5.4.28

php · May 2, 2014 · 700891c · 700891c
1 parent f75237c
commit 700891c
Show file tree

Hide file tree

Showing 6 changed files with 143 additions and 6 deletions.
diff --git a/ChangeLog-5.php b/ChangeLog-5.php
@@ -92,6 +92,67 @@ function release_date($in) {
 </ul>
 <!-- }}} --></section>
 
+<section class="version" id="5.4.28"><!-- {{{ 5.4.28 -->
+<h3>Version 5.4.28</h3>
+<b>01-May-2014</b>
+<ul><li>Core:
+<ul>
+  <li><?php bugfix(61019); ?> (Out of memory on command stream_get_contents).</li>
+  <li><?php bugfix(64330); ?> (stream_socket_server() creates wrong Abstract Namespace UNIX sockets).</li>
+  <li><?php bugfix(66171); ?> (Symlinks and session handler allow open_basedir bypass).</li>
+  <li><?php bugfix(66182); ?> (exit in stream filter produces segfault).</li>
+  <li><?php bugfix(66736); ?> (fpassthru broken).</li>
+  <li><?php bugfix(67024); ?> (getimagesize should recognize BMP files with negative height).</li>
+</ul></li>
+<li>cURL:
+<ul>
+  <li><?php bugfix(66562); ?> (curl_exec returns differently than curl_multi_getcontent).</li>
+</ul></li>
+<li>Date:
+<ul>
+  <li><?php bugfix(66721); ?> (__wakeup of DateTime segfaults when invalid object data is supplied).</li>
+</ul></li>
+<li>Embed:
+<ul>
+  <li><?php bugfix(65715); ?> (php5embed.lib isn't provided anymore).</li>
+</ul></li>
+<li>Fileinfo:
+<ul>
+  <li><?php bugfix(66987); ?> (Memory corruption in fileinfo ext / bigendian).</li>
+</ul></li>
+<li>FPM:
+<ul>
+  <li><?php bugfix(66482); ?> (unknown entry 'priority' in php-fpm.conf).</li>
+  <li><?php bugfix(67060); ?> (sapi/fpm: possible privilege escalation due to insecure default configuration) (CVE-2014-0185).</li>
+</ul></li>
+<li>JSON:
+<ul>
+  <li><?php bugfix(66021); ?> (Blank line inside empty array/object when JSON_PRETTY_PRINT is set).</li>
+</ul></li>
+<li>LDAP:
+<ul>
+  <li>Fixed issue with null bytes in LDAP bindings.</li>
+</ul></li>
+<li>OpenSSL:
+<ul>
+  <li><?php bugfix(66942); ?> (memory leak in openssl_seal()).</li>
+  <li><?php bugfix(66952); ?> (memory leak in openssl_open()).</li>
+</ul></li>
+<li>SimpleXML:
+<ul>
+  <li><?php bugfix(66084); ?> (simplexml_load_string() mangles empty node name) (Anatol)</li>
+</ul></li>
+<li>XSL:
+<ul>
+  <li><?php bugfix(53965); ?> (&lt;xsl:include&gt; cannot find files with relative paths when loaded with "file://").</li>
+</ul></li>
+<li>Apache2 Handler SAPI:
+<ul>
+  <li>Fixed Apache log issue caused by APR's lack of support for %zu (APR issue <a href="https://issues.apache.org/bugzilla/show_bug.cgi?id=56120">56120</a>).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
 <section class="version" id="5.5.11"><!-- {{{ 5.5.11 -->
 <h3>Version 5.5.11</h3>
 <?php release_date('3-Apr-2014'); ?>

diff --git a/archive/archive.xml b/archive/archive.xml
@@ -9,6 +9,7 @@
     <uri>http://php.net/contact</uri>
     <email>php-webmaster@lists.php.net</email>
   </author>
+  <xi:include href="entries/2014-05-01-1.xml"/>
   <xi:include href="entries/2014-04-30-1.xml"/>
   <xi:include href="entries/2014-04-11-1.xml"/>
   <xi:include href="entries/2014-04-03-1.xml"/>

