forked from php/php-src
-
Notifications
You must be signed in to change notification settings - Fork 1
/
NEWS
3453 lines (3391 loc) · 187 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
09 Oct 2008, PHP 5.2.7RC1
- Reverted fix for bug #44197 due to behaviour change in minor version.
(Felipe)
- Added "PHP_INI_SCAN_DIR" environment variable which can be used to either
disable or change the compile time ini scan directory (FR #45114). (Jani)
- Fixed security issues detailed in CVE-2008-2665 and CVE-2008-2666.
(Christian Hoffmann)
- Fixed simplexml asXML() not to lose encoding when dumping entire document
to file. (Ilia)
- Fixed a crash inside PDO when trying instantiate PDORow manually. (Felipe)
- Fixed build failure of ext/mysqli with libmysql 6.0 - missing rpl
functions. (Andrey)
- Fixed a regression when using strip_tags() and < is within an attribute.
(Scott)
- Fixed a crash on invalid method in ReflectionParameter constructor.
(Christian Seiler)
- Fixed bug #46247 (ibase_set_event_handler() is allowing to pass callback
without event). (Felipe)
- Fixed bug #46215 (json_encode mutates its parameter and has some
class-specific state). (Felipe)
- Fixed bug #46206 (pg_query_params/pg_execute convert passed values to
strings). (Ilia)
- Fixed bug #46191 (BC break: DOMDocument saveXML() doesn't accept null). (Rob)
- Fixed bug #46164 (stream_filter_remove() closes the stream). (Arnaud)
- Fixed bug #46157 (PDOStatement::fetchObject prototype error). (Felipe)
- Fixed bug #46147 (after stream seek, appending stream filter reads
incorrect data). (Greg)
- Fixed bug #46110 (XMLWriter - openmemory() and openuri() leak memory on
multiple calls). (Ilia)
- Fixed bug #46088 (RegexIterator::accept - segfault). (Felipe)
- Fixed bug #46059 (Compile failure under IRIX 6.5.30 building posix.c).
(Arnaud)
- Fixed bug #46053 (SplFileObject::seek - Endless loop). (Arnaud)
- Fixed bug #46051 (SplFileInfo::openFile - memory overlap). (Arnaud)
- Fixed bug #46047 (SimpleXML converts empty nodes into object with nested
array). (Rob)
- Fixed bug #46031 (Segfault in AppendIterator::next). (Arnaud)
- Fixed bug #46029 (Segfault in DOMText when using with Reflection). (Rob)
- Fixed bug #46010 (warnings incorrectly generated for iv in ecb mode).
(Felipe)
- Fixed bug #46003 (isset on nonexisting node return unexpected results). (Rob)
- Fixed bug #45956 (parse_ini_file() does not return false with syntax errors
in parsed file). (Jani)
- Fixed bug #45901 (wddx_serialize_value crash with SimpleXMLElement object).
(Rob)
- Fixed bug #45862 (get_class_vars is inconsistent with 'protected' and
'private' variables). (ilewis at uk dot ibm dot com, Felipe)
- Fixed bug #45860 (header() function fails to correctly replace all Status
lines). (Dmitry)
- Fixed bug #45805 (Crash on throwing exception from error handler). (Dmitry)
- Fixed bug #45765 (ReflectionObject with default parameters of self::xxx cause
an error). (Felipe)
- Fixed bug #45751 (Using auto_prepend_file crashes (out of scope stack address
use)). (basant dot kukreja at sun dot com)
- Fixed bug #45705 (rfc822_parse_adrlist() modifies passed address parameter).
(Jani)
- Fixed bug #45691 (Some per-dir or runtime settings may leak into other
requests). (Moriyoshi)
- Fixed bug #45581 (htmlspecialchars() double encoding &#x hex items). (Arnaud)
- Fixed bug #45580 (levenshtein() crashes with invalid argument). (Ilia)
- Fixed bug #45575 (Segfault with invalid non-string as event handler callback).
(Christian Seiler)
- Fixed bug #45568 (ISAPI doesn't properly clear auth_digest in header).
