-
Notifications
You must be signed in to change notification settings - Fork 7.7k
/
NEWS
3945 lines (3902 loc) · 219 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
PHP 4 NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
03 Jan 2008, Version 4.4.8
- Improved fix for MOPB-02-2007. (Ilia)
- Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner.
(Ilia)
- Fixed integer overlow in str[c]spn(). (Stas)
- Fixed regression in glob when open_basedir is on introduced by #41655 fix
(Pierre)
- Fixed money_format() not to accept multiple %i or %n tokens. (Stas, Ilia)
- Addded "max_input_nesting_level" php.ini option to limit nesting level of
input variables. Fix for MOPB-03-2007. (Stas)
- Fixed INFILE LOCAL option handling with MySQL - now not allowed when
open_basedir or safe_mode is active (Stas)
- Fixed session.save_path and error_log values to be checked against
open_basedir and safe_mode (CVE-2007-3378) (Stas, Maksymilian Arciemowicz)
- Fixed bug #43010 (Fixed regression in imagearc with two equivelent angles)
(Pierre)
- Fixed bug #41765 (Recode crashes/does not work on amd64)
(nexus at smoula dot net, Stas)
- Fixed bug #41630 (segfault when an invalid color index is present in
the image data). (Reported by Elliot <wccoder@gmail dot com>) (Pierre)
- Fixed bug #41628 (PHP settings leak between Virtual Hosts in
Apache 1.3). (Scott, manuel at mausz dot at)
- Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony)
04 May 2007, Version 4.4.7
- Fixed libgd #86 (Fixed possible infinite loop in imagecreatefrompng)
(Reported by Xavier Roche) (Pierre)
- Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation). (Ilia)
- Fixed MOPB-32-2007 (Double free inside session_decode()). (Ilia)
- Fixed MOPB-26-2007 (mb_parse_str() can be used to activate
register_globals). (Ilia)
- Fixed MOPB-24-2007 (Fixed unallocated memory access/double free in in
array_user_key_compare()). (Stas)
- Fixed MOPB-22-2007 (PHP session_regenerate_id() Double Free Vulnerability).
(Ilia)
- Fixed MOPB-21-2007 (An open_basedir/safe_mode bypass inside the
compress.bzip2 wraper). (Ilia)
- Fixed MOPB-8-2007 (XSS in phpinfo()). (Joe Orton, Stas)
- Fixed CVE-2007-1001 (GD wbmp used with invalid image size). (Pierre)
- Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf
function). (Kees Cook, Pierre)
- Fixed bug #41655 (open_basedir bypass via glob()). (Ilia)
- Fixed bug #41527 (WDDX deserialize numeric string array key). (Matt, Ilia)
- Fixed bug #41252 (Calling mcrypt_generic without first calling
mcrypt_generic_init crashes). (Derick)
- Fixed bug #40998 (long session array keys are truncated). (Tony)
- Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony)
- Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused
handle). (Tony)
- Fixed bug #40747 (possible crash in session when save_path is out of
open_basedir). (Tony)
- Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST)
(patch by ass3mbler@gmail.com)
- Fixed huge CPU usage in imagearc when used with large angles (libgd bug #74).
(Pierre)
- Fixed CRLF injection inside ftp_putcmd(). (Ilia)
28 Feb 2007, Version 4.4.6
- Updated PCRE to version 7.0. (Nuno)
- Fixed segfault in ext/session when register_globals=On. (Tony)
- Fixed bug #40635 (segfault in cURL extension). (Tony)
- Fixed bug #40611 (possible cURL memory error). (Tony)
- Fixed bug #40578 (imagettftext() multithreading issue). (Tony)
- Fixed bug #40502 (ext/interbase compile failure). (Tony)
- Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when
parent is killed). (Dmitry)
14 Feb 2007, Version 4.4.5
- Upgraded PEAR to 1.5.0. (Greg)
- Updated PCRE to version 6.7. (Ilia)
- Moved extensions to PECL:
. ext/ovrimos (Derick)
- Added a meta tag to phpinfo() output to prevent search engines from
indexing the page. (Ilia)
- Backported a fix in the configure tests to detect the "rounding fuzz".
(Derick, Joe Orton)
- Backported fix for ext/imap compilation failure with recent c-client
versions. (Tony)
- Fixed missing open_basedir check inside chdir() function. (Ilia)
- Fixed bug #40335 (Compile fails when using GCC 4.1.1/binutils 2.17). (Tony)
- Fixed bug #39971 (pg_insert/pg_update do not allow now() to be used for
timestamp fields). (Ilia)
- Fixed bug #39890 (using autoconf 2.6x and --with-layout=GNU breaks PEAR
install path). (Tony)
- Fixed bug #39819 (Using $this not in object context can cause segfaults).
(Dmitry)
- Fixed bug #39653 (ext/dba doesn't check for db-4.5 and db-4.4 when db4
support is enabled). (Tony)
- Fixed bug #39583 (ftp_put() does not change transfer mode to ASCII). (Tony)
- Fixed bug #39458 (ftp_nlist() returns false on empty dirs). (Nuno)
- Fixed bug #39354 (Allow building of curl extension against libcurl
7.16.0). (Ilia)
- Fixed bug #39034 (curl_exec() with return transfer returns TRUE on empty
files). (Ilia)
- Fixed bug #38963 (Fixed a possible open_basedir bypass in tempnam()). (Ilia)
- Fixed bug #38882 (ldap_connect causes segfault with newer versions of
OpenLDAP). (Tony)
- Fixed bug #38859 (parse_url() fails if passing '@' in passwd). (Tony,Ilia)
- Fixed bug #38722 (Calling undefined method prints insufficient error message)
(Hannes)
- Fixed bug #38534 (segfault when calling setlocale() in userspace session
handler). (Tony)
- Fixed bug #38450 (constructor is not called for classes used in userspace
stream wrappers). (Tony)
- Fixed bug #38378 (wddx_serialize_value() generates no wellformed xml).
(sj at sjaensch dot org, grzegorz dot nosek at netart dot pl, Tony).
- Fixed bug #37812 (aggregate_methods_by_list fails to take certain methods).
(Hannes)
- Fixed bug #36975 (natcasesort() causes array_pop() to misbehave). (Hannes)
- Fixed bug #36248 (CURLOPT_HEADERFUNCTION, couldn't set the function in the
class). (Ilia)
- Fixed bug #34066 (recursive array_walk causes segfault). (Tony)
17 Aug 2006, Version 4.4.4
- Fixed memory_limit on 64bit systems. (Stefan E.)
- Fixed overflow on 64bit systems in str_repeat() and wordwrap(). (Stefan E.)
- Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are
enabled. (Stefan E.)
- Fixed a memory corruption error with an invalid foreach() call. (Stefan E.,
Dmitry, Derick)
- Fixed bug #38456 (Apache2 segfaults when virtual() is called in .php
ErrorDocument). (Ilia)
- Fixed bug #38431 (xmlrpc_get_type() crashes PHP on objects). (Tony)
- Fixed bug #38377 (session_destroy() gives warning after
session_regenerate_id()). (Ilia)
- Fixed bug #38322 (reading past array in sscanf() leads to arbitary code
execution). (Tony)
- Fixed bug #38278 (session_cache_expire()'s value does not match phpinfo's
session.cache_expire). (Tony)
- Fixed bug #38251 (socket_select() and invalid arguments). (Tony)
- Fixed bug #38183 (disable_classes=Foobar causes disabled class to be
called Foo). (Jani)
- Fixed bug #38112 (corrupted gif segfaults) (Pierre)
- Fixed bug #37265 (Added missing safe_mode & open_basedir checks to
imap_body()). (Ilia)
- Fixed bug #29538 (number_format and problem with 0). (Matthew Wilmas)
03 Aug 2006, Version 4.4.3
- Added control character checks for cURL extension's open_basedir/safe_mode
checks. (Ilia)
- Added overflow checks to wordwrap() function. (Ilia)
- Added a check for special characters in the session name. (Ilia)
- Improved safe_mode check for the error_log() function. (Ilia)
- Updated PCRE to version 6.6. (Andrei)
- Fixed handling of extremely long paths inside tempnam() function. (Ilia)
- Fixed XSS inside phpinfo() with long inputs. (Ilia)
- Fixed a possible buffer overflow inside create_named_pipe() for Win32 systems
in libmysql.c. (Ilia)
- Fixed bug #37720 (merge_php_config scrambles values). (Mike,
pumuckel at metropolis dot de)
- Fixed bug #37569 (WDDX incorrectly encodes high-ascii characters). (Ilia)
- Fixed bug #37510 (session_regenerate_id changes session_id() even on failure).
