PHP 5.5.35 发布了,这是一个安全补丁版本,修复了很多安全相关的问题,所有 PHP 5.5 的用户建议尽快升级。
源码下载请访问 downloads page ,Windows 二进制版本下载 windows.php.net/download/ 。
完整的改进记录请看 ChangeLog 。
Core:
Fixed bug #69537 (__debugInfo with empty string for key gives error).
Fixed bug #71841 (EG(error_zval) is not handled well).
BCmath:
Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition).
Curl:
Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string).
Date:
Fixed bug #71889 (DateInterval::format Segmentation fault).
EXIF:
Fixed bug #72094 (Out of bounds heap read access in exif header processing).
GD:
Fixed bug #71952 (Corruption inside imageaffinematrixget).
Fixed bug #71912 (libgd: signedness vulnerability).
Intl:
Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative offset).
OCI8:
Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column).
ODBC:
Fixed bug #63171 (Script hangs after max_execution_time).
Opcache:
Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER).
PDO:
Fixed bug #52098 (Own PDOStatement implementation ignore __call()).
Fixed bug #71447 (Quotes inside comments not properly handled).
Postgres:
Fixed bug #71820 (pg_fetch_object binds parameters before call constructor).
SPL:
Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails offsetExists()).
Standard:
Fixed bug #71840 (Unserialize accepts wrongly data).
Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or _REENTRANT is not defined).
XML:
Fixed bug #72099 (xml_parse_into_struct segmentation fault).