欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  后端开发

PHP 5.5.35 发布,安全补丁版本

程序员文章站 2022-06-07 14:02:23
...
PHP 5.5.35 发布了,这是一个安全补丁版本,修复了很多安全相关的问题,所有 PHP 5.5 的用户建议尽快升级。

源码下载请访问 downloads page ,Windows 二进制版本下载 windows.php.net/download/ 。

完整的改进记录请看 ChangeLog 。

  • Core:

    • Fixed bug #69537 (__debugInfo with empty string for key gives error).

    • Fixed bug #71841 (EG(error_zval) is not handled well).

  • BCmath:

    • Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition).

  • Curl:

    • Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string).

  • Date:

    • Fixed bug #71889 (DateInterval::format Segmentation fault).

  • EXIF:

    • Fixed bug #72094 (Out of bounds heap read access in exif header processing).

  • GD:

    • Fixed bug #71952 (Corruption inside imageaffinematrixget).

    • Fixed bug #71912 (libgd: signedness vulnerability).

  • Intl:

    • Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative offset).

  • OCI8:

    • Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column).

  • ODBC:

    • Fixed bug #63171 (Script hangs after max_execution_time).

  • Opcache:

    • Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER).

  • PDO:

    • Fixed bug #52098 (Own PDOStatement implementation ignore __call()).

    • Fixed bug #71447 (Quotes inside comments not properly handled).

  • Postgres:

    • Fixed bug #71820 (pg_fetch_object binds parameters before call constructor).

  • SPL:

    • Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails offsetExists()).

  • Standard:

    • Fixed bug #71840 (Unserialize accepts wrongly data).

    • Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or _REENTRANT is not defined).

  • XML:

    • Fixed bug #72099 (xml_parse_into_struct segmentation fault).