(Patch by: navara at emclient dot com)
- Fixed bug #45556 (Return value from callback isn't freed). (Felipe)
- Fixed bug #45555 (Segfault with invalid non-string as
register_introspection_callback). (Christian Seiler)
- Fixed bug #45553 (Using XPath to return values for attributes with a
namespace does not work). (Rob)
- Fixed bug #45486 (mb_send_mail(); header 'Content-Type: text/plain; charset='
parsing incorrect). (Felipe)
- Fixed bug #45485 (strip_tags and <?XML tag). (Felipe)
- Fixed bug #45460 (imap patch for fromlength fix in imap_headerinfo doesn't
accept lengths of 1024). (Felipe, andrew at lifescale dot com)
- Fixed bug #45449 (filesize() regression using ftp wrapper).
(crrodriguez at suse dot de)
- Fixed bug #45423 (fastcgi parent process doesn't invoke php_module_shutdown
before shutdown) (basant dot kukreja at sun dot com)
- Fixed bug #45406 (session.serialize_handler declared by shared extension
fails). (Kalle, oleg dot grenrus at dynamoid dot com)
- Fixed bug #45405 (snmp extension memory leak). (Federico Cuello, Rodrigo
Campos)
- Fixed bug #45392 (ob_start()/ob_end_clean() and memory_limit). (Arnaud)
- Fixed bug #45382 (timeout bug in stream_socket_enable_crypto). (Ilia)
- Fixed bug #45373 (php crash on query with errors in params). (Felipe)
- Fixed bug #45352 (Segmentation fault because of tick function on second
request). (Dmitry)
- Fixed bug #45312 (Segmentation fault on second request for array functions).
(Dmitry)
- Fixed bug #45251 (double free or corruption with setAttributeNode()). (Rob)
- Fixed bug #45226 and #18916 (xmlrpc_set_type() segfaults and wrong behavior
with valid ISO8601 date string). (Jeff Lawsons)
- Fixed bug #45220 (curl_read callback returns -1 when needs to return
size_t (unsigned)). (Felipe)
- Fixed bug #45181 (chdir() should clear relative entries in stat cache).
(Arnaud)
- Fixed bug #45178 (memory corruption on assignment result of "new" by
reference). (Dmitry)
- Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).
(Dmitry)
- Fixed bug #45139 (ReflectionProperty returns incorrect declaring class).
(Felipe)
- Fixed bug #45124 ($_FILES['upload']['size'] sometimes return zero and
sometimes the filesize). (Arnaud)
- Fixed bug #45028 (CRC32 output endianness is different between crc32()
and hash()). (Tony)
- Fixed bug #45004 (pg_insert() does not accept 4 digit timezone format).
(Ilia)
- Fixed bug #44991 (Compile Failure With freetds0.82).
(jklowden at freetds dot org, matthias at dsx dot at)
- Fixed bug #44925 (preg_grep() modifies input array). (Nuno)
- Fixed bug #44891 Memory leak using registerPHPFunctions and XSLT Variable
as function parameter. (Rob)
- Fixed bug #44830 (Very minor issue with backslash in heredoc). (Matt)
- Fixed bug #44811 (Improve error message when creating a new SoapClient that
contains invalid data). (Markus Fischer, David C)
- Fixed bug #44798 (Memory leak assigning value to attribute). (Ilia)
- Fixed bug #44716 (Progress notifications incorrect). (Hannes)
- Fixed bug #44712 (stream_context_set_params segfaults on invalid arguments).
(Hannes)
- Fixed bug #44617 (wrong HTML entity output when substitute_character=entity).
(Moriyoshi)
- Fixed bug #44425 (Extending PDO/MySQL class with a __call() function doesn't
work). (Johannes)
- Fixed bug #44246 (closedir() accepts a file resource opened by fopen()).
(Dmitry, Tony)
- Fixed bug #44127 (UNIX abstract namespace socket connect does not work).
(Jani)
- Fixed bug #43993 (mb_substr_count() behaves differently to substr_count() with
overlapping needles). (Moriyoshi)
- Fixed Bug #43958 (class name added into the error message). (Dmitry)
- Fixed bug #43941 (json_encode silently cuts non-UTF8 strings). (Stas)
- Fixed bug #43782 (feof() does not detect timeout on socket). (David Soria Parra)
- Fixed bug #43668 (Added odbc.default_cursortype to control the ODBC
cursormodel). (Patrick)
- Fixed bug #43666 (Fixed code to use ODBC 3.52 datatypes for 64bit systems).
