Path to this page:
Next | Query returned 6 messages, browsing 1 to 10 | previous
CVS Commit History:
2024-04-13 04:51:54 by Takahiro Kambe | Files touched by this commit (2) | |
Log message:
lang/php83: update to 8.3.5
This release includes security fixes.
11 Apr 2024, PHP 8.3.5
- Core:
. Fixed GH-13569 (GC buffer unnecessarily grows up to GC_MAX_BUF_SIZE when
scanning WeakMaps). (Arnaud)
. Fixed bug GH-13612 (Corrupted memory in destructor with weak references).
(nielsdos)
. Fixed bug GH-13446 (Restore exception handler after it finishes). (ilutov)
. Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). (Remi)
. Fixed bug GH-13670 (GC does not scale well with a lot of objects created in
destructor). (Arnaud)
- DOM:
. Add some missing ZPP checks. (nielsdos)
. Fix potential memory leak in XPath evaluation results. (nielsdos)
- FPM:
. Fixed GH-11086 (FPM: config test runs twice in daemonised mode).
(Jakub Zelenka)
. Fix incorrect check in fpm_shm_free(). (nielsdos)
- GD:
. Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). (Michael Orlitzky)
- Gettext:
. Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5
with category set to LC_ALL. (David Carlier)
- MySQLnd:
. Fix GH-13452 (Fixed handshake response [mysqlnd]). (Saki Takamachi)
. Fix incorrect charset length in check_mb_eucjpms(). (nielsdos)
- Opcache:
. Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null).
(Arnaud, Dmitry)
. Fixed GH-13712 (Segmentation fault for enabled observers when calling trait
method of internal trait when opcache is loaded). (Bob)
- Random:
. Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown
modes). (timwolla)
. Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between
requests when MT_RAND_PHP is used). (timwolla)
- Session:
. Fixed bug GH-13680 (Segfault with session_decode and compilation error).
(nielsdos)
- SPL:
. Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). (nielsdos)
- Standard:
. Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
. Fixed GH-13402 (Added validation of `\n` in $additional_headers of mail()).
(SakiTakamachi)
. Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows).
(divinity76)
. Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
. Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
. Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
Fixed bug GHSA-fjp9-9hwx-59fq (mb_encode_mimeheader runs endlessly for some
inputs). (CVE-2024-2757) (Alex Dowad)
|
2024-03-17 17:48:20 by Takahiro Kambe | Files touched by this commit (2) | |
Log message:
lang/php83: update to 8.3.4
PHP 8.3.4 (2024-03-14)
- Core:
. Fix ZTS persistent resource crashes on shutdown. (nielsdos)
- Curl:
. Fix failing tests due to string changes in libcurl 8.6.0. (Ayesh)
- DOM:
. Fix unlikely memory leak in case of namespace removal with extremely deep
trees. (nielsdos)
. Fix reference access in dimensions for DOMNodeList and DOMNodeMap.
(nielsdos)
- Fileinfo:
. Fixed bug GH-13344 (finfo::buffer(): Failed identify data 0:(null),
backport). (nielsdos)
- FPM:
. Fixed bug #75712 (getenv in php-fpm should not read $_ENV, $_SERVER).
(Jakub Zelenka)
- GD:
. Fixed bug GH-12019 (detection of image formats in system gd library).
(Michael Orlitzky)
- MySQLnd:
. Fixed bug GH-11950 ([mysqlnd] Fixed not to set CR_MALFORMED_PACKET to error
if CR_SERVER_GONE_ERROR is already set). (Saki Takamachi)
- PDO:
. Fix various PDORow bugs. (Girgias)
- PGSQL:
. Fixed bug GH-13354 (pg_execute/pg_send_query_params/pg_send_execute
with null value passed by reference). (George Barbarosie)
- SPL:
. Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized
in PHP 8.2.15). (nielsdos)
- Standard:
. Fixed bug GH-13279 (Instable array during in-place modification in uksort).
(ilutov)
. Fixed array key as hash to string (case insensitive) comparison typo
for the second operand buffer size (albeit unused for now). (A. Slepykh)
- XML:
. Fixed bug GH-13517 (Multiple test failures when building with
--with-expat). (nielsdos)
|
2024-02-16 14:15:20 by Takahiro Kambe | Files touched by this commit (2) | |
Log message:
lang/php83: update to 8.3.3
15 Feb 2024, PHP 8.3.3
- Core:
. Fixed timer leak in zend-max-execution-timers builds. (withinboredom)
. Fixed bug GH-12349 (linking failure on ARM with mold). (Jan Palus)
. Fixed bug GH-13097 (Anonymous class reference in trigger_error / thrown
Exception). (nielsdos)
. Fixed bug GH-13177 (PHP 8.3.2: final private constructor not allowed
when used in trait). (nielsdos)
. Fixed bug GH-13215 (GCC 14 build failure). (Remi)
- Curl:
. Fix missing error check in curl_multi_init(). (divinity76)
- FPM:
. Fixed bug GH-12996 (Incorrect SCRIPT_NAME with Apache ProxyPassMatch when
plus in path). (Jakub Zelenka)
- GD:
. Fixed bug GH-10344 (imagettfbbox(): Could not find/open font UNC path).
(nielsdos)
. Fixed bug GH-10614 (imagerotate will turn the picture all black, when
rotated 90). (nielsdos)
- LibXML:
. Fix crashes with entity references and predefined entities. (nielsdos)
- MySQLnd:
. Fixed bug GH-12107 (When running a stored procedure (that returns a result
set) twice, PHP crashes). (nielsdos)
- Opcache:
. Fixed bug GH-13145 (strtok() is not comptime). (ilutov)
. Fixed type inference of range(). (ilutov)
. Fixed bug GH-13232 (Segmentation fault will be reported when JIT is off but
JIT_debug is still on). (nielsdos)
- OpenSSL:
. Fixed LibreSSL undefined reference when OPENSSL_NO_ENGINE not set.
(David Carlier).
- PDO_Firebird:
. Fix GH-13119 (Changed to convert float and double values into strings using
`H` format). (SakiTakamachi)
- Phar:
. Fixed bug #71465 (PHAR doesn't know about litespeed). (nielsdos)
. Fixed bug GH-13037 (PharData incorrectly extracts zip file). (nielsdos)
- Random:
. Fixed bug GH-13138 (Randomizer::pickArrayKeys() does not detect broken
engines). (timwolla)
- Session:
. Fixed bug GH-12504 (Corrupted session written when there's a fatal error
in autoloader). (nielsdos)
- Standard:
. Fixed bug GH-13094 (range(9.9, '0') causes segmentation fault). (nielsdos)
- Streams:
. Fixed bug GH-13071 (Copying large files using mmap-able source streams may
exhaust available memory and fail). (nielsdos)
|
2024-01-21 08:53:53 by Takahiro Kambe | Files touched by this commit (1) | |
Log message:
lang/php83: update to 8.3.2
8.3.2 (2024-01-18)
- Core:
. Fixed bug GH-12953 (false positive SSA integrity verification failed when
loading composer classmaps with more than 11k elements). (nielsdos)
. Fixed bug GH-12999 (zend_strnlen build when strnlen is unsupported).
(rainerjung)
. Fixed bug GH-12966 (missing cross-compiling 3rd argument so Autoconf
doesn't emit warnings). (Peter Kokot)
. Fixed bug GH-12854 (8.3 - as final trait-used method does not correctly
report visibility in Reflection). (nielsdos)
- Cli:
. Fix incorrect timeout in built-in web server when using router script and
max_input_time. (ilutov)
- DOM:
. Fixed bug GH-12870 (Creating an xmlns attribute results in a DOMException).
(nielsdos)
. Fix crash when toggleAttribute() is used without a document. (nielsdos)
. Fix crash in adoptNode with attribute references. (nielsdos)
. Fixed bug GH-13012 (DOMNode::isEqualNode() is incorrect when attribute
order is different). (nielsdos)
- FFI:
. Fixed bug GH-9698 (stream_wrapper_register crashes with FFI\CData).
(Jakub Zelenka)
. Fixed bug GH-12905 (FFI::new interacts badly with observers). (nielsdos)
- Intl:
. Fixed GH-12943 (IntlDateFormatter::__construct accepts 'C' as valid locale).
(David Carlier)
- Hash:
. Fixed bug GH-12936 (hash() function hangs endlessly if using sha512 on
strings >= 4GiB). (nielsdos)
- ODBC:
. Fix crash on Apache shutdown with persistent connections. (nielsdos)
- Opcache:
. Fixed oss-fuzz #64727 (JIT undefined array key warning may overwrite DIM
with NULL when DIM is the same var as result). (ilutov)
. Added workaround for SELinux mprotect execheap issue.
See https://bugzilla.kernel.org/show_bug.cgi?id=218258. (ilutov)
- OpenSSL:
. Fixed bug GH-12987 (openssl_csr_sign might leak new cert on error).
(Jakub Zelenka)
- PDO:
. Fix GH-12969 (Fixed PDO::getAttribute() to get PDO::ATTR_STRINGIFY_FETCHES).
(SakiTakamachi)
- PDO_ODBC:
. Fixed bug GH-12767 (Unable to turn on autocommit mode with setAttribute()).
(SakiTakamachi)
- PGSQL:
. Fixed auto_reset_persistent handling and allow_persistent type. (David Carlier)
. Fixed bug GH-12974 (Apache crashes on shutdown when using pg_pconnect()).
(nielsdos)
- Phar:
. Fixed bug #77432 (Segmentation fault on including phar file). (nielsdos)
- PHPDBG:
. Fixed bug GH-12962 (Double free of init_file in phpdbg_prompt.c). (nielsdos)
- SimpleXML:
. Fix getting the address of an uninitialized property of a SimpleXMLElement
resulting in a crash. (nielsdos)
. Fixed bug GH-12929 (SimpleXMLElement with stream_wrapper_register can
segfault). (nielsdos)
- Tidy:
. Fixed bug GH-12980 (tidynode.props.attribute is missing
"Boolean Attributes" and empty attributes). (nielsdos)
|
2024-01-05 03:08:41 by Takahiro Kambe | Files touched by this commit (1) | |
Log message:
lang/php83: update to 8.3.1
PHP 8.3.1 (2023-12-21)
- Core:
. Fixed bug GH-12758 / GH-12768 (Invalid opline in OOM handlers within
ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC). (Florian Engelhardt)
. Fix various missing NULL checks. (nielsdos, dstogov)
. Fixed bug GH-12835 (Leak of call->extra_named_params on internal __call).
(ilutov)
. Fixed bug GH-12826 (Weird pointers issue in nested loops). (nielsdos)
- FPM:
. Fixed bug GH-12705 (Segmentation fault in fpm_status_export_to_zval).
(Patrick Prasse)
- FTP:
. Fixed bug GH-9348 (FTP & SSL session reuse). (nielsdos)
- LibXML:
. Fixed test failures for libxml2 2.12.0. (nielsdos)
- MySQLnd:
. Avoid using uninitialised struct. (mikhainin)
. Fixed bug GH-12791 (Possible dereference of NULL in MySQLnd debug code).
(nielsdos)
- Opcache:
. Fixed JIT bug (Function JIT emits "Uninitialized string offset" warning
at the same time as invalid offset Error). (Girgias)
. Fixed JIT bug (JIT emits "Attempt to assign property of non-object"
warning at the same time as Error is being thrown). (Girgias)
- PDO PGSQL:
. Fixed the default value of $fetchMode in PDO::pgsqlGetNotify() (kocsismate)
- SOAP:
. Fixed bug GH-12838 ([SOAP] Temporary WSDL cache files not being deleted).
(nielsdos)
- Standard
. Fixed GH-12745 (http_build_query() default null argument for $arg_separator
is implicitly coerced to string). (Girgias)
|
2023-11-30 17:14:51 by Takahiro Kambe | Files touched by this commit (21) |
Log message:
lang/php83: add version 8.3.0
PHP is a widely-used open source general-purpose scripting language
that is especially suited for web development and can be embedded
into HTML. It is modular, and object-oriented. Much of its syntax
is borrowed from C, Java and Perl with a couple of unique PHP-specific
features thrown in. The language is designed to allow web developers
to write dynamically generated pages quickly.
PHP 8.3 comes with numerous improvements and new features such as
* Typed Class Constants
* Fetch class constant dynamically syntax
* Readonly Amendments
* Override Attribute
* New Randomizer method Random\Randomizer::getBytesFromString
* New function json_validate
* And much much more...
|
Next | Query returned 6 messages, browsing 1 to 10 | previous