php 7.0.10 リリース

Version 7.0.10

  • Core:
    • Fixed bug #72629 (Caught exception assignment to variables ignores references).
    • Fixed bug #72594 (Calling an earlier instance of an included anonymous class fatals).
    • Fixed bug #72581 (previous property undefined in Exception after deserialization).
    • Fixed bug #72496 (Cannot declare public method with signature incompatible with parent private method).
    • Fixed bug #72024 (microtime() leaks memory).
    • Fixed bug #71911 (Unable to set –enable-debug on building extensions by phpize on Windows).
    • Fixed bug causing ClosedGeneratorException being thrown into the calling code instead of the Generator yielding from.
    • Implemented FR #72614 (Support “nmake test” on building extensions by phpize).
    • Fixed bug #72641 (phpize (on Windows) ignores PHP_PREFIX).
    • Fixed potential segfault in object storage freeing in shutdown sequence.
    • Fixed bug #72663 (Create an Unexpected Object and Don’t Invoke __wakeup() in Deserialization).
    • Fixed bug #72681 (PHP Session Data Injection Vulnerability).
    • Fixed bug #72683 (getmxrr broken).
    • Fixed bug #72742 (memory allocator fails to realloc small block to large one).
  • Bz2:
    • Fixed bug #72837 (integer overflow in bzdecompress caused heap corruption).
  • Calendar:
    • Fixed bug #67976 (cal_days_month() fails for final month of the French calendar).
    • Fixed bug #71894 (AddressSanitizer: global-buffer-overflow in zif_cal_from_jd).
  • COM:
    • Fixed bug #72569 (DOTNET/COM array parameters broke in PHP7).
  • CURL:
    • Fixed bug #71709 (curl_setopt segfault with empty CURLOPT_HTTPHEADER).
    • Fixed bug #71929 (CURLINFO_CERTINFO data parsing error).
    • Fixed bug #72674 (Heap overflow in curl_escape).
  • DOM:
    • Fixed bug #66502 (DOM document dangling reference).
  • EXIF:
    • Fixed bug #72735 (Samsung picture thumb not read (zero size)).
    • Fixed bug #72627 (Memory Leakage In exif_process_IFD_in_TIFF).
  • Filter:
    • Fixed bug #71745 (FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8 range).
  • FPM:
    • Fixed bug #72575 (using –allow-to-run-as-root should ignore missing user).
  • GD:
    • Fixed bug #72596 (imagetypes function won’t advertise WEBP support).
    • Fixed bug #72604 (imagearc() ignores thickness for full arcs).
    • Fixed bug #70315 (500 Server Error but page is fully rendered).
    • Fixed bug #43828 (broken transparency of imagearc for truecolor in blendingmode).
    • Fixed bug #66555 (Always false condition in ext/gd/libgd/gdkanji.c).
    • Fixed bug #68712 (suspicious if-else statements).
    • Fixed bug #72697 (select_colors write out-of-bounds).
    • Fixed bug #72730 (imagegammacorrect allows arbitrary write access).
  • Intl:
    • Fixed bug #72639 (Segfault when instantiating class that extends IntlCalendar and adds a property).
    • Partially fixed Fixed bug #72506 (idn_to_ascii for UTS #46 incorrect for long domain names).
  • mbstring:
    • Fixed bug #72691 (mb_ereg_search raises a warning if a match zero-width).
    • Fixed bug #72693 (mb_ereg_search increments search position when a match zero-width).
    • Fixed bug #72694 (mb_ereg_search_setpos does not accept a string’s last position).
    • Fixed bug #72710 (`mb_ereg` causes buffer overflow on regexp compile error).
  • Mcrypt:
    • Fixed bug #72782 (Heap Overflow due to integer overflows).
  • Opcache:
    • Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).
  • PCRE:
    • Fixed bug #72688 (preg_match missing group names in matches).
  • PDO_pgsql:
    • Fixed bug #70313 (PDO statement fails to throw exception).
  • Reflection:
    • Fixed bug #72222 (ReflectionClass::export doesn’t handle array constants).
  • SimpleXML:
    • Fixed bug #72588 (Using global var doesn’t work while accessing SimpleXML element).
  • SNMP:
    • Fixed bug #72708 (php_snmp_parse_oid integer overflow in memory allocation).
  • SPL:
    • Fixed bug #55701 (GlobIterator throws LogicException).
    • Fixed bug #72646 (SplFileObject::getCsvControl does not return the escape character).
    • Fixed bug #72684 (AppendIterator segfault with closed generator).
  • SQLite3:
    • Fixed bug #72668 (Spurious warning when exception is thrown in user defined function).
    • Fixed bug #72571 (SQLite3::bindValue, SQLite3::bindParam crash).
    • Implemented FR #72653 (SQLite should allow opening with empty filename).
    • Updated to SQLite3 3.13.0.
  • Standard:
    • Fixed bug #72622 (array_walk + array_replace_recursive create references from nothing).
    • Fixed bug #72152 (base64_decode $strict fails to detect null byte).
    • Fixed bug #72263 (base64_decode skips a character after padding in strict mode).
    • Fixed bug #72264 (base64_decode $strict fails with whitespace between padding).
    • Fixed bug #72330 (CSV fields incorrectly split if escape char followed by UTF chars).
  • Streams:
    • Fixed bug #41021 (Problems with the ftps wrapper).
    • Fixed bug #54431 (opendir() does not work with ftps:// wrapper).
    • Fixed bug #72667 (opendir() with ftp:// attempts to open data stream for non-existent directories).
    • Fixed bug #72771 (ftps:// wrapper is vulnerable to protocol downgrade attack).
  • XMLRPC:
    • Fixed bug #72647 (xmlrpc_encode() unexpected output after referencing array elements).
  • Wddx:
    • Fixed bug #72564 (boolean always deserialized as “true”).
    • Fixed bug #72142 (WDDX Packet Injection Vulnerability in wddx_serialize_value()).
    • Fixed bug #72749 (wddx_deserialize allows illegal memory access) (Stas)
    • Fixed bug #72750 (wddx_deserialize null dereference).
    • Fixed bug #72790 (wddx_deserialize null dereference with invalid xml).
    • Fixed bug #72799 (wddx_deserialize null dereference in php_wddx_pop_element).
  • Zip:
    • Fixed bug #72660 (NULL Pointer dereference in zend_virtual_cwd).

http://www.php.net/ChangeLog-7.php#7.0.10

トラックバックURL

http://www.10yendama.com/archives/2102/trackback

コメントを残す

メールアドレスが公開されることはありません。 * が付いている欄は必須項目です