2011-08-28

Ya Esta disponible la nueva versión de PHP 5.3.7 y a solo 5 días después PHP 5.3.8

Esta disponible la nueva versión de PHP 5.3.7 y a solo 5 días después PHP 5.3.8 respecto a una lista muy grande de Fixed Bug solucionados.


Version 5.3.8

23-Aug-2011
  • Core:
    • Fixed bug #55439 (crypt() returns only the salt for MD5). (Stas)
  • OpenSSL:
    • Reverted a change in timeout handling restoring PHP 5.3.6 behavior, as the new behavior caused mysqlnd SSL connections to hang ( Bug #55283). (Pierre, Andrey, Johannes)


Version 5.3.7

18-Aug-2011
  • Upgraded bundled SQLite to version 3.7.7.1. (Scott)
  • Upgraded bundled PCRE to version 8.12. (Scott)
  • Zend Engine:
    • Fixed bug #55156 (ReflectionClass::getDocComment() returns comment even though the class has none). (Felipe)
    • Fixed bug #55007 (compiler fail after previous fail). (Felipe)
    • Fixed bug #54910 (Crash when calling call_user_func with unknown function name). (Dmitry)
    • Fixed bug #54804 (__halt_compiler and imported namespaces). (Pierrick, Felipe)
    • Fixed bug #54624 (class_alias and type hint). (Felipe)
    • Fixed bug #54585 (track_errors causes segfault). (Dmitry)
    • Fixed bug #54423 (classes from dl()'ed extensions are not destroyed). (Tony, Dmitry)
    • Fixed bug #54372 (Crash accessing global object itself returned from its __get() handle). (Dmitry)
    • Fixed bug #54367 (Use of closure causes problem in ArrayAccess). (Dmitry)
    • Fixed bug #54358 (Closure, use and reference). (Dmitry)
    • Fixed bug #54262 (Crash when assigning value to a dimension in a non-array). (Dmitry)
    • Fixed bug #54039 (use() of static variables in lambda functions can break staticness). (Dmitry)
  • Core:
    • Updated crypt_blowfish to 1.2. (CVE-2011-2483) (Solar Designer) (more info)
    • Removed warning when argument of is_a() or is_subclass_of() is not a known class. (Stas)
    • Fixed crash in error_log(). (Felipe) Reported by Mateusz Kocielski.
    • Added PHP_MANDIR constant telling where the manpages were installed into, and an --man-dir argument to php-config. (Hannes)
    • Fixed a crash inside dtor for error handling. (Ilia)
    • Fixed buffer overflow on overlog salt in crypt(). (Clément LECIGNE, Stas
    • Implemented FR Fixed bug #54459 (Range function accuracy). (Adam)
    • Fixed bug #55399 (parse_url() incorrectly treats ':' as a valid path). (Ilia)
    • Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off). (Dmitry)
    • Fixed bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow (Pierre)
    • Fixed bug #55258 (Windows Version Detecting Error). ( xiaomao5 at live dot com, Pierre)
    • Fixed bug #55187 (readlink returns weird characters when false result). (Pierre)
    • Fixed bug #55082 (var_export() doesn't escape properties properly). (Gustavo)
    • Fixed bug #55014 (Compile failure due to improper use of ctime_r()). (Ilia)
    • Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). (Felipe) Reported by Krzysztof Kotowicz. (CVE-2011-2202)
    • Fixed bug #54935 php_win_err can lead to crash. (Pierre)
    • Fixed bug #54924 (assert.* is not being reset upon request shutdown). (Ilia)
    • Fixed bug #54895 (Fix compiling with older gcc version without need for membar_producer macro). (mhei at heimpold dot de)
    • Fixed bug #54866 (incorrect accounting for realpath_cache_size). (Dustin Ward)
    • Fixed bug #54723 (getimagesize() doesn't check the full ico signature). (Scott)
    • Fixed bug #54721 (Different Hashes on Windows, BSD and Linux on wrong Salt size). (Pierre, os at irj dot ru)
    • Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value). (Gustavo)
    • Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption). (Dmitry)
    • Fixed bug #54305 (Crash in gc_remove_zval_from_buffer). (Dmitry)
    • Fixed bug #54238 (use-after-free in substr_replace()). (Stas) (CVE-2011-1148)
    • Fixed bug #54204 (Can't set a value with a PATH section in php.ini). (Pierre)
    • Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment). (tomas dot brastavicius at quantum dot lt, Pierrick)
    • Fixed bug #54137 (file_get_contents POST request sends additional line break). (maurice-php at mertinkat dot net, Ilia)
    • Fixed bug #53848 (fgetcsv() ignores spaces at beginnings of fields). (Ilia)
