PHP 5.6.23 ChangeLog
- Core:
- GD:
- Fixed bug #72298 (pass2_no_dither out-of-bounds access).
- Fixed bug #72337 (invalid dimensions can lead to crash).
- Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in heap overflow).
- Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert).
- Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow).
- Intl:
- Fixed bug #70484 (selectordinal doesn't work with named parameters).
- mbstring:
- Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free).
- mcrypt:
- Fixed bug #72455 (Heap Overflow due to integer overflows).
- OpenSSL:
- Fixed bug #72140 (segfault after calling ERR_free_strings()).
- Phar:
- Fixed bug #72321 (invalid free in phar_extract_file()).
- SPL:
- WDDX:
- Fixed bug #72340 (Double Free Courruption in wddx_deserialize).
- zip:
- Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize).
Download: PHP 5.6.23 is released
No comments:
Post a Comment