(Hannes)
- Fixed bug #37360 (Memory errors with a corrupt GIF file) (Pierre)
- Fixed bug #37348 (Make PEAR install ignore open_basedir). (Ilia)
- Fixed bug #37346 (Crashes when using an invalid colormap format). (Pierre)
- Fixed bug #37162 (wddx does not build as a shared extension).
(jdolecek at NetBSD dot org, Ilia)
- Fixed bug #37046 (foreach breaks static scope). (Dmitry)
- Fixed bug #37045 (Fixed check for special chars for http redirects). (Ilia)
- Fixed bug #36857 (Added support for partial content fetching to the HTTP
streams wrapper). (Ilia)
- Fixed bug #36776 (node_list_wrapper_dtor segfault). (Rob)
- Fixed bug #36459 (Incorrect adding PHPSESSID to links, which contains \r\n).
(Ilia)
- Fixed bug #36458 (sleep() accepts negative values). (Ilia)
- Fixed bug #36242 (Possible memory corruption in stream_select()). (Tony)
- Fixed bug #36223 (curl bypasses open_basedir restrictions). (Tony)
- Fixed bug #36205 (Memory leaks on duplicate cookies). (Dmitry)
- Fixed bug #36148 (unpack("H*hex", $data) is adding an extra character to the
end of the string). (Ilia)
- Fixed bug #36017 (fopen() crashes PHP when opening a URL). (Tony)
13 Jan 2006, Version 4.4.2
- Added missing safe_mode/open_basedir checks into cURL extension. (Ilia)
- Backported missing imap_mailcompose() fixes from PHP 5.x. (Ilia)
- Prevent header injection by limiting each header to a single line. (Ilia)
- Fixed possible XSS inside error reporting functionality. (Ilia)
- Fixed Apache 2 regression with sub-request handling on non-linux systems.
(Ilia, Tony)
- Fixed bug #35817 (unpack() does not decode odd number of hexadecimal values).
(Ilia)
- Fixed bug #35735 ($EGREP not defined in configure). (Jani)
- Fixed bug #35669 (imap_mail_compose() crashes with
multipart-multiboundary-email). (Ilia)
- Fixed bug #35655 (whitespace following end of heredoc is lost). (Ilia)
- Fixed bug #35646 (%{mod_php_memory_usage}n is not reset after exit).
(vovik at getart dot ru, Tony)
- Fixed bug #35594 (Multiple calls to getopt() may result in a crash).
(rabbitt at gmail dot com, Ilia)
- Fixed bug #35571 (Fixed crash in Apache 2 SAPI when more then one php
script is loaded via SSI include). (Ilia)
- Fixed bug #35536 (mysql_field_type() doesn't handle NEWDECIMAL). (Tony)
- Fixed bug #35410 (wddx_deserialize() doesn't handle large ints as keys
properly). (Ilia)
- Fixed bug #35341 (Fix for bug #33760 breaks build with older curl). (Tony)
- Fixed bug #35278 (Multiple virtual() calls crash Apache 2 php module). (Ilia)
- Fixed bug #35257 (Calling ob_flush after creating an ob callback causes
segfault). (Tony)
- Fixed bug #35079 (stream_set_blocking(true) toggles, not enables
blocking). (askalski at gmail dot com, Tony)
- Fixed bug #35078 (configure does not find ldap_start_tls_s). (Jani)
- Fixed bug #35071 (Wrong fopen mode used in GD safe-mode checks). (Jani)
- Fixed bug #35067, #35063 (key(),current() need to work by reference). (Ilia)
- Fixed bug #35062 (socket_read() produces warnings on non blocking sockets).
(Nuno, Ilia)
- Fixed bug #35059 (Apache2 crash with mod_rewrite). (Ilia)
- Fixed bug #35009 (ZTS: Persistent resource destruct crashes when extension
is compiled as shared). (Dmitry)
- Fixed bug #34996 (ImageTrueColorToPalette() crashes when ncolors is zero).
(Tony)
- Fixed bug #34851 (SO_RECVTIMEO and SO_SNDTIMEO socket options expect integer
parameter on Windows). (Mike)
- Fixed bug #34830 (the 5th argument of mb_send_mail does not work). (Rui)
- Fixed bug #34359 (Possible crash inside fopen http wrapper). (Ilia,Nuno,Sara)
- Fixed bug #33963 (mssql_bind() fails on input parameters). (Frank)
- Fixed bug #33760 (cURL needs CRYPTO_callback functions to prevent locking).
(Mike)
- Fixed bug #33720 (mb_encode_mimeheader does not work for multibyte chars).
(Rui)
- Fixed bug #33523 (Memory leak in xmlrpc_encode_request()). (Ilia)
- Fixed bug #33201 (Crash when fetching some data types). (Frank)
(frantisek at augusztin dot com)
- Fixed bug #33153 (crash in mssql_next result). (Frank)
- Fixed bug #32009 (crash when mssql_bind() is called more than once). (Frank)
- Fixed bug #31971 (ftp_login fails on some SSL servers).
- Fixed bug #30760 (Remove MessageBox on win32 for E_CORE errors if
display_startup_error is off). (Ilia)
- Fixed bug #27678 (number_format() crashes with large numbers). (Marcus)
31 Oct 2005, Version 4.4.1
- Added missing safe_mode checks for image* functions and cURL. (Ilia)
- Added missing safe_mode/open_basedir checks for file uploads. (Ilia)
- Added "new_link" parameter to mssql_connect(). Bug #34369. (Frank)
- Fixed a memory corruption bug regarding included files. (Derick)
- Fixed possible INI setting leak via virtual() in Apache 2 sapi. (Ilia)
- Fixed possible crash and/or memory corruption in import_request_variables().
(Ilia)
- Fixed potential GLOBALS overwrite via import_request_variables(). (Ilia)
- Fixed possible GLOBALS variable override when register_globals are ON.
(Ilia, Stefan)
- Fixed possible register_globals toggle via parse_str(). (Ilia, Stefan)
- Fixed bug #34850 (--program-suffix and --program-prefix not included in
man page names). (Jani)
- Fixed bug #34790 (preg_match_all(), named capturing groups, variable
assignment/return => crash). (Dmitry)
- Fixed bug #34742 (ftp wrapper failures caused from segmented command
transfer). (Ilia)
- Fixed bug #34704 (Infinite recursion due to corrupt JPEG). (Marcus)
- Fixed bug #34645 (ctype corrupts memory when validating large numbers). (Ilia)
- Fixed bug #34565 (mb_send_mail does not fetch mail.force_extra_parameters).
(Marco, Ilia)
- Fixed bug #34557 (php -m exits with "error" 1). (Johannes)
- Fixed bug #34456 (Possible crash inside pspell extension). (Ilia)
- Fixed bug #34311 (unserialize() crashes with chars above 191 dec). (Nuno)
- Fixed bug #34307 (on_modify handler not called to set the default value if
setting from php.ini was invalid). (Andrei)
- Fixed bug #34302 (date('W') do not return leading zeros for week 1 to 9).
(Derick)
- Fixed bug #34277 (array_filter() crashes with references and objects).
