210 (relax jpeg recursive loop protection). (Ilia) 11100- Fixed bug #33201 (Crash when fetching some data types). (Frank) 11101- Fixed bug #33200 (preg_replace(): magic_quotes_sybase=On makes 'e' modifier 11102 misbehave). (Jani) 11103- Fixed bug #33185 (--enable-session=shared does not build). (Jani) 11104- Fixed bug #33171 (foreach enumerates private fields declared in base 11105 classes). (Dmitry) 11106- Fixed bug #33167 (Possible crash inside pg_fetch_array()). (Ilia) 11107- Fixed bug #33164 (Soap extension incorrectly detects HTTP/1.1). (Ilia) 11108- Fixed bug #33156 (cygwin version of setitimer doesn't accept ITIMER_PROF). 11109 (Nuno) 11110- Fixed bug #33153 (crash in mssql_next result). (Frank) 11111- Fixed bug #33150 (shtool: insecure temporary file creation). (Jani) 11112- Fixed bug #33136 (method offsetSet in class extended from ArrayObject crash 11113 PHP). (Marcus) 11114- Fixed bug #33125 (imagecopymergegray() produces mosaic rainbow effect). 11115 (Pierre) 11116- Fixed bug #33116 (crash when assigning class name to global variable in 11117 __autoload). (Dmitry) 11118- Fixed bug #33090 (mysqli_prepare() doesn't return an error). (Georg) 11119- Fixed bug #33076 (str_ireplace() incorrectly counts result string length 11120 and may cause segfault). (Tony) 11121- Fixed bug #33072 (Add a safemode/open_basedir check for runtime 11122 "session.save_path" change using session_save_path() function). (Rasmus) 11123- Fixed bug #33070 (Improved performance of bzdecompress() by several orders 11124 of magnitude). (Ilia) 11125- Fixed bug #33059 (crash when moving xml attribute set in dtd). (Ilia) 11126- Fixed bug #33057 (Don't send extraneous entity-headers on a 304 as per 11127 RFC 2616 section 10.3.5) (Rasmus, Choitel) 11128- Fixed bug #33019 (socket errors cause memory leaks in php_strerror()). 11129 (jwozniak23 at poczta dot onet dot pl, Tony). 11130- Fixed bug #33017 ("make distclean" gives an error with VPATH build). (Jani) 11131- Fixed bug #33013 ("next month" was handled wrong while parsing dates). 11132 (Derick) 11133- Fixed bug #32993 (implemented Iterator function current() don't throw 11134 exception). (Dmitry) 11135- Fixed bug #32981 (ReflectionMethod::getStaticVariables() causes apache2.0.54 11136 seg fault). (Dmitry) 11137- Fixed bug #32956 (mysql_bind_result() doesn't support MYSQL_TYPE_NULL). 11138 (Georg) 11139- Fixed bug #32947 (Incorrect option for mysqli default password). (Georg) 11140- Fixed bug #32944 (Disabling session.use_cookies doesn't prevent reading 11141 session cookies). (Jani, Tony) 11142- Fixed bug #32941 (Sending structured SOAP fault kills a php). (Dmitry) 11143- Fixed bug #32937 (open_basedir looses trailing / in the limiter). 11144 (Adam Conrad) 11145- Fixed bug #32936 (http redirects URLs are not checked for control chars). 11146 (Ilia) 11147- Fixed bug #32933 (Cannot extend class "SQLiteDatabase"). (Marcus) 11148- Fixed bug #32932 (Oracle LDAP: ldap_get_entries(), invalid pointer). (Jani) 11149- Fixed bug #32930 (class extending DOMDocument doesn't clone properly). (Rob) 11150- Fixed bug #32924 (file included with "auto_prepend_file" can be included 11151 with require_once() or include_once()). (Stas) 11152- Fixed bug #32904 (pg_get_notify() ignores result_type parameter). (Tony) 11153- Fixed bug #32852 (Crash with singleton and __destruct when 11154 zend.ze1_compatibility_mode = On). (Dmitry) 11155- Fixed bug #32833 (Invalid opcode). (Dmitry) 11156- Fixed bug #32813 (parse_url() does not handle scheme-only urls properly). 11157 (Ilia) 11158- Fixed bug #32810 (temporary files not using plain file wrapper). (Ilia) 11159- Fixed bug #32809 (Missing T1LIB support on Windows). (Edin) 11160- Fixed bug #32802 (General cookie overrides more specific cookie). (Ilia) 11161- Fixed bugs #32800, #32830 (ext/odbc: Problems with 64bit systems). (Jani) 11162- Fixed bug #32799 (crash: calling the corresponding global var during the 11163 destruct). (Dmitry) 11164- Fixed bug #32776 (SOAP doesn't support one-way operations). (Dmitry) 11165- Fixed bug #32773 (GMP functions break when second parameter is 0). (Stas) 11166- Fixed bug #32759 (incorrect determination of default value (COM)). (Wez) 11167- Fixed bug #32758 (Cannot access safearray properties in VB6 objects). (Wez) 11168- Fixed bug #32755 (Segfault in replaceChild() when DocumentFragment has no 11169 children). (Rob) 11170- Fixed bug #32753 (Undefined constant SQLITE_NOTADB). (Ilia) 11171- Fixed bug #32742 (segmentation fault when the stream with a wrapper 11172 is not closed). (Tony, Dmitry) 11173- Fixed bug #32699 (pg_affected_rows() was defined when it was not available). 11174 (Derick) 11175- Fixed bug #32686 (Require/include file in destructor causes segfault). 11176 (Marcus) 11177- Fixed bug #32682 (ext/mssql: Error on module shutdown when called from 11178 activescript). (Frank) 11179- Fixed bug #32674 (exception in iterator causes crash). (Dmitry) 11180- Fixed bug #32660 (Assignment by reference causes crash when field access is 11181 overloaded (__get)). (Dmitry) 11182- Fixed bug #32647 (Using register_shutdown_function() with invalid callback 11183 can crash PHP). (Jani) 11184- Fixed bug #32615 (Segfault in replaceChild() using fragment when 11185 previousSibling is NULL). (Rob) 11186- Fixed bug #32613 (ext/snmp: use of snmp_shutdown() causes snmpapp.conf 11187 access errors). (Jani, ric at arizona dot edu) 11188- Fixed bug #32608 (html_entity_decode() converts single quotes even if 11189 ENT_NOQUOTES is given). (Ilia) 11190- Fixed bug #32596 (Segfault/Memory Leak by getClass (etc) in __destruct). 