(Patrick)
- Fixed bug #43540 (rfc1867 handler newlength problem). (Arnaud)
- Fixed bug #43053 (Regression: some numbers shown in scientific notation).
(int-e at gmx dot de)
- Fixed bug #43045 (SOAP encoding violation on "INF" for type double/float).
(Dmitry)
- Fixed bug #42737 (preg_split('//u') triggers a E_NOTICE with newlines).
(Nuno)
- Fixed bug #42604 ("make test" fails with --with-config-file-scan-dir=path).
(Jani)
- Fixed bug #42318 (problem with nm on AIX, not finding object files). (Dmitry)
- Fixed bug #41348 (OCI8: allow compilation with Oracle 8.1). (Chris Jones)
- Fixed bug #14032 (Mail() always returns false but mail is sent). (Mikko)
- Fixed bug #46222 (ArrayObject EG(uninitialized_var_ptr) overwrite).
(Etienne)
01 May 2008, PHP 5.2.6
- Fixed two possible crashes inside posix extension (Tony)
- Fixed incorrect heredoc handling when label is used within the block.
(Matt)
- Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin)
- Fixed sending of uninitialized paddings which may contain some information. (Andrei Nigmatulin)
- Fixed a bug in formatting timestamps when DST is active in the default timezone (Derick)
- Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia, Stefan Esser)
- Fix integer overflow in printf(). (Stas, Maksymilian Aciemowicz)
- Fixed security issue detailed in CVE-2008-0599. (Rasmus)
- Fixed potential memleak in stream filter parameter for zlib filter. (Greg)
- Added Reflection API metadata for the methods of the DOM classes. (Sebastian)
- Fixed weird behavior in CGI parameter parsing. (Dmitry, Hannes Magnusson)
- Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz.
(Ilia)
- Fixed a bug with PDO::FETCH_COLUMN|PDO::FETCH_GROUP mode when a column # by
which to group by data is specified. (Ilia)
- Fixed segfault in filter extension when using callbacks. (Arnar Mar Sig,
Felipe)
- Fixed faulty fix for bug #40189 (endless loop in zlib.inflate stream filter). (Greg)
- Upgraded PCRE to version 7.6 (Nuno)
- Fixed bug #44742 (timezone_offset_get() causes segmentation faults). (Derick)
- Fixed bug #44720 (Prevent crash within session_register()). (Scott)
- Fixed bug #44703 (htmlspecialchars() does not detect bad character set argument). (Andy Wharmby)
- Fixed bug #44673 (With CGI argv/argc starts from arguments, not from script) (Dmitry)
- Fixed bug #44667 (proc_open() does not handle pipes with the mode 'wb' correctly). (Jani)
- Fixed bug #44663 (Crash in imap_mail_compose if "body" parameter invalid). (Ilia)
- Fixed bug #44650 (escaepshellscmd() does not check arg count). (Ilia)
- Fixed bug #44613 (Crash inside imap_headerinfo()). (Ilia, jmessa)
- Fixed bug #44603 (Order issues with Content-Type/Length headers on POST). (Ilia)
- Fixed bug #44594 (imap_open() does not validate # of retries parameter). (Ilia)
- Fixed bug #44591 (imagegif's filename parameter). (Felipe)
- Fixed bug #44557 (Crash in imap_setacl when supplied integer as username) (Thomas Jarosch)
- Fixed bug #44487 (call_user_method_array issues a warning when throwing an exception). (David Soria Parra)
- Fixed bug #44478 (Inconsistent behaviour when assigning new nodes). (Rob, Felipe)
- Fixed bug #44445 (email validator does not handle domains starting/ending with a -). (Ilia)
- Fixed bug #44440 (st_blocks undefined under BeOS). (Felipe)
- Fixed bug #44394 (Last two bytes missing from output). (Felipe)
- Fixed bug #44388 (Crash inside exif_read_data() on invalid images) (Ilia)
- Fixed bug #44373 (PDO_OCI extension compile failed). (Felipe)
- Fixed bug #44333 (SEGFAULT when using mysql_pconnect() with client_flags). (Felipe)
- Fixed bug #44306 (Better detection of MIPS processors on Windows). (Ilia)
- Fixed bug #44242 (metaphone('CMXFXM') crashes PHP). (Felipe)
- Fixed bug #44233 (MSG_PEEK undefined under BeOS R5). (jonathonfreeman at gmail dot com, Ilia)
- Fixed bug #44216 (strftime segfaults on large negative value). (Derick)
- Fixed bug #44209 (strtotime() doesn't support 64 bit timestamps on 64 bit platforms). (Derick)
- Fixed bug #44206 (OCI8 selecting ref cursors leads to ORA-1000 maximum open cursors reached). (Oracle Corp.)