(Dmitry)
- Fixed bug #34191 (ob_gzhandler does not enforce trailing \0). (Ilia)
- Fixed bug #34156 (memory usage remains elevated after memory limit is
reached). (Ilia)
- Fixed bug #34148 (+,- and . not supported as parts of scheme). (Ilia)
- Fixed bug #34137 (assigning array element by reference causes binary mess).
(Dmitry)
- Fixed bug #34068 (Numeric string as array key not cast to integer in
wddx_deserialize()). (Ilia)
- Fixed bug #34064 (arr[] as param to function is allowed only if function
receives argument by reference). (Dmitry)
- Fixed bug #33989 (extract($GLOBALS,EXTR_REFS) crashes PHP). (Dmitry)
- Fixed bug #33987 (php script as ErrorDocument causes crash in Apache 2).
(Ilia)
- Fixed bug #33940 (array_map() fails to pass by reference when called
recursively). (Dmitry)
- Fixed bug #33690 (Crash setting some ini directives in httpd.conf). (Rasmus)
- Fixed bug #33673 (Added detection for partially uploaded files). (Ilia)
- Fixed bug #33648 (Using --with-regex=system causes compile failure). (Andrei)
- Fixed bug #33558 (Warning with nested calls to functions returning by
reference). (Dmitry, Derick)
- Fixed bug #33383 (crash when retrieving empty LOBs). (Tony)
- Fixed bug #33156 (cygwin version of setitimer doesn't accept ITIMER_PROF).
(Nuno)
- Fixed bug #32937 (open_basedir looses trailing / in the limiter). (Adam C.)
- Fixed bug #32589 (possible crash inside imap_mail_compose() function). (Ilia)
- Fixed bug #32179 (xmlrpc_encode() segfaults with recursive references). (Tony)
- Fixed bug #32160 (copying a file into itself leads to data loss). (Ilia)
- Fixed bug #31158 (array_splice on $GLOBALS crashes). (Dmitry)
- Fixed bug #29983 (PHP does not explicitly set mime type & charset). (Ilia)
- Fixed bug #29253 (array_diff with $GLOBALS argument fails). (Dmitry)
- Fixed bug #21306 (ext/sesssion: catch bailouts of write handler during
RSHUTDOWN). (Jani, Xuefer at 21cn dot com)
11 Jul 2005, Version 4.4.0
- Added man pages for "phpize" and "php-config" scripts. (Jakub Vrana)
- Added support for .cc files in extensions. (Brian)
- Added the sorting flag SORT_LOCALE_STRING to the sort() functions which makes
them sort based on the current locale. (Derick)
- Changed sha1_file() and md5_file() functions to use streams instead of
low level IO. (Uwe)
- Fixed memory corruptions when using references in a wrong way. (Marcus,
Dmitry, Derick)
- Fixed memory corruption in pg_copy_from() in case the as_null parameter was
passed. (Derick)
- Fixed memory corruption in stristr(). (Derick)
- Fixed bug #32685, #29423 (Segfault when using assignment by reference within
function). (Dmitry, Derick)
- Fixed bug #33242 (Mangled error message when stream fails). (Derick)
- Fixed bug #33222 (segfault when CURL handle is closed in a callback). (Tony)
- Fixed bug #33214 (odbc_next_result does not signal SQL errors with
2-statement SQL batches). (rich at kastle dot com, Tony)
- Fixed bug #33210 (relax jpeg recursive loop protection). (Ilia)
- Fixed bug #33200 (preg_replace(): magic_quotes_sybase=On makes 'e' modifier
misbehave). (Jani)
- Fixed bug #33150 (shtool: insecure temporary file creation). (Jani)
- Fixed bug #33072 (Add a safemode/open_basedir check for runtime save_path
change) (Rasmus)
- Fixed bug #33070 (Improved performance of bzdecompress() by several orders
of magnitude). (Ilia)
- Fixed bug #33057 (Don't send extraneous entity-headers on a 304 as per
RFC 2616 section 10.3.5) (Rasmus, Choitel)
- Fixed bug #33019 (socket errors cause memory leaks in php_strerror()).
(jwozniak23 at poczta dot onet dot pl, Tony).
- Fixed bug #33017 ("make distclean" gives an error with VPATH build). (Jani)
- Fixed bug #33013 ("next month" was handled wrong while parsing dates).
(Derick)
- Fixed bug #32974 (pcntl calls malloc() from a signal handler). (Wez)
- Fixed bug #32944 (Disabling session.use_cookies doesn't prevent reading
session cookies). (Jani, Tony)
- Fixed bug #32936 (http redirects URLs are not checked for control chars). (Ilia)
- Fixed bug #32932 (Oracle LDAP: ldap_get_entries invalid pointer). (Jani)
- Fixed bug #32904 (pg_get_notify() ignores result_type parameter). (Tony)
- Fixed bug #32813 (parse_url() does not handle scheme-only urls properly). (Ilia)
- Fixed bug #32810 (temporary files not using plain file wrapper). (Ilia)
- Fixed bug #32802 (General cookie overrides more specific cookie). (Ilia)
- Fixed bugs #32800, #32830 (ext/odbc: Problems with 64bit systems). (Jani)
- Fixed bug #32773 (GMP functions break when second parameter is 0). (Stas)
- Fixed bug #32742 (segmentation fault when the stream with a wrapper
is not closed). (Tony, Dmitry)
- Fixed bug #32730 (ext/crack.c fails to compile with cracklib-2.8.3). (Jani)
- Fixed bug #32670 (foreach() does not issue warning on unset array arg). (Ilia)
- Fixed bug #32699 (pg_affected_rows() was defined when it was not available).
(Derick)
- Fixed bug #32682 (ext/mssql: Error on module shutdown when called from
activescript). (Frank)
- Fixed bug #32647 (Using register_shutdown_function() with invalid callback
can crash PHP). (Jani)
- Fixed bug #32591 (ext/mysql: Unsatisfied symbol: ntohs with HP-UX). (Jani)
- Fixed bug #32589 (Possible crash inside imap_mail_compose, with charsets).
(Ilia)
- Fixed bug #32587 (Apache2: errors sent to error_log do not include
timestamps). (Jani)
- Fixed bug #32567 (ext/gmp fails to compile in threadsafe mode). (Tony)
- Fixed bug #32538 (ext/swf/swf.c does not compile with gcc-3.4.x or newer).
(adam dot greenfield at gmail dot com)
- Fixed bug #32530 (chunk_split() does not append endstr if chunklen is
longer then the original string). (Ilia)
- Fixed bug #32491 (File upload error - unable to create a temporary file).
(Uwe Schindler)
- Fixed bug #32311 (mb_encode_mimeheader() does not properly escape characters).
(Moriyoshi)
- Fixed bug #32245 (xml_parser_free() in a function assigned to the xml parser
gives a segfault). (Rob)
- Fixed bug #32116 (mysql compressed connection doesn't work under windows)
(Georg)
- Fixed bug #31887 (ISAPI: Custom 5xx error does not return correct HTTP
response message). (Jani)
- Fixed bug #31583 (php_std_date() uses short day names in non-y2k_compliance mode).
(mike at php dot net)
- Fixed bug #31213 (Sideeffects caused by fix of bug #29493). (Dmitry)
- Fixed bug #30052 (Crash on shutdown after odbc_pconnect()). (Edin)
- Fixed bug #29975 (memory leaks when set_error_handler() is used inside error
handler). (Tony)
- Fixed bug #29944 (Function defined in switch, crashes). (Dmitry)
- Fixed bug #29338 (unencoded spaces get ignored after certain tags). (Ilia)
- Fixed bug #28605 (Need to use -[m]ieee option for Alpha CPUs). (Jani)
- Fixed bug #28377 (debug_backtrace is intermittently passing args). (Dmitry)
31 Mar 2005, Version 4.3.11
- Added Oracle Instant Client support. (cjbj at hotmail dot com, Tony)
- Added checks for negative values to gmp_sqrt(), gmp_powm(), gmp_sqrtrem()
and gmp_fact() to prevent SIGFPE. (Tony)
- Changed phpize not to require libtool. (Jani)
- Updated bundled libmbfl library (used for multibyte functions). (Moriyoshi)
- Fixed several leaks in ext/browscap and sapi/embed. (Andrei)
- Fixed several leaks in ext/filepro. (Tony)
- Fixed build system to always use bundled libtool files. (Jani)
- Fixed MacOSX shared extensions crashing on Apache startup. (Rasmus)
- Fixed bug #32373 (segfault in bzopen() if supplied path to non-existent
file). (Tony)
- Fixed bug #32340 (insert_before($node,NULL) does not return). (Rob)
- Fixed bug #32200 (Prevent using both --with-apxs2 and --with-apxs2filter).