11191 (Dmitry) 11192- Fixed bug #32591 (ext/mysql: Unsatisfied symbol: ntohs with HP-UX). (Jani) 11193- Fixed bug #32589 (possible crash inside imap_mail_compose() function). 11194 (Ilia) 11195- Fixed bug #32589 (Possible crash inside imap_mail_compose, with charsets). 11196 (Ilia) 11197- Fixed bug #32587 (Apache2: errors sent to error_log do not include 11198 timestamps). (Jani) 11199- Fixed bug #32560 (configure looks for incorrect db2 library). (Tony) 11200- Fixed bug #32553 (mmap loads only the 1st 2000000 bytes on Win32). (Ilia) 11201- Fixed bug #32533 (proc_get_status() returns the incorrect process status). 11202 (Ilia) 11203- Fixed bug #32530 (chunk_split() does not append endstr if chunklen is 11204 longer then the original string). (Ilia) 11205- Fixed bug #32491 (File upload error - unable to create a temporary file). 11206 (Uwe Schindler) 11207- Fixed bug #32455 (wrong setting property to unset value). (Dmitry) 11208- Fixed bug #32429 (method_exists() always return TRUE if __call method 11209 exists). (Dmitry) 11210- Fixed bug #32428 (The @ warning error suppression operator is broken). 11211 (Dmitry) 11212- Fixed bug #32427 (Interfaces are not allowed 'static' access modifier). 11213 (Dmitry) 11214- Fixed bug #32405 (mysqli::fetch() returns bad data - 64bit problem). 11215 (Andrey) 11216- Fixed bug #32296 (get_class_methods() output has changed between 5.0.2 and 11217 5.0.3). (Dmitry) 11218- Fixed bug #32282 (Segfault in mysqli_fetch_array on 64-bit). (Georg) 11219- Fixed bug #32245 (xml_parser_free() in a function assigned to the xml 11220 parser gives a segfault). (Rob) 11221- Fixed bug #32179 (xmlrpc_encode() segfaults with recursive references). 11222 (Tony) 11223- Fixed bug #32171 (Userspace stream wrapper crashes PHP). (Tony, Dmitry) 11224- Fixed bug #32160 (copying a file into itself leads to data loss). (Ilia) 11225- Fixed bug #32139 (SOAP client does not auto-handle base64 encoding). (Ilia) 11226- Fixed bug #32109 ($_POST is not populated in multi-threaded environment). 11227 (Moriyoshi) 11228- Fixed bug #32080 (segfault when assigning object to itself with 11229 zend.ze1_compatibility_mode=On). (Dmitry) 11230- Fixed bug #32021 (Crash caused by range('', 'z')). (Derick) 11231- Fixed bug #32013 (ext/mysqli bind_result causes fatal error: memory limit). 11232 (Andrey) 11233- Fixed bug #32010 (Memory leak in mssql_fetch_batch). (fmk) 11234- Fixed bug #32009 (crash when mssql_bind() is called more than once). (Frank) 11235- Fixed bug #31971 (ftp_login fails on some SSL servers). 11236 (frantisek at augusztin dot com) 11237- Fixed bug #31887 (ISAPI: Custom 5xx error does not return correct HTTP 11238 response message). (Jani) 11239- Fixed bug #31828 (Crash with zend.ze1_compatibility_mode=On). (Dmitry) 11240- Fixed bug #31668 (multi_query works exactly every other time - multi query 11241 d/e flag global and not per connection). (Andrey) 11242- Fixed bug #31636 (another crash when echoing a COM object). (Wez) 11243- Fixed bug #31583 (php_std_date() uses short day names in non-y2k_compliance 11244 mode). (mike at php dot net) 11245- Fixed bug #31525 (object reference being dropped. $this getting lost). 11246 (Stas, Dmitry) 11247- Fixed bug #31502 (Wrong deserialization from session when using WDDX 11248 serializer). (Dmitry) 11249- Fixed bug #31478 (segfault with empty() / isset()). (Moriyoshi) 11250- Fixed bug #31465 (False warning in unpack() when working with *). (Ilia) 11251- Fixed bug #31363 (broken non-blocking flock()). (ian at snork dot net) 11252- Fixed bug #31358 (Older GCC versions do not provide portable va_copy()). 11253 (Jani) 11254- Fixed bug #31341 (escape on curly inconsistent). (Dmitry) 11255- Fixed bug #31256 (PHP_EVAL_LIBLINE configure macro does not handle 11256 -pthread). (Jani) 11257- Fixed bug #31213 (Side effects caused by fix of bug #29493). (Dmitry) 11258- Fixed bug #31177 (memory leaks and corruption because of incorrect 11259 refcounting). (Dmitry) 11260- Fixed bug #31158 (array_splice on $GLOBALS crashes). (Dmitry) 11261- Fixed bug #31054 (safe_mode & open_basedir checks only check first 11262 include_path value). (Ilia) 11263- Fixed bug #31033 (php:function(string, nodeset) with xsl:key crashes PHP). 11264 (Rob) 11265- Fixed bug #30961 (Wrong line number in ReflectionClass getStartLine()). 11266 (Dmitry) 11267- Fixed bug #30889 (Conflict between __get/__set and ++ operator). (Dmitry) 11268- Fixed bug #30833 (array_count_values() modifying input array). (Tony) 11269- Fixed bug #30828 (debug_backtrace() reports incorrect class in overridden 11270 methods). (Dmitry) 11271- Fixed bug #30820 (static member conflict with $this->member silently 11272 ignored). (Dmitry) 11273- Fixed bug #30819 (Better support for LDAP SASL bind). (Jani) 11274- Fixed bug #30791 (magic methods (__sleep/__wakeup/__toString) call 11275 __call if object is overloaded). (Dmitry) 11276- Fixed bug #30707 (Segmentation fault on exception in method). 