Friday, June 24, 2016

PHP 5.6.23 is released

PHP 5.5.37 is released, is a popular general-purpose scripting language that is especially suited to web development. Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular websites in the world.




PHP 5.6.23 ChangeLog

  • Core:
    • Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/ json_utf8_to_utf16()).
    • Fixed bug #72400 (Integer Overflow in addcslashes/addslashes).
    • Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL).
  • GD:
    • Fixed bug #72298 (pass2_no_dither out-of-bounds access).
    • Fixed bug #72337 (invalid dimensions can lead to crash).
    • Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in heap overflow).
    • Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert).
    • Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow).
  • Intl:
    • Fixed bug #70484 (selectordinal doesn't work with named parameters).
  • mbstring:
    • Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free).
  • mcrypt:
    • Fixed bug #72455 (Heap Overflow due to integer overflows).
  • OpenSSL:
    • Fixed bug #72140 (segfault after calling ERR_free_strings()).
  • Phar:
    • Fixed bug #72321 (invalid free in phar_extract_file()).
  • SPL:
    • Fixed bug #72262 (int/size_t confusion in SplFileObject::fread).
    • Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and unserialize).
  • WDDX:
    • Fixed bug #72340 (Double Free Courruption in wddx_deserialize).
  • zip:
    • Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize).

Download: PHP 5.6.23 is released

No comments:

Post a Comment