diff --git a/archive/entries/2014-05-01-1.xml b/archive/entries/2014-05-01-1.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom">
+  <title>PHP 5.4.28 Released</title>
+  <id>http://php.net/archive/2014.php#id2014-05-01-1</id>
+  <published>2014-05-01T22:32:15-07:00</published>
+  <updated>2014-05-01T22:32:15-07:00</updated>
+  <category term="frontpage" label="PHP.net frontpage news"/>
+  <category term="releases" label="New PHP release"/>
+  <link href="http://php.net/index.php#id2014-05-01-1" rel="alternate" type="text/html"/>
+  <link href="http://php.net/archive/2014.php#id2014-05-01-1" rel="via" type="text/html"/>
+  <content type="xhtml">
+    <div xmlns="http://www.w3.org/1999/xhtml">
+     <p>The PHP development team announces the immediate availability of PHP
+     5.4.28. 19 bugs were fixed in this release, including CVE-2014-0185.
+     All PHP 5.4 users are encouraged to upgrade to this version.
+     </p>
+
+     <p>For source downloads of PHP 5.4.28 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,
+     Windows binaries can be found on <a href="http://windows.php.net/download/">windows.php.net/download/</a>.
+     The list of changes is recorded in the <a href="http://www.php.net/ChangeLog-5.php#5.4.28">ChangeLog</a>.
+     </p>
+    </div>
+  </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
@@ -412,6 +412,37 @@ $OLDRELEASES = array (
       'date' => '20 Jun 2013',
       'museum' => true,
     ),
+    '5.4.27' => 
+    array (
+      'announcement' => 
+      array (
+        'English' => '/releases/5_4_27.php',
+      ),
+      'source' => 
+      array (
+        0 => 
+        array (
+          'filename' => 'php-5.4.27.tar.bz2',
+          'name' => 'PHP 5.4.27 (tar.bz2)',
+          'md5' => '1c6e99187d25023411b663ea09f145ee',
+          'date' => '3 Apr 2014',
+        ),
+        1 => 
+        array (
+          'filename' => 'php-5.4.27.tar.gz',
+          'name' => 'PHP 5.4.27 (tar.gz)',
+          'md5' => '3080690bbb14d798a511e325a81a6f32',
+          'date' => '3 Apr 2014',
+        ),
+        2 => 
+        array (
+          'link' => 'http://windows.php.net/download/#php-5.4',
+          'name' => 'Windows 5.4.26 binaries and source',
+        ),
+      ),
+      'date' => '6 Mar 2014',
+      'museum' => false,
+    ),
     '5.4.26' => 
     array (
       'announcement' => 
@@ -429,8 +460,8 @@ $OLDRELEASES = array (
         ),
         1 => 
         array (
-          'filename' => 'php-5.4.25.tar.gz',
-          'name' => 'PHP 5.4.25 (tar.gz)',
+          'filename' => 'php-5.4.26.tar.gz',
+          'name' => 'PHP 5.4.26 (tar.gz)',
           'md5' => '7e5f6254d1bac06efc225259a1e38a27',
           'date' => '6 Mar 2014',
         ),

diff --git a/include/version.inc b/include/version.inc
@@ -29,11 +29,11 @@ $PHP_5_5_MD5     = array(
 $PHP_5_4_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
 $PHP_5_4_RC_DATE = '20 Mar 2014';
 
-$PHP_5_4_VERSION         = "5.4.27";
-$PHP_5_4_DATE            = "3 Apr 2014";
+$PHP_5_4_VERSION         = "5.4.28";
+$PHP_5_4_DATE            = "2 May 2014";
 $PHP_5_4_MD5     = array(
-                       "tar.bz2"       => "1c6e99187d25023411b663ea09f145ee",
-                       "tar.gz"        => "3080690bbb14d798a511e325a81a6f32",
+                       "tar.bz2"       => "1676c807683041445f0df63913738571",
+                       "tar.gz"        => "7fd1235a56d4579ef3c9497a983c4a83",
 );
 
 /* PHP 5.3 Release */

diff --git a/releases/5_4_28.php b/releases/5_4_28.php
@@ -0,0 +1,20 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_4_28.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.4.28 Release Announcement");
+?>
+
+<h1>PHP 5.4.28 Release Announcement</h1>
+
+<p>The PHP development team announces the immediate availability of PHP
+5.4.28. 19 bugs were fixed in this release, including CVE-2014-0185.
+All PHP 5.4 users are encouraged to upgrade to this version.
+</p>
+
+<p>For source downloads of PHP 5.4.28 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,
+Windows binaries can be found on <a href="http://windows.php.net/download/">windows.php.net/download/</a>.
+The list of changes is recorded in the <a href="http://www.php.net/ChangeLog-5.php#5.4.28">ChangeLog</a>.
+</p>
+
+<?php site_footer(); ?>