    • Alternative fix for bug Fixed bug #52550, as applied to the round() function (signed overflow), as the old fix impacted the algorithm for numbers with magnitude smaller than 0. (Gustavo)
    • Fixed bug #53727 (Inconsistent behavior of is_subclass_of with interfaces) (Ralph Schindler, Dmitry)
    • Fixed bug #52935 (call exit in user_error_handler cause stream relate core). (Gustavo)
    • Fixed bug #51997 (SEEK_CUR with 0 value, returns a warning). (Ilia)
    • Fixed bug #50816 (Using class constants in array definition fails). (Pierrick, Dmitry)
    • Fixed bug #50363 (Invalid parsing in convert.quoted-printable-decode filter). (slusarz at curecanti dot org)
    • Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using TMPDIR on Windows). (Pierre)
  • Apache2 Handler SAPI:
    • Fixed bug #54529 (SAPI crashes on apache_config.c:197). (hebergement at riastudio dot fr)
  • CLI SAPI:
    • Fixed bug #52496 (Zero exit code on option parsing failure). (Ilia)
  • cURL extension:
    • Added ini option curl.cainfo (support for custom cert db). (Pierre)
    • Added CURLINFO_REDIRECT_URL support. (Daniel Stenberg, Pierre)
    • Added support for CURLOPT_MAX_RECV_SPEED_LARGE and CURLOPT_MAX_SEND_SPEED_LARGE. FR Fixed bug #51815. (Pierrick)
  • DateTime extension:
    • Fixed bug where the DateTime object got changed while using date_diff(). (Derick)
    • Fixed bug #54340 (DateTime::add() method bug). (Adam)
    • Fixed bug #54316 (DateTime::createFromFormat does not handle trailing '|' correctly). (Adam)
    • Fixed bug #54283 (new DatePeriod(NULL) causes crash). (Felipe)
    • Fixed bug #51819 (Case discrepancy in timezone names cause Uncaught exception and fatal error). (Hannes)
  • DBA extension:
    • Supress warning on non-existent file open with Berkeley DB 5.2 (Chris Jones)
    • Fixed bug #54242 (dba_insert returns true if key already exists). (Felipe)
  • Exif extesion:
    • Fixed bug #54121 (error message format string typo). (Ilia)
  • Fileinfo extension:
    • Fixed bug #54934 (Unresolved symbol strtoull in HP-UX 11.11). (Felipe)
  • Filter extension:
    • Added 3rd parameter to filter_var_array() and filter_input_array() functions that allows disabling addition of empty elements. (Ilia)
    • Fixed bug #53037 (FILTER_FLAG_EMPTY_STRING_NULL is not implemented). (Ilia)
  • Interbase extension:
    • Fixed bug #54269 (Short exception message buffer causes crash). (Felipe)
  • intl extension:
    • Implemented FR Fixed bug #54561 (Expose ICU version info). (David Zuelke, Ilia)
    • Implemented FR Fixed bug #54540 (Allow loading of arbitrary resource bundles when fallback is disabled). (David Zuelke, Stas)
  • Imap extension:
    • Fixed bug #55313 (Number of retries not set when params specified). (kevin at kevinlocke dot name)
  • json extension:
    • Fixed bug #54484 (Empty string in json_decode doesn't reset json_last_error()). (Ilia)
  • LDAP extension:
    • Fixed bug #53339 (Fails to build when compilng with gcc 4.5 and DSO libraries). (Clint Byrum, Raphael)
  • libxml extension:
    • Fixed bug #54601 (Removing the doctype node segfaults). (Hannes)
    • Fixed bug #54440 (libxml extension ignores default context). (Gustavo)
  • mbstring extension:
    • Fixed bug #54494 (mb_substr() mishandles UTF-32LE and UCS-2LE). (Gustavo)
  • MCrypt extension:
    • Change E_ERROR to E_WARNING in mcrypt_create_iv when not enough data has been fetched (Windows). (Pierre)
    • Fixed bug #55169 (mcrypt_create_iv always fails to gather sufficient random data on Windows). (Pierre)
  • MySQL Improved extension:
    • Fixed Bug Fixed bug #54221 (mysqli::get_warnings segfault when used in multi queries). (Andrey)
  • mysqlnd
    • Fixed crash when using more than 28,000 bound parameters. Workaround is to set mysqlnd.net_cmd_buffer_size to at least 9000. (Andrey)
    • Fixed bug #54674 mysqlnd valid_sjis_(head|tail) is using invalid operator and range). (nihen at megabbs dot com, Andrey)
  • MySQLi extension:
    • Fixed bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi persistent connections). (Andrey)
  • OpenSSL extension:
    • openssl_encrypt()/openssl_decrypt() truncated keys of variable length ciphers to the OpenSSL default for the algorithm. (Scott)