11277 (Stas, Dmitry) 11278- Fixed bug #30702 (cannot initialize class variable from class constant). 11279 (Dmitry) 11280- Fixed bug #30578 (Output buffers flushed before calling __destruct() 11281 functions). (Jani) 11282- Fixed bug #30519 (Interface not existing says Class not found). (Dmitry) 11283- Fixed bug #30407 (Strange behavior of default arguments). (Dmitry) 11284- Fixed bug #30394 (Assignment operators yield wrong result with __get/__set). 11285 (Dmitry) 11286- Fixed bug #30332 (zend.ze1_compatibility_mode isn't fully compatible with 11287 array_push()). (Dmitry) 11288- Fixed bug #30162 (Catching exception in constructor causes lose of 11289 $this). (Dmitry) 11290- Fixed bug #30140 (Problem with array in static properties). (Dmitry) 11291- Fixed bug #30126 (Enhancement for error message for abstract classes). 11292 (Marcus) 11293- Fixed bug #30096 (gmmktime does not return the current time). (Derick) 11294- Fixed bug #30080 (Passing array or non array of objects). (Dmitry) 11295- Fixed bug #30052 (Crash on shutdown after odbc_pconnect()). (Edin) 11296- Fixed bug #29983 (PHP does not explicitly set mime type & charset). (Ilia) 11297- Fixed bug #29975 (memory leaks when set_error_handler() is used inside error 11298 handler). (Tony) 11299- Fixed bug #29971 (variables_order behavior). (Dmitry) 11300- Fixed bug #29944 (Function defined in switch, crashes). (Dmitry) 11301- Fixed bug #29896 (Backtrace argument list out of sync). (Dmitry) 11302- Fixed bug #29728 (Reflection API Feature: Default parameter value). (Marcus) 11303- Fixed bug #29689 (default value of protected member overrides default value 11304 of private and other private variable problems in inherited classes). (Stas) 11305- Fixed bug #29683 (headers_list() returns empty array). (Tony) 11306- Fixed bug #29583 (crash when echoing a COM object). (M.Sisolak, Wez) 11307- Fixed bug #29522 (accessing properties without connection). (Georg) 11308- Fixed bug #29361 (var_export() producing invalid code). (Derick) 11309- Fixed bug #29338 (unencoded spaces get ignored after certain tags). (Ilia) 11310- Fixed bug #29335 (fetch functions now use MYSQLI_BOTH as default). (Georg) 11311- Fixed bug #29334 (win32 mail() provides incorrect Date: header). (Jani) 11312- Fixed bug #29311 (calling parent constructor in mysqli). (Georg) 11313- Fixed bug #29268 (__autoload() not called with Reflection->getClass()). 11314 (Dmitry) 11315- Fixed bug #29256 (SOAP HTTP Error when envelop size is more than 24345 11316 bytes). (Dmitry, Wez) 11317- Fixed bug #29253 (array_diff with $GLOBALS argument fails). (Dmitry) 11318- Fixed bug #29236 (memory error when wsdl-cache is enabled). (Dmitry) 11319- Fixed bug #29210 (Function: is_callable - no support for private and 11320 protected classes). (Dmitry) 11321- Fixed bug #29109 (SoapFault exception: [WSDL] Out of memory). (Dmitry) 11322- Fixed bug #29104 (Function declaration in method doesn't work). (Dmitry) 11323- Fixed bug #29061 (soap extension segfaults). (Dmitry) 11324- Fixed bug #29015 (Incorrect behavior of member vars(non string ones)-numeric 11325 mem vars and others). (Dmitry) 11326- Fixed bug #28985 (__getTypes() returning nothing on complex WSDL). (Dmitry) 11327- Fixed bug #28969 (Wrong data encoding of special characters). (Dmitry) 11328- Fixed bug #28839 (SIGSEGV in interactive mode (php -a)). 11329 (kameshj at fastmail dot fm) 11330- Fixed bug #28605 (Need to use -[m]ieee option for Alpha CPUs). (Jani) 11331- Fixed bug #28568 (SAPI::known_post_content_types is not thread safe). 11332 (Moriyoshi) 11333- Fixed bug #28377 (debug_backtrace is intermittently passing args). (Dmitry) 11334- Fixed bug #28355 (glob wont error if dir is not readable). (Hartmut) 11335- Fixed bug #28072 (static array with some constant keys will be incorrectly 11336 ordered). (Dmitry) 11337- Fixed bug #27908 (xml default_handlers not being called). (Rob) 11338- Fixed bug #27598 (list() array key assignment causes HUGE memory leak). 11339 (Dmitry) 11340- Fixed bug #27268 (Bad references accentuated by clone). (Dmitry) 11341- Fixed bug #26456 (Wrong results from Reflection-API getDocComment() when 11342 called via STDIN). (Dmitry) 11343- Fixed bug #25922 (In error handler, modifying 5th arg (errcontext) may 11344 result in seg fault). (Dmitry) 11345- Fixed bug #25359 (array_multisort() doesn't work in a function if array is 11346 global or reference). (Dmitry) 11347- Fixed bug #22836 (returning reference to uninitialized variable). (Dmitry) 11348- Fixed bug #21306 (ext/sesssion: catch bailouts of write handler during 11349 RSHUTDOWN). (Jani, Xuefer at 21cn dot com) 11350- Fixed bug #15854 (boolean ini options may be incorrectly displayed as Off 11351 when they are On). (Tony) 11352- Fixed bugs #14561, #20382, #26090, #26320, #28024, #30532, #32086, #32270, 11353 #32555, #32588, #33056 (strtotime() related bugs). (Derick) 11354 1135531 Mar 2005, PHP 5.0.4 11356- Added SNMPv2 support. (harrie) 11357- Added Oracle Instant Client support. (cjbj at hotmail dot com, Tony) 11358- Added length and charsetnr for field array and object in mysqli. (Georg) 11359- Added checks for negative values to gmp_sqrt(), gmp_powm(), gmp_sqrtrem() 11360 and gmp_fact() to prevent SIGFPE. (Tony) 11361- Changed foreach() to throw an exception if IteratorAggregate::getIterator() 11362 does not return an Iterator. (Marcus) 11363- Changed phpize not to require libtool. (Jani) 11364- Updated bundled oniguruma library (used for multibyte regular expression) 11365 to 3.7.0. (Moriyoshi) 11366- Updated bundled libmbfl library (used for multibyte functions). (Moriyoshi) 11367 Fixed bugs: 11368 . Bug #32311 (mb_encode_mimeheader() does not properly escape characters) 11369 . Bug #32063 (mb_convert_encoding ignores named entity 'alpha') 11370 . Bug #31911 (mb_decode_mimeheader() is case-sensitive to hex escapes) 11371 . bug #30573 (compiler warnings in libmbfl due to invalid type cast) 11372 . Bug #30549 (incorrect character translations for some ISO8859 charsets). 11373- Fixed bug preventing from building oci8 as shared. 11374 (stanislav dot voroniy at portavita dot nl, Tony) 11375- Fixed a bug in mysql_affected_rows and mysql_stmt_affected_rows when the 11376 api function returns -1 (Georg) 11377- Fixed several leaks in ext/browscap and sapi/embed. (Andrei) 11378- Fixed several leaks in ext/filepro. (Tony) 11379- Fixed build system to always use bundled libtool files. (Jani) 11380- Fixed a bug in mysqli_stmt_execute() (type conversion with NULL values). 11381 (Georg) 11382- Fixed segfault in mysqli_fetch_field_direct() when invalid field offset 11383 is passed. (Tony) 11384- Fixed posix_getsid() & posix_getpgid() to return sid & pgid instead 11385 of true. (Tony) 11386- Fixed bug #32394 (offsetUnset() segfaults in a foreach). (Marcus) 11387- Fixed bug #32373 (segfault in bzopen() if supplied path to non-existent 11388 file). (Tony) 11389- Fixed bug #32326 (Check values of Connection/Transfer-Encoding 11390 case-incentively in SOAP extension). (Ilia) 11391- Fixed bug #32290 (call_user_func_array() calls wrong class method within 11392 child class). (Marcus) 11393- Fixed bug #32238 (spl_array.c: void function cannot return value). (Johannes) 11394- Fixed bug #32210 (proc_get_status() sets "running" always to true). (Ilia) 11395- Fixed bug #32200 (Prevent using both --with-apxs2 and --with-apxs2filter). 11396 (Jani) 11397- Fixed bug #32134 (Overloading offsetGet/offsetSet). (Marcus) 11398- Fixed bug #32130 (ArrayIterator::seek() does not throw an Exception on 11399 invalid index). (Marcus) 11400- Fixed bug #32115 (dateTime SOAP encoding of timezone incorrect). (Dmitry) 11401- Fixed bug #32081 (in mysqli default socket value is not being used). (Ilia) 11402- Fixed bug #32021 (Crash caused by range('', 'z')). (Derick) 11403- Fixed bug #32011 (Fragments which replaced Nodes are not globaly useable). 11404 (Rob) 11405- Fixed bug #32001 (xml_parse_into_struct() function exceeds maximum 11406 execution time). (Rob, Moriyoshi) 11407- Fixed bug #31980 (Unicode exif data not available on Windows). (Edin) 11408- Fixed bug #31960 (msql_fetch_row() and msql_fetch_array() dropping columns 11409 with NULL values). (Daniel Convissor) 11410- Fixed bug #31878 (Segmentation fault using clone keyword on nodes). (Rob) 11411- Fixed bug #31858 (--disable-cli does not force --without-pear). (Jani) 11412- Fixed bug #31842 (*date('r') does not return RFC2822 conforming date string). 11413 (Jani) 11414- Fixed bug #31832 (SOAP encoding problem with complex types in WSDL mode with 11415 multiple parts). (Dmitry) 11416- Fixed bug #31797 (exif_read_data() uses too low nesting limit). (Ilia) 11417- Fixed bug #31796 (readline completion handler does not handle empty return 11418 values). (Ilia) 11419- Fixed bug #31792 (getrusage() does not provide ru_nswap value). (Ilia) 11420- Fixed bug #31755 (Cannot create SOAP header in no namespace). (Dmitry) 11421- Fixed bug #31754 (dbase_open() fails for mode = 1). (Mehdi, Derick) 11422- Fixed bug #31751 (pg_parameter_status() missing on Windows). (Edin) 11423- Fixed bug #31747 (SOAP Digest Authentication doesn't work with 11424 "HTTP/1.1 100 Continue" response). (Dmitry) 11425- Fixed bug #31732 (mb_get_info() causes segfault when no parameters 11426 specified). (Tony) 11427- Fixed bug #31710 (Wrong return values for mysqli_autocommit/commit/rollback). 11428 (Georg) 11429- Fixed bug #31705 (parse_url() does not recognize http://foo.com#bar). (Ilia) 11430- Fixed bug #31695 (Cannot redefine endpoint when using WSDL). (Dmitry) 11431- Fixed bug #31684 (dio_tcsetattr(): misconfigured termios settings). 11432 (elod at itfais dot com) 11433- Fixed bug #31683 (changes to $name in __get($name) override future 11434 parameters) (Dmitry) 11435- Fixed bug #31699 (unserialize() float problem on non-English locales). (Ilia) 11436- Fixed bug #31562 (__autoload() problem with static variables). (Marcus) 11437- Fixed bug #31651 (ReflectionClass::getDefaultProperties segfaults with arrays). 11438 (Marcus) 11439- Fixed bug #31623 (OCILogin does not support password grace period). 