diff options
author | Ferenc Kovacs <tyra3l@gmail.com> | 2016-07-21 02:23:03 +0200 |
---|---|---|
committer | Ferenc Kovacs <tyra3l@gmail.com> | 2016-07-21 02:23:03 +0200 |
commit | 38980c9ea4156ce52a53f9f3e1007ea3d787fa11 (patch) | |
tree | b6aafb86c3518bb5fa5e03b406d94fdbc92252e5 | |
parent | 4f268da0692aadbcf844fc22eda0d792464018f9 (diff) | |
download | php-git-PHP-5.6.24.tar.gz |
5.6.24php-5.6.24PHP-5.6.24
-rw-r--r-- | NEWS | 45 | ||||
-rw-r--r-- | configure.in | 2 | ||||
-rw-r--r-- | main/php_version.h | 4 |
3 files changed, 43 insertions, 8 deletions
@@ -1,26 +1,49 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -07 Jul 2016, PHP 5.6.24RC1 +21 Jul 2016, PHP 5.6.24 - Core: - . Fix bug #71936 (Segmentation fault destroying HTTP_RAW_POST_DATA). + . Fixed bug #71936 (Segmentation fault destroying HTTP_RAW_POST_DATA). (mike dot laspina at gmail dot com, Remi) - . Fix bug #72496 (Cannot declare public method with signature incompatible + . Fixed bug #72496 (Cannot declare public method with signature incompatible with parent private method). (Pedro Magalhães) - . Fix bug #72138 (Integer Overflow in Length of String-typed ZVAL). (Stas) + . Fixed bug #72138 (Integer Overflow in Length of String-typed ZVAL). (Stas) + . Fixed bug #72513 (Stack-based buffer overflow vulnerability in + virtual_file_ex). (loianhtuan at gmail dot com) + . Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session + Deserialization). (taoguangchen at icloud dot com) + . Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and + applications). (CVE-2016-5385) (Stas) - bz2: - . Fix bug #72447 (Type Confusion in php_bz2_filter_create()). (gogil at + . Fixed bug #72447 (Type Confusion in php_bz2_filter_create()). (gogil at stealien dot com). + . Fixed bug #72613 (Inadequate error handling in bzread()). (Stas) - EXIF: . Fixed bug #50845 (exif_read_data() returns corrupted exif headers). (Bartosz Dziewoński) +- EXIF: + . Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE). + (Stas) + . Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment). + (Stas) - GD: . Fixed bug #43475 (Thick styled lines have scrambled patterns). (cmb) . Fixed bug #53640 (XBM images require width to be multiple of 8). (cmb) . Fixed bug #64641 (imagefilledpolygon doesn't draw horizontal line). (cmb) + . Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read + access). (Pierre) + . Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre) + . Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()). + (CVE-2016-6207) (Pierre) + +- Intl: + . Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas) + +- ODBC: + . Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns) - OpenSSL: . Fixed bug #71915 (openssl_random_pseudo_bytes is not fork-safe). @@ -28,6 +51,10 @@ PHP NEWS . Fixed bug #72336 (openssl_pkey_new does not fail for invalid DSA params). (Jakub Zelenka) +- SNMP: + . Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and + unserialize()). (taoguangchen at icloud dot com) + - SPL: . Fixed bug #55701 (GlobIterator throws LogicException). (Valentin VĂLCIU) @@ -39,6 +66,14 @@ PHP NEWS . Fixed bug #72439 (Stream socket with remote address leads to a segmentation fault). (Laruence) +- Xmlrpc: + . Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c). + (Stas) + +- Zip: + . Fixed bug #72520 (Stack-based buffer overflow vulnerability in + php_stream_zip_opener). (loianhtuan at gmail dot com) + 23 Jun 2016, PHP 5.6.23 - Core: diff --git a/configure.in b/configure.in index d3b20561de..dc5333d3c9 100644 --- a/configure.in +++ b/configure.in @@ -120,7 +120,7 @@ int zend_sprintf(char *buffer, const char *format, ...); PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=6 PHP_RELEASE_VERSION=24 -PHP_EXTRA_VERSION="RC1" +PHP_EXTRA_VERSION="" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 10000 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` diff --git a/main/php_version.h b/main/php_version.h index 2f8f634feb..e2029cea2c 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -3,6 +3,6 @@ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 6 #define PHP_RELEASE_VERSION 24 -#define PHP_EXTRA_VERSION "RC1" -#define PHP_VERSION "5.6.24RC1" +#define PHP_EXTRA_VERSION "" +#define PHP_VERSION "5.6.24" #define PHP_VERSION_ID 50624 |