php 7.0.8 リリース

Version 7.0.8

  • Core:
    • Fixed bug #72218 (If host name cannot be resolved then PHP 7 crashes).
    • Fixed bug #72221 (segfault, past-the-end access).
    • Fixed bug #72268 (Integer Overflow in nl2br()).
    • Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/ json_utf8_to_utf16()).
    • Fixed bug #72400 (Integer Overflow in addcslashes/addslashes).
    • Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL).
  • FPM:
    • Fixed bug #72308 (fastcgi_finish_request and logging environment variables).
  • GD:
    • Fixed bug #72298 (pass2_no_dither out-of-bounds access).
    • Fixed bug #72337 (invalid dimensions can lead to crash) (Pierre)
    • Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in heap overflow).
    • Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert).
  • Intl:
    • Fixed bug #64524 (Add intl.use_exceptions to php.ini-*).
  • mbstring:
    • Fixed bug #72402 (_php_mb_regex_ereg_replace_exec – double free).
  • mcrypt:
    • Fixed bug #72455 (Heap Overflow due to integer overflows).
  • PCRE:
    • Fixed bug #72143 (preg_replace uses int instead of size_t).
  • PDO_pgsql:
    • Fixed bug #71573 (Segfault (core dumped) if paramno beyond bound).
    • Fixed bug #72294 (Segmentation fault/invalid pointer in connection with pgsql_stmt_dtor).
  • Phpdbg:
    • Fixed bug #72284 (phpdbg fatal errors with coverage).
  • Postgres:
    • Fixed bug #72195 (pg_pconnect/pg_connect cause use-after-free).
    • Fixed bug #72197 (pg_lo_create arbitrary read).
  • SPL:
    • Fixed bug #72262 (int/size_t confusion in SplFileObject::fread).
    • Fixed bug #72433 (Use After Free Vulnerability in PHP’s GC algorithm and unserialize).
  • Standard:
    • Fixed bug #72017 (range() with float step produces unexpected result).
    • Fixed bug #72193 (dns_get_record returns array containing elements of type ‘unknown’).
    • Fixed bug #72229 (Wrong reference when serialize/unserialize an object).
    • Fixed bug #72300 (ignore_user_abort(false) has no effect).
  • XML:
    • Fixed bug #72206 (xml_parser_create/xml_parser_free leaks mem).
  • XMLRPC:
    • Fixed bug #72155 (use-after-free caused by get_zval_xmlrpc_type).
  • WDDX:
    • Fixed bug #72340 (Double Free Courruption in wddx_deserialize).
  • Zip:
    • Fixed bug #72258 (ZipArchive converts filenames to unrecoverable form).
    • Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and unserialize).

トラックバックURL

http://www.10yendama.com/archives/1998/trackback

コメントを残す

メールアドレスが公開されることはありません。 * が付いている欄は必須項目です