11440 (daniel dot beet at accuratesoftware dot com, Tony) 11441- Fixed bug #31527 (crash in msg_send() when non-string is stored without 11442 being serialized). (Ilia) 11443- Fixed bug #31515 (Improve performance of scandir() by factor of 10 or so). (Ilia) 11444- Fixed bug #31514 (open_basedir uses path_translated rather then cwd for . 11445 translation). (Ilia) 11446- Fixed bug #31480 (Possible infinite loop in imap_mail_compose()). (Ilia) 11447- Fixed bug #31479 (Fixed crash in chunk_split(), when chunklen > strlen). (Ilia) 11448- Fixed bug #31454 (session_set_save_handler crashes PHP when supplied 11449 non-existent object ref). (Tony) 11450- Fixed bug #31444 (Memory leak in zend_language_scanner.c). 11451 (hexer at studentcenter dot org) 11452- Fixed bug #31442 (unserialize broken on 64-bit systems). (Marcus) 11453- Fixed bug #31440 ($GLOBALS can be overwritten via GPC when register_globals 11454 is enabled). (Ilia) 11455- Fixed bug #31422 (No Error-Logging on SoapServer-Side). (Dmitry) 11456- Fixed bug #31413 (curl POSTFIELDS crashes on 64-bit platforms). (Joe) 11457- Fixed bug #31396 (compile fails with gd 2.0.33 without freetype). (Jani) 11458- Fixed bug #31371 (highlight_file() trims new line after heredoc). (Ilia) 11459- Fixed bug #31361 (simplexml/domxml segfault when adding node twice). (Rob) 11460- Fixed bug #31348 (CachingIterator::rewind() leaks). (Marcus) 11461- Fixed bug #31346 (ArrayIterator::next segfaults). (Marcus) 11462- Fixed bug #31190 (Unexpected warning then exception is thrown from 11463 call_user_func_array()). (phpbugs at domain51 dot net, Dmitry) 11464- Fixed bug #31142 (imap_mail_compose() fails to generate correct output). (Ilia) 11465- Fixed bug #31139 (XML Parser Functions seem to drop & when parsing). (Rob) 11466- Fixed bug #31398 (When magic_guotes_gpc are enabled filenames with ' get cutoff). 11467 (Ilia) 11468- Fixed bug #31288 (Possible crash in mysql_fetch_field(), if mysql_list_fields() 11469 was not called previously). (Ilia) 11470- Fixed bug #31107, #31110, #31111, #31249 (Compile failure of zend_strtod.c). 11471 (Jani) 11472- Fixed bug #31110 (PHP 4.3.10 does not compile on Tru64 UNIX 5.1B). (Derick) 11473- Fixed bug #31107 (Compile failure on Solaris 9 (Intel) and gcc 3.4.3). (Derick) 11474- Fixed bug #31103 (Better error message when c-client cannot be found). (Ilia) 11475- Fixed bug #31101 (missing kerberos header file path with --with-openssl). (Jani) 11476- Fixed bug #31098 (isset() / empty() incorrectly return true in dereference of 11477 a string type). (Moriyoshi) 11478- Fixed bug #31087 (broken php_url_encode_hash macro). (Ilia) 11479- Fixed bug #31072 (var_export() does not output an array element with an empty 11480 string key). (Derick) 11481- Fixed bug #31060 (imageftbbox() does not use linespacing parameter). (Jani) 11482- Fixed bug #31056 (php_std_date() returns invalid formatted date if 11483 y2k_compliance is On). (Ilia) 11484- Fixed bug #31055 (apache2filter: per request leak proportional to the full 11485 path of the request URI). (kameshj at fastmail dot fm) 11486- Fixed bug #30901 (can't send cookies with soap envelop). (Dmitry) 11487- Fixed bug #30871 (Misleading warning message for array_combine()). (Andrey) 11488- Fixed bug #30868 (evaluated pointer comparison in mbregex causes compile 11489 failure). (Moriyoshi) 11490- Fixed bug #30862 (Static array with boolean indexes). (Marcus) 11491- Fixed bug #30726 (-.1 like numbers are not being handled correctly). (Ilia) 11492- Fixed bug #30725 (PHP segfaults when an exception is thrown in getIterator() 11493 within foreach). (Marcus) 11494- Fixed bug #30609 (cURL functions bypass open_basedir). (Jani) 11495- Fixed bug #30446 (apache2handler: virtual() includes files out of sequence) 11496- Fixed bug #30430 (odbc_next_result() doesn't bind values and that results 11497 in segfault). (pdan-php at esync dot org, Tony) 11498- Fixed bug #30266 (Invalid opcode 137/1/8). (Marcus) 11499- Fixed bug #30120 imagettftext() and imagettfbbox() accept too many 11500 parameters). (Jani) 11501- Fixed bug #30106 (SOAP cannot not parse 'ref' element. Causes Uncaught 11502 SoapFault exception). (Dmitry) 11503- Fixed bug #29989 (type re_registers redefined in oniguruma.h). (Moriyoshi) 11504- Fixed bug #28803 (enabled debug causes bailout errors with CLI on AIX 11505 because of fflush() called on already closed filedescriptor). (Tony) 11506- Fixed bug #29767 (Weird behaviour of __set($name, $value)). (Dmitry) 11507- Fixed bug #29733 (printf() handles repeated placeholders wrong). 11508 (bugs dot php dot net at bluetwanger dot de, Ilia) 11509- Fixed bug #29424 (width and height inverted for JPEG2000 files). (Ilia) 11510- Fixed bug #29329 (configure for mysqli with shared doesn't work). (Georg) 11511- Fixed bug #29136 (make test - libtool failure on MacOSX). (Jani) 11512- Fixed bug #28976 (mail(): use "From:" from headers if sendmail_from is empty). 11513 (Jani) 11514- Fixed bug #28930 (PHP sources pick wrong header files generated by bison). 11515 (eggert at gnu dot org, Jani) 11516- Fixed bug #28840 (__destruct of a class that extends mysqli not called). 11517 (Marcus) 11518- Fixed bug #28804 (ini-file section parsing pattern is buggy). 