    • On blocking SSL sockets respect the timeout option where possible. (Scott)
    • Fixed bug #54992 (Stream not closed and error not returned when SSL CN_match fails). (Gustavo, laird_ngrps at dodo dot com dot au)
  • Oracle Database extension (OCI8):
    • Added oci_client_version() returning the runtime Oracle client library version (Chris Jones)
  • . PCRE extension:
    • Increased the backtrack limit from 100000 to 1000000 (Rasmus)
  • PDO extension:
    • Fixed bug #54929 (Parse error with single quote in sql comment). (Felipe)
    • Fixed bug #52104 (bindColumn creates Warning regardless of ATTR_ERRMODE settings). (Ilia)
  • PDO DBlib driver:
    • Fixed bug #54329 (MSSql extension memory leak). (dotslashpok at gmail dot com)
    • Fixed bug #54167 (PDO_DBLIB returns null on SQLUNIQUE field). (mjh at hodginsmedia dot com, Felipe)
  • PDO ODBC driver:
    • Fixed data type usage in 64bit. (leocsilva at gmail dot com)
  • PDO MySQL driver:
    • Fixed bug #54644 (wrong pathes in php_pdo_mysql_int.h). (Tony, Johannes)
    • Fixed bug #53782 (foreach throws irrelevant exception). (Johannes, Andrey)
    • Implemented FR Fixed bug #48587 (MySQL PDO driver doesn't support SSL connections). (Rob)
  • PDO PostgreSQL driver:
    • Fixed bug #54318 (Non-portable grep option used in PDO pgsql configuration). (bwalton at artsci dot utoronto dot ca)
  • PDO Oracle driver:
    • Fixed bug #44989 (64bit Oracle RPMs still not supported by pdo-oci). (jbnance at tresgeek dot net)
  • Phar extension:
    • Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters). (Felipe)
  • PHP-FPM SAPI:
    • Implemented FR Fixed bug #54499 (FPM ping and status_path should handle HEAD request). (fat)
    • Implemented FR Fixed bug #54172 (Overriding the pid file location of php-fpm). (fat)
    • Fixed missing Expires and Cache-Control headers for ping and status pages. (fat)
    • Fixed memory leak. (fat) Reported and fixed by Giovanni Giacobbi.
    • Fixed wrong value of log_level when invoking fpm with -tt. (fat)
    • Added xml format to the status page. (fat)
    • Removed timestamp in logs written by children processes. (fat)
    • Fixed exit at FPM startup on fpm_resources_prepare() errors. (fat)
    • Added master rlimit_files and rlimit_core in the global configuration settings. (fat)
    • Removed pid in debug logs written by chrildren processes. (fat)
    • Added custom access log (also added per request %CPU and memory mesurement). (fat)
    • Added a real scoreboard and several improvements to the status page. (fat)
  • Reflection extension:
    • Fixed bug #54347 (reflection_extension does not lowercase module function name). (Felipe, laruence at yahoo dot com dot cn)
  • SOAP extension:
    • Fixed bug #55323 (SoapClient segmentation fault when XSD_TYPEKIND_EXTENSION contains itself). (Dmitry)
    • Fixed bug #54312 (soap_version logic bug). (tom at samplonius dot org)
  • Sockets extension:
    • Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) Found by Mateusz Kocielski, Marek Kroemeke and Filip Palian. (Felipe)
    • Changed socket_set_block() and socket_set_nonblock() so they emit warnings on error. (Gustavo)
    • Fixed bug #51958 (socket_accept() fails on IPv6 server sockets). (Gustavo)
  • SPL extension:
    • Fixed bug #54971 (Wrong result when using iterator_to_array with use_keys on true). (Pierrick)
    • Fixed bug #54970 (SplFixedArray::setSize() isn't resizing). (Felipe)
    • Fixed bug #54609 (Certain implementation(s) of SplFixedArray cause hard crash). (Felipe)
    • Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and SplTempFileObject crash when user-space classes don't call the paren constructor). (Gustavo)
    • Fixed bug #54292 (Wrong parameter causes crash in SplFileObject::__construct()). (Felipe)
    • Fixed bug #54291 (Crash iterating DirectoryIterator for dir name starting with \0). (Gustavo)
    • Fixed bug #54281 (Crash in non-initialized RecursiveIteratorIterator). (Felipe)
  • Streams:
    • Fixed bug #54946 (stream_get_contents infinite loop). (Hannes)
    • Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket). (Gustavo)
    • Fixed bug #54681 (addGlob() crashes on invalid flags). (Felipe)


Mas informacion al respecto

No hay comentarios: