PHP 5.6.27 Released...


www.php.net | 2016-10-16 00:04 UTC

Version 5.6.27
13 Oct 2016

Core:
Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c).
Fixed bug #73058 (crypt broken when salt is 'too' long).
Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by password_verify).
Fixed bug #73189 (Memcpy negative size parameter php_resolve_path).
Fixed bug #73147 (Use After Free in unserialize()).
BCmath:
Fixed bug #73190 (memcpy negative parameter _bc_new_num_ex).
DOM:
Fixed bug #73150 (missing NULL check in dom_document_save_html).
Ereg:
Fixed bug #73284 (heap overflow in php_ereg_replace function).
Filter:
Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and FILTER_FLAG_NO_PRIV_RANGE).
Fixed bug #67167 (Wrong return value from FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE).
Fixed bug #73054 (default option ignored when object passed to int filter).
GD:
Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
Fixed bug #50194 (imagettftext broken on transparent background w/o alphablending).
Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c).
Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given).
Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries).
Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted files).
Fixed bug #73161 (imagecreatefromgd2() may leak memory).
Intl:
Fixed bug #73218 (add mitigation for ICU int overflow).
Imap:
Fixed bug #73208 (integer overflow in imap_8bit caused heap corruption).
Mbstring:
Fixed bug #72994 (mbc_to_code() out of bounds read).
Fixed bug #66964 (mb_convert_variables() cannot detect recursion).
Fixed bug #72992 (mbstring.internal_encoding doesn't inherit default_charset).
Fixed bug #73082 (string length overflow in mb_encode_* function).
PCRE:
Fixed bug #73174 (heap overflow in php_pcre_replace_impl).
Opcache:
Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).
OpenSSL:
Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
Fixed bug #73275 (crash in openssl_encrypt function).
Fixed bug #73276 (crash in openssl_random_pseudo_bytes function).
Session:
Fixed bug #68015 (Session does not report invalid uid for files save handler).
Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
SimpleXML:
Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()).
SPL:
Fixed bug #73073 (CachingIterator null dereference when convert to string).
Standard:
Fixed bug #73240 (Write out of bounds at number_format).
Fixed bug #73017 (memory corruption in wordwrap function).
Stream:
Fixed bug #73069 (readfile() mangles files larger than 2G).
Zip:
Fixed bug #70752 (Depacking with wrong password leaves 0 length files).

By Anonymous Submission on 2016-10-16 00:04 UTC
  • Need an account?  
    or