11519 (wendland at scan-plus dot de) 11520- Fixed bug #28451 (corrupt EXIF headers have unlimited recursive IFD directory 11521 entries). (Andrei) 11522- Fixed bug #28444 (Cannot access undefined property for object with overloaded 11523 property access). (Dmitry) 11524- Fixed bug #28442 (Changing a static variables in a class changes it across 11525 sub/super classes.) (Marcus) 11526- Fixed bug #28324 (HTTP_SESSION_VARS appear when register_long_arrays is 11527 Off). (Tony) 11528- Fixed bug #28074 (FastCGI: stderr should be written in a FCGI stderr stream). 11529 (chris at ex-parrot dot com) 11530- Fixed bug #28067 (partially incorrect utf8 to htmlentities mapping). (Derick, 11531 Benjamin Greiner) 11532- Fixed bug #28041 (SOAP HTTP Digest Access Authentication). (Dmitry) 11533- Fixed bug #27633 (Double \r problem on ftp_get in ASCII mode on Win32). (Ilia) 11534- Fixed bug #18613 (Multiple OUs in x509 certificate not handled properly). 11535 (Jani) 11536 1153715 Dec 2004, PHP 5.0.3 11538- Added the %F modifier to *printf to render a non-locale-aware representation 11539 of a float with the . as decimal seperator. (Derick) 11540- Fixed error handling in mysqli_multi_query. (Georg) 11541- Extended the functionality of is_subclass_of() to accept either a class name 11542 or an object as first parameter. (Andrey) 11543- Fixed potential problems with unserializing invalid serialize data. (Marcus) 11544- Fixed bug #32076 (ReflectionMethod::isDestructor() always return true). 11545 (Derick, Tony) 11546- Fixed bug #31034 (Problem with non-existing iconv header file). (Derick) 11547- Fixed bug #30995 (snmp extension does not build with net-snmp 5.2). (Ilia) 11548- Fixed bug #30994 (SOAP server unable to handle request with references). 11549 (Dmitry) 11550- Fixed bug #30990 (allow popen() on *NIX to accept 'b' flag). (Ilia) 11551- Fixed bug #30967 (properties in extended mysqli classes don't work). (Georg) 11552- Fixed bug #30928 (When Using WSDL, SoapServer doesn't handle private or 11553 protected properties). (Dmitry) 11554- Fixed bug #30922 (reflective functions crash PHP when interfaces extend 11555 themselves). (Tony, Dmitry) 11556- Fixed bug #30904 (segfault when recording soapclient into session). (Tony, 11557 Dmitry) 11558- Fixed bug #30890 (MySQLi testsuite) 11559- Fixed bug #30856 (ReflectionClass::getStaticProperties segfaults). (Marcus) 11560- Fixed bug #30832 ("!" stripped off comments in xml parser). (Rob) 11561- Fixed bug #30799 (SoapServer doesn't handle private or protected properties). 11562 (Dmitry) 11563- Fixed bug #30783 (Apache crash when using ReflectionFunction:: 11564 getStaticVariables()). (Marcus) 11565- Fixed bug #30750 (Meaningful error message when upload directory is not 11566 accessible). (Ilia) 11567- Fixed bug #30685 (Malformed SOAPClient http header reequest). (Dmitry) 11568- Fixed bug #30672 (Problem handling exif data in jpeg images at unusual 11569 places). (Marcus) 11570- Fixed bug #30658 (Ensure that temporary files created by GD are removed). 11571 (Ilia) 11572- Fixed bug #30645 (def. multi result set support for mysql_connect). (Georg) 11573- Fixed bug #30637 (compile with pear error). (Antony) 11574- Fixed bug #30587 (array_multisort doesn't separate zvals before 11575 changing them). (Tony) 11576- Fixed bug #30572 (crash when comparing SimpleXML attribute to a boolean). 11577 (Andi) 11578- Fixed bug #30566 (attribute namespace URIs are inconsistent when parsing). 11579 (Rob) 11580- Fixed bug #30490 (PEAR installation fails). (Antony) 11581- Fixed bug #30475 (curl_getinfo() may crash in some situations). (Ilia) 11582- Fixed bug #30442 (segfault when parsing ?getvariable[][ ). (Tony) 11583- Fixed bug #30388 (rename across filesystems loses ownership and 11584 permission info). (Tony) 11585- Fixed bug #30387 (stream_socket_client async connect was broken). 11586 (vnegrier at esds dot com, Wez). 11587- Fixed bug #30381 (Strange results with get_class_vars()). (Marcus) 11588- Fixed bug #30375 (cal_info() does not work without a parameter). (Ilia) 11589- Fixed bug #30362 (stream_get_line() not handling end string correctly). 11590 (Ilia) 11591- Fixed bug #30359 (SOAP client requests have no port in "Host" field). 11592 (Dmitry) 11593- Fixed bug #30356 (str_ireplace() does not work on all strings). (Ilia) 11594- Fixed bug #30344 (Reflection::getModifierNames() returns too long strings). 11595 (Marcus) 11596- Fixed bug #30329 (Error Fetching http body, No Content-Length, connection 11597 closed or chunked data). (Dmitry) 11598- Fixed bug #30282 (segfault when using unknown/unsupported 11599 session.save_handler and/or session.serialize_handler). (Tony) 11600- Fixed bug #30281 (Prevent non-wbmp images from being detected as such). 11601 (Ilia) 11602- Fixed bug #30276 (Possible crash in ctype_digit on large numbers). (Ilia) 11603- Fixed bug #30230 (exception handler not working with objects). (Marcus) 11604- Fixed bug #30224 (Sybase date strings are sometimes not null terminated). 11605 (Ilia) 11606- Fixed bug #30175 (SOAP results aren't parsed correctly). (Dmitry) 11607- Fixed bug #30147 (OO sqlite_fetch_object did not reset error handler). (Wez) 11608- Fixed bug #30133 (get_current_user() crashes on Windows). (Edin) 11609- Fixed bug #30061 (xml_set_start_namespace_decl_handler not called). (Rob) 11610- Fixed bug #30057 (did not detect IPV6 on FreeBSD 4.1). (Wez) 11611- Fixed bug #30042 (strtotime does not use second param). (Derick) 11612- Fixed bug #30027 (Possible crash inside ftp_get()). 