- Fixed bug #44200 (A crash in PDO when no bound targets exists and yet bound parameters are present). (Ilia)
- Fixed bug #44197 (socket array keys lost on socket_select). (Felipe)
- Fixed bug #44191 (preg_grep messes up array index). (Felipe)
- Fixed bug #44189 (PDO setAttribute() does not properly validate values for native numeric options). (Ilia)
- Fixed bug #44184 (Double free of loop-variable on exception). (Dmitry)
- Fixed bug #44171 (Invalid FETCH_COLUMN index does not raise an error). (Ilia)
- Fixed bug #44166 (Parameter handling flaw in PDO::getAvailableDrivers()). (Ilia)
- Fixed bug #44159 (Crash: $pdo->setAttribute(PDO::STATEMENT_ATTR_CLASS, NULL)). (Felipe)
- Fixed bug #44152 (Possible crash with syslog logging on ZTS builds). (Ilia)
- Fixed bug #44141 (private parent constructor callable through static function). (Dmitry)
- Fixed bug #44113 (OCI8 new collection creation can fail with OCI-22303). (Oracle Corp.)
- Fixed bug #44069 (Huge memory usage with concatenation using . instead of .=). (Dmitry)
- Fixed bug #44046 (crash inside array_slice() function with an invalid by-ref offset). (Ilia)
- Fixed bug #44028 (crash inside stream_socket_enable_crypto() when enabling encryption without crypto type). (Ilia)
- Fixed bug #44018 (RecursiveDirectoryIterator options inconsistancy). (Marcus)
- Fixed bug #44008 (OCI8 incorrect usage of OCI-Lob->close crashes PHP). (Oracle Corp.)
- Fixed bug #43998 (Two error messages returned for incorrect encoding for mb_strto[upper|lower]). (Rui)
- Fixed bug #43994 (mb_ereg 'successfully' matching incorrect). (Rui)
- Fixed bug #43954 (Memory leak when sending the same HTTP status code multiple times). (Scott)
- Fixed bug #43927 (koi8r is missing from html_entity_decode()). (andy at demos dot su, Tony)
- Fixed bug #43912 (Interbase column names are truncated to 31 characters). (Ilia)
- Fixed bug #43875 (Two error messages returned for $new and $flag argument in mysql_connect()). (Hannes)
- Fixed bug #43863 (str_word_count() breaks on cyrillic "ya" in locale cp1251). (phprus at gmail dot com, Tony)
- Fixed bug #43841 (mb_strrpos offset is byte count for negative values). (Rui)
- Fixed bug #43840 (mb_strpos bounds check is byte count rather than a character count). (Rui)
- Fixed bug #43808 (date_create never fails (even when it should)). (Derick)
- Fixed bug #43793 (zlib filter is unable to auto-detect gzip/zlib file headers). (Greg)
- Fixed bug #43703 (Signature compatibility check broken). (Dmitry)
- Fixed bug #43677 (Inconsistent behaviour of include_path set with php_value). (manuel at mausz dot at)
- Fixed bug #43663 (Extending PDO class with a __call() function doesn't work). (David Soria Parra)
- Fixed bug #43647 (Make FindFile use PATH_SEPARATOR instead of ";"). (Ilia)
- Fixed bug #43635 (mysql extension ingores INI settings on NULL values passed to mysql_connect()). (Ilia)
- Fixed bug #43620 (Workaround for a bug inside libcurl 7.16.2 that can result in a crash). (Ilia)
- Fixed bug #43614 (incorrect processing of numerical string keys of array in arbitrary serialized data). (Dmitriy Buldakov, Felipe)
- Fixed bug #43606 (define missing depencies of the exif extension). (crrodriguez at suse dot de)
- Fixed bug #43589 (a possible infinite loop in bz2_filter.c). (Greg)
- Fixed bug #43580 (removed bogus declaration of a non-existent php_is_url() function). (Ilia)
- Fixed bug #43559 (array_merge_recursive() doesn't behave as expected with duplicate NULL values). (Felipe, Tony)