(Jani)
- Fixed bug #32114 (DOM crashing when attribute appended to Document). (Rob)
- Fixed bug #32063 (mb_convert_encoding ignores named entity 'alpha').
(Moriyoshi)
- Fixed bug #31960 (msql_fetch_row() and msql_fetch_array() dropping columns
with NULL values). (Daniel Convissor)
- Fixed bug #31936 (set_h_errno() is redefined incompatibly). (Jani)
- Fixed bug #31911 (mb_decode_mimeheader() is case-sensitive to hex escapes).
(Moriyoshi)
- Fixed bug #31858 (--disable-cli does not force --without-pear). (Jani)
- Fixed bug #31842 (*date('r') does not return RFC2822 conforming date string).
(Jani)
- Fixed bug #31797 (exif_read_data() uses too low nesting limit). (Ilia)
- Fixed bug #31796 (readline completion handler does not handle empty return
values). (Ilia)
- Fixed bug #31792 (getrusage() does not provide ru_nswap value). (Ilia)
- Fixed bug #31754 (dbase_open() fails for mode = 1). (Mehdi, Derick)
- Fixed bug #31705 (parse_url() does not recognize http://foo.com#bar). (Ilia)
- Fixed bug #31684 (dio_tcsetattr(): misconfigured termios settings).
(elod at itfais dot com)
- Fixed bug #31699 (unserialize() float problem on non-English locales). (Ilia)
- Fixed bug #31623 (OCILogin does not support password grace period).
(daniel dot beet at accuratesoftware dot com, Tony)
- Fixed bug #31580 (fgetcsv() problematic with "" escape sequences). (Ilia)
- Fixed bug #31527 (crash in msg_send() when non-string is stored without
being serialized). (Ilia)
- Fixed bug #31514 (open_basedir uses path_translated rather then cwd for .
translation). (Ilia)
- Fixed bug #31480 (Possible infinite loop in imap_mail_compose()). (Ilia)
- Fixed bug #31479 (Fixed crash in chunk_split(), when chunklen > strlen). (Ilia)
- Fixed bug #31465 (False warning in unpack() when working with *). (Ilia)
- Fixed bug #31454 (session_set_save_handler crashes PHP when supplied
non-existent object ref). (Tony)
- Fixed bug #31444 (Memory leak in zend_language_scanner.c).
(hexer at studentcenter dot org)
- Fixed bug #31442 (unserialize broken on 64-bit systems). (Marcus)
- Fixed bug #31440 ($GLOBALS can be overwritten via GPC when
register_globals is enabled). (Ilia)
- Fixed bug #31413 (curl POSTFIELDS crashes on 64-bit platforms). (Joe)
- Fixed bug #31396 (compile fails with gd 2.0.33 without freetype). (Jani)
- Fixed bug #31371 (highlight_file() trims new line after heredoc). (Ilia)
- Fixed bug #31270 (missing safe_mode/open_basedir check in swf_openfile()). (Ilia)
- Fixed bug #31174 (compile warning in url.c). (Ilia, lukem at NetBSD dot org)
- Fixed bug #31159 (COM object access is not working). (Wez)
- Fixed bug #31142 (imap_mail_compose() fails to generate correct output). (Ilia)
- Fixed bug #31398 (When magic_guotes_gpc are enabled filenames with ' get cutoff).
(Ilia)
- Fixed bug #31288 (Possible crash in mysql_fetch_field(), if mysql_list_fields()
was not called previously). (Ilia)
- Fixed bug #31120 (mssql_query returns false on successfull inserts and
stored procedures). (Frank)
- Fixed bugs #31107, #31110, #31111, #31249 (Compile failure of zend_strtod.c).
(Jani)
- Fixed bug #31106 (Fixed crash in overloaded objects). (Stas)
- Fixed bug #31103 (Better error message when c-client cannot be found). (Ilia)
- Fixed bug #31101 (missing kerberos header file path with --with-openssl). (Jani)
- Fixed bug #31072 (var_export() does not output an array element with an empty
string key). (Derick)
- Fixed bug #31060 (imageftbbox() does not use linespacing parameter). (Jani)
- Fixed bug #31056 (php_std_date() returns invalid formatted date if
y2k_compliance is On). (Ilia)
- Fixed bug #31055 (apache2filter: per request leak proportional to the full
path of the request URI). (kameshj at fastmail dot fm)
- Fixed bug #30726 (-.1 like numbers are not being handled correctly). (Ilia)
- Fixed bug #30609 (cURL functions bypass open_basedir). (Jani)
- Fixed bug #30573 (compiler warnings in libmbfl due to invalid type cast).
(Moriyoshi)
- Fixed bug #30549 (incorrect character translations for some ISO8859 charsets).
(Moriyoshi)
- Fixed bug #30446 (apache2handler: virtual() includes files out of sequence)
- Fixed bug #30430 (odbc_next_result() doesn't bind values and that results
in segfault). (pdan-php at esync dot org, Tony)
- Fixed bug #30120 (imagettftext() and imagettfbbox() accept too many
parameters). (Jani)
- Fixed bug #29733 (printf() handles repeated placeholders wrong).
(bugs dot php dot net at bluetwanger dot de, Ilia)
- Fixed bug #29424 (width and height inverted for JPEG2000 files). (Ilia)
- Fixed bug #28976 (mail(): use "From:" from headers if sendmail_from is empty).
(Jani)
- Fixed bug #28930 (PHP sources pick wrong header files generated by bison).
(eggert at gnu dot org)
- Fixed bug #28804 (ini-file section parsing pattern is buggy).
(wendland at scan-plus dot de)
- Fixed bug #28803 (enabled debug causes bailout errors with CLI on AIX
because of fflush() called on already closed filedescriptor). (Tony)
- Fixed bug #28451 (corupt EXIF headers have unlimited recursive IFD directory
entries). (Andrei)
- Fixed bug #28220 (mb_strwidth() returns wrong width values for some hangul chars). (Moriyoshi)
- Fixed bug #28086 (crash inside overload() function). (Tony)
- Fixed bug #28074 (FastCGI: stderr should be written in a FCGI stderr stream).
(chris at ex-parrot dot com)
- Fixed bug #28067 (partially incorrect utf8 to htmlentities mapping). (Derick,
Benjamin Greiner)
- Fixed bug #27633 (Double \r problem on ftp_get in ASCII mode on Win32). (Ilia)
- Fixed bug #18613 (Multiple OUs in x509 certificate not handled properly). (Jani)
- Fixed bug #7782 (Cannot use PATH_INFO fully with php isapi). (Unknown)
15 Dec 2004, Version 4.3.10
- Added the %F modifier to *printf to render a non-locale-aware representation
of a float with the . as decimal separator. (Derick)
- Backported Marcus' foreach() speedup patch from PHP 5.x. (Derick)
- Fixed a bug in addslashes() handling of the '\0' character. (Ilia)
- Fixed potential problems with unserializing invalid serialize data. (Marcus)
- Fixed bug #31034 (Problem with non-existing iconv header file). (Derick)
- Fixed bug #31024 (Crash in fgetcsv() with negative length). (Ilia)
- Fixed bug #31019 (Logic error mssql library checking). (Frank)
- Fixed bug #30995 (snmp extension does not build with net-snmp 5.2). (Ilia)
- Fixed bug #30990 (allow popen() on *NIX to accept 'b' flag). (Ilia)
- Fixed bug #30826 (Certain reference relations cannot be unserialized
properly). (Ilia)
- Fixed bug #30750 (Meaningful error message when upload directory is not
accessible). (Ilia)
- Fixed bug #30739 (imagefill does not set back alphablending mode). (Pierre)
- Fixed bug #30672 (Problem handling exif data in jpeg images at unusual
places). (Marcus)
- Fixed bug #30658 (Ensure that temporary files created by GD are removed).
(Ilia)
- Fixed bug #30654 (oci8 persistent connection is deleted from hash
if there was exclusive connection with the same credentials). (Tony)
- Fixed bug #30613 (Prevent infinite recursion in url redirection). (Ilia)
- Fixed bug #30587 (array_multisort doesn't separate zvals before
changing them). (Tony)
- Fixed bug #30475 (curl_getinfo() may crash in some situations). (Ilia)
- Fixed bug #30442 (segfault when parsing ?getvariable[][ ). (Tony)
- Fixed bug #30388 (rename across filesystems loses ownership and
permission info). (Tony)
- Fixed bug #30282 (segfault when using unknown/unsupported
session.save_handler and/or session.serialize_handler). (Tony)
- Fixed bug #30281 (Prevent non-wbmp images from being detected as such).
(Ilia)
- Fixed bug #30276 (Possible crash in ctype_digit on large numbers). (Ilia)
- Fixed bug #30229 (imagerectangle and imagefilledrectangle do work well
with alpha channel, corners are drawn twice). (Pierre)
- Fixed bug #30224 (Sybase date strings are sometimes not null terminated).
(Ilia)
- Fixed bug #30133 (get_current_user() crashes on Windows). (Edin)
- Fixed bug #30057 (did not detect IPV6 on FreeBSD 4.1). (Wez)
- Fixed bug #30027 (Possible crash inside ftp_get()).
(cfield at affinitysolutions dot com)
- Fixed bug #29805 (HTTP Authentication Issues). (Uwe Schindler)
- Fixed bug #29418 (double free when openssl_csr_new fails).
(Kamesh Jayachandran).
- Fixed bug #28598 (Lost support for MS Symbol fonts). (Pierre)
- Fixed bug #28325 (Circular references not properly serialized). (Moriyoshi)
- Fixed bug #28228 (NULL decimal separator is not being handled correctly).
(Ilia)
- Fixed bug #27469 (serialize() objects of incomplete class). (Dmitry)
22 Sep 2004, Version 4.3.9
- GPC input processing fixes (Stefano Di Paola, Rasmus, Stefan)
- Implemented periodic PCRE compiled regexp cache cleanup, to avoid memory
exhaustion. (Andrei)
- Fixed bug with raw_post_data not getting set (Brian)
- Fixed a file-descriptor leak with phpinfo() and other 'special' URLs (Zeev)
- Rewritten UNIX and Windows install help files. (Documentation Team)
- Updated PCRE to provide better error handling in certain cases. (Andrei)
- NSAPI: added "bucket" parameter to list of non-php.ini-keys of php4_execute
for doing performance stats without warnings in server-log. (Uwe Schindler)
- Fixed bug preventing from building oci8 as shared.
(stanislav dot voroniy at portavita dot nl, Tony)
- Fixed leap year checking with idate(). (Christian Schneider, Derick)
- Fixed strip_tags() to correctly handle '\0' characters. (Stefan)
- Fixed funny forking effect in FastCGI when PHP_FCGI_CHILDREN was not set.
- Fixed bug #30050 (Possible crash inside php_shutdown_config()).
(Ilia, nw at softwarekombinat dot de)
- Fixed bug #29954 (array_reduce segfaults when initial value is array). (Tony)
- Fixed bug #29882 (isset crashes on arrays). (Marcus)
- Fixed bug #29753 (mcal_fetch_event() allows 2nd argument to be optional).
(Ilia, Vrana)
- Fixed bug #29727 (Added missing CURL authentication directives). (Ilia)
- Fixed bug #29719 (fgetcsv() has problem parsing strings ending with escaped
enclosures). (Ilia)
- Fixed bug #29607 (highlighting code with HEREDOC produces invalid output).
(Ilia)
- Fixed bug #29599 (domxml_error segfaults another apache module). (Rob)
- Fixed bug #29594 (Use PHP's own tmpfile() implementation). (Ilia)
- Fixed bug #29581 (Typo inside php.ini comments for mysql.trace_mode). (Ilia)
- Fixed bug #29493 (extract(array, EXTR_REFS) misbehaves with elements referred
twice or more times). (Moriyoshi)
- Fixed bug #29443 (Sanity check for wbmp detection). (Ilia)
- Fixed bug #29369 (Uploaded files with ' or " in their names get their names
truncated at those characters). (Ilia)
- Fixed bug #29349 (imagecreatefromstring() crashes with external GD library).
(Ilia, adconrad at debian dot org)
- Fixed bug #29333 (output_buffering+trans_sess_id can corrupt output). (Ilia)
- Fixed bug #29226 (ctype_* functions missing validation of numeric string
representations). (Ilia)
- Fixed bug #29209 (imap_fetchbody() doesn't check message index).
(Ilia, Tony)
- Fixed bug #29116 (Zend constant warning uses memory after free).
(Marcus, jdolecek at NetBSD dot org)
- Fixed bug #29114 (Potential double free in php_stat). (Sara)
- Fixed bug #29075 (strnatcmp() incorrectly handles whitespace).
(Curt, Ilia)
- Fixed bug #29049 (array sorting via user function/method does not
validate it). (Ilia)
- Fixed bug #29038 (extract() with EXTR_PREFIX_SAME prefixes empty strings).
(Andrey)
- Fixed bug #29034 (wordwrap() returns a boolean when passed empty string).
(Ilia)
- Fixed bug #28974 (overflow in array_slice(), array_splice(), substr,
substr_replace(), strspn(), strcspn()). (Andrey)
- Fixed bug #28897 (ibase: -1 returned as -0.000 for 64-bit scaled int). (Ard)
- Fixed bug #28879 (Implicit/Explicit array creation inconsistency when using
Resources, Arrays, or Objects as indices). (Sara)
- Fixed bug #28878 (Setting of inikey's in obj.conf fails). (Uwe Schindler)
- Fixed bug #28868 (Internal wrapper registry not thread safe). (Sara)
- Fixed bug #28818 (Apache 2 sapis do not export st_dev).
(xuefer at 21cn dot com, Ilia).
- Fixed bug #28800 (strings beginning with "inf" improperly converted). (Ilia)
- Fixed bug #28723 (Fixed mbstring config.m4 to work on OSes where test
command does not support -e parameter). (Ilia)
- Fixed bug #28692 (\0 in Authenticate header passed via safe_mode). (Ilia)
- Fixed bug #28670 (WWW-Authentication header mangling with PCRE in safe_mode
adds extra spaces). (Ilia)
- Fixed bug #28668 (glob() does not work with relative paths on Windows). (Ilia)
- Fixed bug #28649 (Proper glob() return value on Linux when there are no
matches). (Ilia)
- Fixed bug #28633 (sprintf incorrectly adding padding to floats). (Ilia)
- Fixed bug #28627 (When multiple MySQL links are used default link is leaked).
(gavin at ipalsoftware dot com, Ilia)
- Fixed bug #28525 (gmp_powm() does not work with hexadecimal string modulo
represented as a string). (pickett at sumu dot org, Ilia)
- Fixed bug #28512 (Allocate enough space to store MSSQL data). (Frank)
- Fixed bug #28466 (mbstring_convert_variables() array separation problem).
(Moriyoshi)
- Fixed bug #28175 (Allow bundled GD to compile against freetype 2.1.2).
(Elf, Ilia)
14 Jul 2004, Version 4.3.8
- Fixed strip_tags() to correctly handle '\0' characters. (Stefan)
- Fixed memory_limit during request startup. (Stefan)
- Replace alloca() with emalloc() for better stack protection. (Ilia)
- Added missing safe_mode checks inside ftok and itpc. (Ilia)
- Fixed bug #28963 (Missing space for \0 in address allocation in IMAP). (Ilia)
- Fixed bug #28632 (Prevent open_basedir bypass via MySQL's LOAD DATA LOCAL).
(Ilia)
03 Jun 2004, Version 4.3.7
- Upgraded bundled GD library to 2.0.23. (Ilia)
- Changed user error handler mechanism to relay to built-in error handler if it
returns false. (Andrei)
- Fixed command line escaping routines for win32. (Ilia)
- Fixed problems with *printf() functions and '%f' formatting. (Marcus)
- Fixed possible crash inside pg_copy_(to|from) function if delimiter is more
then 1 character long. (Ilia)
- Fixed crash inside cpdf_place_inline_image() when working with truecolor
images. (Ilia)
- Fixed handling of return values from storred procedures in mssql_execute()
with multiple result sets returned. (Frank)
- Fixed logic bug in session_register() which allowed registering _SESSION
and/or HTTP_SESSION_VARS. (Sara)
- Fixed bug #28597 (xmlrpc_encode_request() incorrectly encodes chars in
200-210 range). (fernando dot nemec at folha dot com dot br, Ilia)
- Fixed bug #28569 (informix connection id is not thread safe).
(novicky at aarongroup dot cz, Ard)
- Fixed bug #28564 (Problem building informix as a shared extension).
(roques at mti dot ag, Ilia)
- Fixed bug #28508 (Do not make hypot() available if not supported by libc).
(Ilia)
- Fixed bug #28506 (Allow negative start angle in imagearc and imagefilledarc.
(Pierre)
- Fixed bug #28456 (Problem with enclosed / in uploaded files). (Antony)
- Fixed bug #28386 (wordwrap() wraps lines 1 character too soon). (Ilia)
- Fixed bug #28374 (Possible unterminated loop inside
_php_pgsql_trim_message()). (Ilia)
- Fixed bug #28355 (glob() does not return error on Linux when it does not
have permission to open the directory). (Ilia)
- Fixed bug #28289 (incorrect resolving of relative paths by glob() in
windows). (Ilia)
- Fixed bug #28229 (run-tests tripped up by spaces in names). (Marcus)
- Fixed bug #28228 (number_format() does not allow empty decimal separator).
(Ilia)
- Fixed bug #28196 (missing error constants in cURL extension). (Ilia)
- Fixed bug #28187 (parse_url() not handling embedded IPv6 in URLs). (Sara)
- Fixed bug #28175 (build problem for people using FreeType 2.1.0-2.1.2).
(Ilia)
- Fixed bug #28147 (Crash with drawing anti-aliased lines). (Derick)
- Fixed bug #28122 (dba_open db3: Permission denied). (Marcus)
- Fixed bug #28112 (sqlite_query() crashing apache on malformed query). (Ilia,
Marcus)
- Fixed bug #28055 (timeout duration too long in feof()/pfsockopen() liveness
checks). (Wez)
- Fixed bug #28087 (Do not force mysql.trace_mode to 0 on every request).
(Ilia)
- Fixed bug #28042 (greek letters in html to entitity mapping not correct).
(Derick)
- Fixed bug #28007 (compile mssql extension with old versions of FreeTDS
fails). (Frank)
- Fixed bug #27995 (imagefilltoborder() stops the fill process prematurely).
(Ilia)
- Fixed bug #27810 (don't use php's pemalloc in ext/pcre). (Joe Orton)
- Fixed bug #23220 (SSL: fatal protocol error when talking to IIS). (Wez)
15 Apr 2004, Version 4.3.6
- Updated bundled PDFLib library to version 5.0.3p1 in Windows distribution.
(Edin)
- Fixed a crash in multi-threaded environments when a thread is shutdown by
the web server. (Stas)
- Fixed a bug that prevented building of the GD extension against external GD
lib 1.X. (Ilia, Edin, Nick Talbott).
- Synchronized bundled GD library with GD 2.0.22. (Ilia)
- Fixed bug #27963 (Session lifetime setting may leak between requests). (Ilia)
- Fixed bug #27849 (configure craps out on trivial syntax error). (Derick)
- Fixed bug #27822 (is_resource() returns TRUE for closed resources). (Derick)
- Fixed bug #27819 (problems returning reference to a reference parameter).
(Ilia)
- Fixed bug #27809 (ftp_systype returns null on some ftp servers). (Ilia)
- Fixed bug #27802 (default number of children to 8 when PHP_FCGI_CHILDREN is
not defined). (Ilia)
- Fixed bug #27780 (strtotime(+1 xxx) returns a wrong date/time). (Derick)
- Fixed bug #27769 (domxml_xmltree crashes). (Rob)
- Fixed bug #27764 (Get return value from a stored procedure not returning any
result sets). (Frank)
- Fixed bug #27762 (SCO Openserver doesn't have S_ISSOCK). (Wez)
- Fixed bug #27743 (Make sure Money types are converted and returned
correctly). (Frank)
- Fixed bug #27732 (Fixed compilation bug inside php_sab_info.h). (Ilia)
- Fixed bug #27731 (error_reporting() inside @ block fails to set
error_reporting level). (Ilia)
- Fixed bug #27719 (mktime issues on and around DST changeover). (Rasmus)
- Fixed bug #27717 (Test Failures when compiled on 64-bit mode). (Ard, Derick)
- Fixed bug #27687 (Bug Adding Default Charset to 'text/*' Content-Type
Header). (Marcus)
- Fixed bug #27663 (compile failure with cURL 7.11.1). (Ilia)
- Fixed bug #27646 (Cannot serialize/unserialize non-finite numeric values).
(Marcus)
- Fixed bug #26757 (session.save_path default is bogus for win32). (Wez)
- Fixed bug #26589 (Crash inside mssql extension when selecting many columns
of type money). (Frank)
- Fixed bug #25547 (error_handler and array index with function call).
(cschneid at cschneid dot com)
26 Mar 2004, Version 4.3.5
- Fixed possible crash using an invalid color index with a palette image in
imagecolortransparent. (Pierre)
- Fixed php-cgi to not ignore command-line switches when run in a web context.
This fixes our test cases allowing INI with GET sections to work. (Rasmus)
- Fixed getopt() so it works without $_SERVER. (Rasmus, bfrance)
- Fixed crash in php_ini_scanned_files() when no additional INI files were
actually parsed. (Jon)
- Fixed possible crashes inside socket extension, due to missing check inside
allocation functions. (Ilia)
- Fixed zero bytes memory allocation when no extra ini files are found in the
--with-config-file-scan-dir specified directory. (Eric Colinet, Derick)
- Changed "allow_url_fopen" php.ini option to be PHP_INI_SYSTEM. (Sara)
- Improved the sybase_ct module: (Timm)
. Added ability to define a message handler not only globally, but also per
connection.
. Added "sybct.packet_size" php.ini option.
. Changed "sybct.login_timeout" php.ini option changeable at runtime.
. Fixed memory leak in sybase_set_message_handler().
- Synchronized bundled GD library with GD 2.0.17. (Ilia)
- Upgraded PCRE library to version 4.5. (Andrei)
- Updated bundled PostgreSQL library to version 7.4 in Windows distribution.
(Edin)
- Added support for --program-prefix and --program-suffix configure options.
(Jani)
- Added a warning when creating temp stream fails with ftp_(n)list(). (Sara)
- Fixed header handler in NSAPI SAPI module (header->replace was ignored,
send_default_content_type now sends value from php.ini). (Uwe Schindler)
- Fixed bug #27633 (Incorrect EOL translation by ftp_get() in ASCII mode).
(Ilia)
- Fixed bug #27600 (GCC 3.0.4 does not like __attribute__ directive). (Sascha)
- Fixed bug #27590 (crash during shutdown when freeing persistent resources in
ZTS mode). (Ilia)
- Fixed bug #27582 (possible crashes in imagefilltoborder()). (Pierre)
- Fixed bug #27580 (pre-initialization errors in ap2 handler are not being
written to vhost error log). (Ilia)
- Fixed bug #27559 (Corrected open_basedir resolving logic). (Ilia)
- Fixed bug #27530 (broken http auth when safe_mode is on and PCRE is disabled).
(Ilia)
- Fixed bug #27509 (broken getaddrinfo() causes fsockopen() error). (Sara)
- Fixed bug #27505 (htmlentities() does not handle BIG5 correctly). (Ilia,
ywliu at hotmail dot com)
- Fixed bug #27498 (bogus safe_mode error on nonexistent directories for
chdir() and opendir() functions). (Ilia)
- Fixed bug #27460 (base64_decode() does not handle extra padding).
(Ilia, naish at klanen dot net)
- Fixed bug #27443 (defined() returns wrong type). (Derick)
- Fixed bug #27437 (wrong freetype include inside GD library). (Ilia)
- Fixed bug #27424 (headers missing on flush() in apache 2 SAPIs). (Ilia)
- Fixed bug #27421 (mbstring.func_overload should be system ini setting).
(Ilia)
- Fixed bug #27384 (unpack() misbehaves with 1 char string). (GeorgeS)
- Fixed bug #27383 (Potential crash inside fopen_wrapper, while
parsing response code). (Ilia)
- Fixed bug #27354 (Modulus operator crashes PHP). (Derick)
- Fixed bug #27341 (HEAD requests fail to return data). (Ilia)
- Fixed bug #27337 (missing sapi_shutdown() in sapi/isapi causes memory leak).
(Jani, msisolak at yahoo dot com)
- Fixed bug #27328 (ftp extension relies on 32-bit longs). (Sara)
- Fixed bug #27300 (Improved regex for pg_convert()).
(benjcarson at digitaljunkies dot ca, Ilia)
- Fixed bug #27295 (memory leak inside sscanf()). (Ilia)
- Fixed bug #27293 (two crashes inside image2wbmp()). (Ilia)
- Fixed bug #27291 (get_browser matches browscap.ini patterns incorrectly).
(Jay)
- Fixed bug #27278 (*printf() functions treat arguments as if passed by
reference). (Ilia)
- Fixed bug #27238 (iptcparse() function misses some fields). (Pierre)
- Fixed bug #27235 (Interbase NUMERIC x.0 field returns empty string on 0).
(Ard)
- Fixed bug #27196 (Missing content_length initialization in apache 2 sapis).
(Ilia, pdoru at kappa dot ro)
- Fixed bug #27183 (userland stream wrapper segfaults on stream_write).
(Moriyoshi)
- Fixed bug #27175 (tzset() is not being called by PHP on startup).
(Ilia, sagawa at sohgoh dot net)
- Fixed bug #27172 (Possible floating point exception in gmp_powm()).
(Ilia)
- Fixed bug #27171 (crash inside gmp_hamdist()). (Jani)
- Fixed bug #27157 (Compile Failure on Solaris 8). (Timm)
- Fixed bug #27149 (broken CLOB support in oci8 extension). (Antony)
- Fixed bug #27135 (Possible crash inside mb_strlen()). (Moriyoshi)
- Fixed bug #27104 (CLI/CGI SAPI module variable name conflict). (Marcus)
- Fixed bug #27058 (crash in sybase_connect() with 2 arguments). (Ilia)
- Fixed bug #27056 (ints used instead of longs inside some GD functions).
(Ilia)
- Fixed bug #27040 (passing an array of form-fields to CURLOPT_POSTFIELDS
does not work). (Ilia, Jani)
- Fixed bug #27037 (fixed possible crash in apache2handler output code).
(Ilia)
- Fixed bug #27026 (Added "cgi.nph" php.ini option to allow forcing of the
'Status: 200' header that is not normally needed). (Ilia)
- Fixed bug #27011 (64bit int/long confusion in preg_match*() functions).
(Ilia)
- Fixed bug #27007 (missing connection closure when connect fails in pgsql).
(Ilia)
- Fixed bug #26974 (rename() doesn't check the destination file against
safe_mode/open_basedir). (Ilia)
- Fixed bug #26973 (*printf() '+' modifier broken). (Jani)
- Fixed bug #26969 (--with-openssl=shared build fails). (Jani)
- Fixed bug #26968 (Segfault with Interbase module built as shared). (Ard)
- Fixed bug #26949 (rand(min,max) always returns min when ZTS enabled). (Jani)
- Fixed bug #26937 (Warning in xml.c). (Jani)
- Fixed bug #26927 (preg_quote() does not escape \0). (Ilia)
- Fixed bug #26923 (ext/imap: pam and crypt libraries missing when build as
shared extension). (Jani)
- Fixed bug #26909 (crash in imap_mime_header_decode() when no encoding is
used). (Ilia)
- Fixed bug #26896 (ext/ftp does not work as shared extension). (Jani)
- Fixed bug #26892 (ORA-21301 in ocinewcollection() call). (Antony)
- Fixed bug #26878 (problem with multiple references to the same variable with
different types). (Ilia)
- Fixed bug #26864 (pg_(update|delete) ignore PGSQL_DML_EXEC option). (Ilia)
- Fixed bug #26862 (ob_flush() followed by output_reset_rewrite_vars() may
result in data loss). (Ilia, scottmacvicar at ntlworld dot com)
- Fixed bug #26847 (memory leak in mail() when to/subject contain only spaces).
(Ilia)
- Fixed bug #26814 (When included file has a parse error, terminate script
execution). (Ilia)
- Fixed bug #26777 (ext/interbase: Let DB handle NULL params). (Ard)
- Fixed bug #26772, #26967 (file operations return NULL instead of FALSE).
(Wez, Ilia)
- Fixed bug #26758 (FastCGI exits immediately with status 255).
(Ilia, tcarter at noggin dot com dot au)
- Fixed bug #26755 (CLI now overrides php.ini settings and switches off output
buffering). (Edin)
- Fixed bug #26753 (zend_fetch_list_dtor_id() doesn't check NULL strings).
(Jani, Markus dot Lidel at shadowconnect dot com)
- Fixed bug #26752 (Silent unterminated loop when length parameter for fgets(),
fread() and fgetss() is 0). (Ilia)
- Fixed bug #26751 (PHP can't find the MySQL socket on a case sensitive file
system). (Derick)
- Fixed bug #26703 (Certain characters inside strings incorrectly treated
as keywords). (vrana [at] php [dot] net, Ilia)
- Fixed bug #26699 (mbstring doesn't identify "binary" as a valid encoding).
(nirva-php at ishiboo dot com, Moriyoshi)
- Fixed bug #26667 (Added safety checks to ip2long()). (Ilia)
- Fixed bug #26653 (open_basedir incorrectly resolved on win32).
(Ilia, scottmacvicar at ntlworld dot com)
- Fixed bug #26639 (mb_convert_variables() clutters variables beyond the
references). (Moriyoshi)
- Fixed bug #26635 (fixed look up for fonts in the current directory w/ZTS).
(Ilia)
- Fixed bug #26625 (pg_convert sets NULL incorrectly for character data types).
(Ilia)
- Fixed bug #26604 (Apache2 SAPIs implicitly disable Keep-Alive). (Ilia)
- Fixed bug #26595 (ext/domxml: XSLT_NAMESPACE undeclared). (Christian)
- Fixed bug #26565 (strtotime("this month") resolving to the wrong month).
(Jani)
- Fixed bug #26564 (ncurses5 has headers in PREFIX/include/ncurses/). (Jani)
- Fixed bug #26548 (ext/session: Malformed HTTP dates headers). (Derick)
- Fixed bug #26531 (ext/domxml: get_elements_by_tag_name() wildcard fails).