11613 (cfield at affinitysolutions dot com) 11614- Fixed bug #29954 (array_reduce segfaults when initial value is array). (Tony) 11615- Fixed bug #29883 (isset gives invalid values on strings). (Tony, Dmitry) 11616- Fixed bug #29801 (Set limit on the size of mmapable data). (Ilia) 11617- Fixed bug #29557 (strtotime error). (Derick) 11618- Fixed bug #29418 (double free when openssl_csr_new fails). 11619 (Kamesh Jayachandran). 11620- Fixed bug #29385 (Soapserver always uses std class). (David, Dmitry) 11621- Fixed bug #29211 (SoapClient doesn't request wsdl through proxy). (Rob) 11622- Fixed bug #28817 (Var problem when extending domDocument). (Georg) 11623- Fixed bug #28599 (strtotime fails with zero base time). (Derick) 11624- Fixed bug #28598 (Lost support for MS Symbol fonts). (Pierre) 11625- Fixed bug #28220 (mb_strwidth() returns wrong width values for some hangul 11626 characters). (Moriyoshi) 11627- Fixed bug #28228 (NULL decimal separator is not being handled correctly). 11628 (Ilia) 11629- Fixed bug #28209 (strtotime("now")). (Derick) 11630- Fixed bug #27798 (private / protected variables not exposed by 11631 get_object_vars() inside class). (Marcus) 11632- Fixed bug #27728 (Can't return within a zend_try {} block or the previous 11633 bailout state isn't restored. (Andi) 11634- Fixed bug #27183 (Userland stream wrapper segfaults on stream_write). 11635 (Christian) 11636 1163723 Sep 2004, PHP 5.0.2 11638- Added new boolean (fourth) parameter to array_slice() that turns on the 11639 preservation of keys in the returned array. (Derick) 11640- Added the sorting flag SORT_LOCALE_STRING to the sort() functions which makes 11641 them sort based on the current locale. (Derick) 11642- Added interface_exists() and make class_exists() only return true for real 11643 classes. (Andrey) 11644- Added PHP_EOL constant that contains the OS way of representing newlines. 11645 (Paul Hudson, Derick) 11646- Implemented periodic PCRE compiled regexp cache cleanup, to avoid memory 11647 exhaustion. (Andrei) 11648- Renamed SoapClient->__call() to SoapClinet->__soapCall(). (Dmitry) 11649- Fixed bug with raw_post_data not getting set (Brian) 11650- Fixed a file-descriptor leak with phpinfo() and other 'special' URLs (Zeev) 11651- Fixed bug #30209 (ReflectionClass::getMethod() lowercases attribute). 11652 (Marcus) 11653- Fixed bug #30182 (SOAP module processing WSDL file dumps core). (Dmitry) 11654- Fixed bug #30045 (Cannot pass big integers (> 2147483647) in SOAP requests). 11655 (Dmitry) 11656- Fixed bug #29985 (unserialize()/ __PHP_Incomplete_class does not report 11657 correctly class name). (Marcus, Tony) 11658- Fixed bug #29945 (simplexml_load_file URL limitation 255 char). (Rob) 11659- Fixed bug #29873 (No defines around pcntl_*priority definitions). (Derick) 11660- Fixed bug #29844 (SOAP doesn't return the result of a valid SOAP request). 11661 (Dmitry) 11662- Fixed bug #29842 (soapclient return null value). (Dmitry) 11663- Fixed bug #29839 (incorrect convert (xml:lang to lang)). (Dmitry) 11664- Fixed bug #29830 (SoapServer::setClass() should not export non-public 11665 methods). (Dmitry) 11666- Fixed bug #29828 (Interfaces no longer work). (Marcus) 11667- Fixed bug #29821 (Fixed possible crashes in convert_uudecode() on invalid 11668 data). (Ilia) 11669- Fixed bug #29808 (array_count_values() breaks with numeric strings). (Ilia) 11670- Fixed bug #29805 (HTTP Authentication Issues). (Uwe Schindler) 11671- Fixed bug #29795 (SegFault with Soap and Amazon's Web Services). (Dmitry) 11672- Fixed bug #29737 (ip2long should return -1 if IP is 255.255.255.255 and FALSE 11673 on error). (Tony) 11674- Fixed bug #29711 (Changed ext/xml to default to UTF-8 output). (Rob) 11675- Fixed bug #29678 (opendir() with ftp:// wrapper segfaults if path does not 11676 have trailing slash). (Ilia) 11677- Fixed bug #29657 (xml_* functions throw non descriptive error). 11678 (Christian, Rob) 11679- Fixed bug #29656 (segfault on result and statement properties). (Georg) 11680- Fixed bug #29566 (foreach/string handling strangeness (crash)). (Dmitry) 11681- Fixed bug #29447 (Reflection API issues). (Marcus) 11682- Fixed bug #29296 (Added sslv2 and sslv3 transports). (Wez) 11683- Fixed bug #29283 (Invalid statement handle in mysqli on execute). (Georg) 11684- Fixed bug #29913 (parse_url() is now binary safe). (Ilia) 11685- Fixed bug #27994 (segfault with Soapserver when WSDL-Cache is enabled). 