(Rob Richards)
- Fixed bug #26488 (Missing declaration of CRTSCTS in ext/dio/dio.c). (Jani)
- Fixed bug #26467 (flock() does not force the "wouldblock" parameter to be
passed by reference). (Wez)
- Fixed bug #26463 (Incorrect handling of semicolons after heredoc). (Ilia)
- Fixed bug #26462 (phpize + ext/bcmath -> compile error). (Jani)
- Fixed bug #26461 (-lssl missing from LIBS). (Jani)
- Fixed bug #26458 (var_dump(), var_export(), debug_zval_dump() not binary safe
for array keys). (Ilia)
- Fixed bug #26447 (--with-openssl=shared causes compile errors). (Jani)
- Fixed bug #26446 (domxml_open_file() returns an empty error-Array). (Rob)
- Fixed bug #26440 (MFH missing context options). (Ilia)
- Fixed bug #26438 (error in thttpd SAPI installation). (Jani)
- Fixed bug #26415 (Updated bundled OpenSSL DLLs in the Windows distribution
to 0.9.7c). (Edin)
- Fixed bug #26407 (Result set fetching broken around transactions). (Timm)
- Fixed bug #26391 (parse_url() destroys strings that contain a character in
range of \x80-\xff)). (Moriyoshi)
- Fixed bug #26384 (crash in domxslt->process()). (Christian)
- Fixed bug #26381 (rand() without srand() doesn't work with certain php.ini).
(Jani)
- Fixed bug #26376 (typo in ext/odbc/config.m4: DBMaker test fails). (Jani)
- Fixed bug #26355 (flock() doesn't initialize the wouldblock argument). (Ilia)
- Fixed bug #26309 (Fixed argument parsing for imageftbbox()). (Ilia)
- Fixed bug #26304 (Unexpected data loss when opening dba file). (Marcus)
- Fixed bug #26285 (escapeshellarg() uses wrong quotes on windows). (Ilia)
- Fixed bug #26267 (gmp_random() leaks memory and does not produce random
numbers). (Jani)
- Fixed bug #26253 (ext/tokenizer: build as shared extension fails). (Jani)
- Fixed bug #26235 (yp_first/yp_next do not specify correct key length). (Ilia)
- Fixed bug #26216 ("getimagesize(): stream does not support seeking" when
using remote files). (Marcus)
- Fixed bug #26201 (crash in ibase_trans() on invalid link handle). (Ilia)
- Fixed bug #26198 (strtotime() handling of M/F Y date format). (Ilia)
- Fixed bug #26194 (iconv() not properly defined with libiconv).
(Steph, Frank, Moriyoshi)
- Fixed bug #26176 (Fixed handling of numeric keys in INI files). (Ilia)
- Fixed bug #26168 (shtool availability check in phpize).
(robbat2 at gentoo dot org, Ilia)
- Fixed bug #26148 (Print the notice before modifying variable on type
mismatch). (morten-bugs dot php dot net at afdelingp dot dk, Ilia)
- Fixed bug #26128 (mbstring prints out wrong information on phpinfo()).
(Moriyoshi)
- Fixed bug #26113 (remove leftover local file when ftp_get/ftp_nb_get
fails). (Ilia)
- Fixed bug #26105 (Compile failure on GCC version 3.0.X). (Ilia)
- Fixed bug #26103 (ext/mime_magic causes compile failure in ext/mssql). (Jani)
- Fixed bug #26097 (gdImageColorClosestAlpha() returns incorrect results).
(sprice at wisc dot edu, Ilia)
- Fixed bug #26042 (memory leak if mcrypt_generic_deinit() is not called after
every mcrypt_generic_init() call). (Ilia)
- Fixed bug #26025 (Segfault on glob() without GLOB_NOCHECK or GLOB_NOMAGIC
under *BSD platforms). (Moriyoshi)
- Fixed bug #26005 (Random "cannot change the session ini settings" errors).
(Jani, jsnajdr at kerio dot com)
- Fixed bug #26003 (Make fgetcsv() binary safe). (Ilia, Moriyoshi)
- Fixed bug #25963 (PostgreSQL error message include \n characters).
(Marcus, Ilia)
- Fixed bug #25939 (feof() not working correctly for sockets). (Wez)
- Fixed bug #25916 (get_browser() -> PHP Fatal error: Nesting level too
deep - recursive dependency?). (Uwe Schindler)
- Fixed bug #25794 (Cannot open existing hash db3 file with write" ext/dba).
(Marcus)
- Fixed bug #25753 (php.ini settings "leak" from vhosts/.htaccess files).
(Patch by: rover at tob dot ru)
- Fixed bug #25694 (round() and number_format() give inconsistent results).
(Ilia)
- Fixed bug #25664 (calling ITypeInfo::Invoke with bogus params). (Wez)
- Fixed bug #25581 (getimagesize () return incorrect values on bitmap (os2)
files). (Marcus)
- Fixed bug #25329 (sqlite_create_function with method and reference to
$this). (Marcus).
- Fixed bug #24773 (unsetting string as array causes a crash). (Sara)
- Fixed bug #24773 (Unsetting string offsets crashes PHP). (Moriyoshi, Sara)
- Fixed bug #24582 (extensions can't be loaded dynamically in Solaris/iPlanet).
(Jani)
- Fixed bug #23467 (date('T') outputs incorrect Time Zone).
(Jani, scottmacvicar at ntlworld dot com)
- Fixed bug #22403 (PHP crashes when executing a sql procedure without
parameters). (Timm)
- Fixed bug #22127 (Invalid response code when force-cgi-redirect safety
mechanism is triggered). (Ilia, scottmacvicar at ntlworld dot com)
- Fixed bug #21760 (Use of uninitialized pointer inside php_read()).
(Ilia, uce at ftc dot gov)
- Fixed bug #21513 (shutdown functions not executed if timed out). (Zeev)
- Fixed bug #21070 (ftp_genlist/ANSI-tmpfile() fail w/ some platform). (Sara)
3 Nov 2003, Version 4.3.4
- Made MCVE extension available on win32. (Jani)
- Upgraded bundled libfcgi and made FastCGI support viable on Win32. (Sascha)
- Added apache_get_version() function. (Ilia)
- Fixed disk_total_space() and disk_free_space() under FreeBSD. (Jon Parise)
- Fixed crash bug when non-existing save/serializer handler was used. (Jani)
- Fixed memory leak in gethostbynamel() if an error occurs. (Sara)
- Fixed FastCGI being unable to bind to a specific IP. (Sascha)
- Fixed multibyte regex engine to properly handle ".*" pattern under
POSIX compatible mode. (K.Kosako <kosako at sofnec.co.jp>, Moriyoshi)
- Fixed bug #25955 (Compile failure on MacOSX 10.3 Panther). (Marko, Dan)
- Fixed bug #25923 (mail() modifies the to & subject arguments). (Ilia)
- Fixed bug #25922 (Crash in error handler when 5th argument is modified).
(Ilia)
- Fixed bug #25918 (Possible crash in mime_content_type()). (Ilia)
- Fixed bug #25900 (document->get_elements_by_tag_name with default xmlns).
(Rob)
- Fixed bug #25895 (Incorrect detection of safe_mode limited ini options).
(Ilia)
- Fixed bug #25888 (Crash of php.exe when xpath_eval of a namespace). (Rob)
- Fixed bug #25836 (last key of multi-dimensional array passed via GPC not
being escaped when magic_quotes_gpc is on). (Ilia)
- Fixed bug #25825 (tzset() was not called to reset libc environment on
request shutdown). (Wez)
- Fixed bug #25814 (Make flock() return correct value when 3rd argument is
used). (Ilia)
- Fixed bug #25800 (parse_url() could not parse urls with empty port). (Ilia)
- Fixed bug #25780 (ext/session: invalid "session.cookie_lifetime" makes
session_start() to crash in win32). (Jani)
- Fixed bug #25777 (Do not rtrim() of text fields fetched from mssql). (Ilia)
- Fixed bug #25770 (Segfault with PHP and bison 1.875).
(eggert@gnu.org, Marcus)