11686 (Dmitry) 11687- Fixed bug #27791 (Apache 2.0 SAPI build against Apache 2 HEAD). (Joe Orton, 11688 Derick) 11689- Fixed bug #26737 (private/protected properties not serialized when user 11690 declared method __sleep() exists). E_NOTICE thrown when __sleep() returns 11691 name of non-existing member. (Andrey, Curt) 11692 1169312 Aug 2004, PHP 5.0.1 11694- Changed destructor mechanism so that destructors are called prior to request 11695 shutdown. (Marcus) 11696- Rewritten UNIX and Windows install help files. (Documentation Team) 11697- Updated several libraries bundled with the windows release which now 11698 includes libxml2-2.6.11, libxslt-1.1.7 and iconv-1.9.1. (Rob, Edin) 11699- Improved and moved ActiveScript SAPI to PECL. (Wez) 11700- Fixed bug #29606 (php_strip_whitespace() prints to stdout rather then 11701 returning the value). (Ilia) 11702- Fixed bug #29577 (MYSQLI_CLIENT_FOUND_ROWS undefined) (Georg) 11703- Fixed bug #29573 (Segmentation fault, when exception thrown within 11704 PHP function called from XSLT). (Christian) 11705- Fixed bug #29522 (accessing properties without connection) (Georg) 11706- Fixed bug #29505 (get_class_vars() severely broken when used with arrays). 11707 (Marcus) 11708- Fixed bug #29490 (.Net object instantiation failed). (Michael Sisolak). 11709- Fixed bug #29474 (win32: usleep() doesn't work). (Wez) 11710- Fixed bug #29449 (win32: feof() hangs on empty tcp stream). (Wez) 11711- Fixed bug #29437 (Possible crash inside array_walk_recursive()). (Ilia) 11712- Fixed bug #29431 (crash when parsing invalid address; invalid address 11713 returned by stream_socket_recvfrom(), stream_socket_getname()). (Wez) 11714- Fixed bug #29409 (Segfault in PHP functions called from XSLT). (Rob) 11715- Fixed unloading of dynamically loaded extensions. 11716 (Marcus, kameshj at fastmail dot fm) 11717- Fixed bug #29395 (sqlite_escape_string() returns bogus data on empty 11718 strings). (Ilia, Tony) 11719- Fixed bug #29392 (com_dotnet crashes when echo'ing an object). (Wez) 11720- Fixed bug #29368 (The destructor is called when an exception is thrown from 11721 the constructor). (Marcus) 11722- Fixed bug #29354 (Exception constructor marked as both public and protected). 11723 (Marcus) 11724- Fixed bug #29342 (strtotime() does not handle empty date string properly). 11725 (Ilia) 11726- Fixed bug #29340 (win32 build produces invalid php_ifx.dll). (Edin) 11727- Fixed bug #29335 (fetch functions now use MYSQLI_BOTH as default) (Georg) 11728- Fixed bug #29291 (get_class_vars() return names with NULLs). (Marcus) 11729- Fixed bug #29264 (gettext extension not working). (Edin) 11730- Fixed bug #29258 (variant_date_from_timestamp() does not honour 11731 timezone). (Wez) 11732- Fixed bug #29256 (error when sending large packets on a socket). (Dmitry) 11733- Fixed bug #29236 (memory error when wsdl-cache is enabled). (Dmitry) 11734- Fixed bug #29147 (Compile Error in mnoGoSearch functions). (Sergey, Antony) 11735- Fixed bug #29132 ($_SERVER["PHP_AUTH_USER"] isn't defined). (Stefan) 11736- Fixed bug #29119 (html_entity_decode() misbehaves with UTF-8). (Moriyoshi) 11737- Fixed bug #29109 (SoapFault exception: [WSDL] Out of memory). (Dmitry) 11738- Fixed bug #29061 (soap extension segfaults). (Dmitry) 11739- Fixed bug #28985 (__getTypes() returning nothing on complex WSDL). (Dmitry) 11740- Fixed bug #28969 (Wrong data encoding of special characters). (Dmitry) 11741- Fixed bug #28895 (ReflectionClass::isAbstract always returns false). (Marcus) 11742- Fixed bug #28829 (Thread-unsafety in bcmath elementary values). (Sara) 11743- Fixed bug #28464 (catch() does not catch exceptions by interfaces). (Marcus) 11744- Fixed bug #27669 (PHP 5 didn't support all possibilities for calling static 11745 methods dynamically). (Dmitry) 11746- Fixed ReflectionClass::getMethod() and ReflectionClass::getProperty() to 11747 raise an ReflectionException instead of returning NULL on failure. 11748 (Sebastian) 11749- Fixed convert.* filters to consume remaining buckets_in on flush. (Sara) 11750- Fixed bug in mysqli->client_version. (Georg) 11751 1175213 Jul 2004, PHP 5.0.0 11753- Updated PCRE to provide better error handling in certain cases. (Andrei) 11754- Changed doc comments to require a single white space after '/**'. (Marcus) 11755- Fixed bug #29019 (Database not closing). (Marcus) 11756- Fixed bug #29008 (array_combine() does not handle non-numeric/string keys). 11757 (Ilia) 11758- Fixed bug #28999 (fixed behaviour of exec() to work as it did in 4.X). (Ilia) 11759- Fixed bug #28868 (Internal filter registry not thread safe). (Sara) 11760- Fixed bug #28851 (call_user_func_array has typo in error message). (Marcus) 11761- Fixed bug #28831 (ArrayObject::offsetGet() does the work of offsetUnset()). 11762 (Marcus) 11763- Fixed bug #28822 (ArrayObject::offsetExists() works inverted). (Marcus) 11764- Fixed bug #28789 (ReflectionProperty getValue() fails on public static 11765 members). (Marcus) 11766- Fixed bug #28771 (Segfault when using xslt and clone). (Rob) 11767- Fixed bug #28751 (SoapServer does not call _autoload()). (Dmitry) 11768- Fixed bug #28739 (array_*diff() and array_*intersect() not clearing the fci 11769 cache before work). (Andrey) 11770- Fixed bug #28721 (appendChild() and insertBefore() unset DOMText).(Rob) 11771- Fixed bug #28702 (SOAP does not parse WSDL service address correctly). (Dmitry) 11772- Fixed bug #28699 (Reflection api bugs). (Marcus) 11773- Fixed bug #28694 (ReflectionExtension::getFunctions() crashes PHP). (Marcus) 11774- Fixed bug #28512 (Allocate enough space to store MSSQL data). (Frank) 11775- Fixed strip_tags() to correctly handle '\0' characters. (Stefan) 11776