- Fixed bug #43533 (escapeshellarg('') returns null). (Ilia)
- Fixed bug #43527 (DateTime created from a timestamp reports environment timezone). (Derick)
- Fixed bug #43522 (stream_get_line() eats additional characters). (Felipe, Ilia, Tony)
- Fixed bug #43507 (SOAPFault HTTP Status 500 - would like to be able to set the HTTP Status). (Dmitry)
- Fixed bug #43505 (Assign by reference bug). (Dmitry)
- Fixed bug #43498 (file_exists() on a proftpd server got SIZE not allowed in ASCII mode). (Ilia, crrodriguez at suse dot de)
- Fixed bug #43497 (OCI8 XML/getClobVal aka temporary LOBs leak UGA memory). (Chris)
- Fixed bug #43495 (array_merge_recursive() crashes with recursive arrays). (Ilia)
- Fixed bug #43493 (pdo_pgsql does not send username on connect when password is not available). (Ilia)
- Fixed bug #43491 (Under certain conditions, file_exists() never returns). (Dmitry)
- Fixed bug #43483 (get_class_methods() does not list all visible methods). (Dmitry)
- Fixed bug #43482 (array_pad() does not warn on very small pad numbers). (Ilia)
- Fixed bug #43457 (Prepared statement with incorrect parms doesn't throw exception with pdo_pgsql driver). (Ilia)
- Fixed bug #43450 (Memory leak on some functions with implicit object __toString() call). (David C.)
- Fixed bug #43386 (array_globals not reset to 0 properly on init). (Ilia)
- Fixed bug #43377 (PHP crashes with invalid argument for DateTimeZone). (Ilia)
- Fixed bug #43373 (pcntl_fork() should not raise E_ERROR on error). (Ilia)
- Fixed bug #43364 (recursive xincludes don't remove internal xml nodes properly). (Rob, patch from ddb@bitxtender.de)
- Fixed bug #43301 (mb_ereg*_replace() crashes when replacement string is invalid PHP expression and 'e' option is used). (Jani)
- Fixed bug #43295 (crash because of uninitialized SG(sapi_headers).mimetype). (Dmitry)
- Fixed bug #43293 (Multiple segfaults in getopt()). (Hannes)
- Fixed bug #43279 (pg_send_query_params() converts all elements in 'params' to strings). (Ilia)
- Fixed bug #43276 (Incomplete fix for bug #42739, mkdir() under safe_mode). (Ilia)
- Fixed bug #43248 (backward compatibility break in realpath()). (Dmitry)
- Fixed bug #43221 (SimpleXML adding default namespace in addAttribute). (Rob)
- Fixed bug #43216 (stream_is_local() returns false on "file://"). (Dmitry)
- Fixed bug #43201 (Crash on using uninitialized vals and __get/__set). (Dmitry)
- Fixed bug #43182 (file_put_contents() LOCK_EX does not work properly on file truncation). (Ilia)
- Fixed bug #43175 (__destruct() throwing an exception with __call() causes segfault). (Dmitry)
- Fixed bug #43128 (Very long class name causes segfault). (Dmitry)
- Fixed bug #43105 (PHP seems to fail to close open files). (Hannes)
- Fixed bug #43092 (curl_copy_handle() crashes with > 32 chars long URL). (Jani)
- Fixed bug #43003 (Invalid timezone reported for DateTime objects constructed using a timestamp). (Derick)
- Fixed bug #42978 (mismatch between number of bound params and values causes a crash in pdo_pgsql). (Ilia)
- Fixed bug #42945 (preg_split() swallows part of the string). (Nuno)
- Fixed bug #42937 (__call() method not invoked when methods are called on parent from child class). (Dmitry)
- Fixed bug #42841 (REF CURSOR and oci_new_cursor() crash PHP). (Chris)
- Fixed bug #42838 (Wrong results in array_diff_uassoc) (Felipe)
- Fixed bug #42779 (Incorrect forcing from HTTP/1.0 request to HTTP/1.1 response). (Ilia)
- Fixed bug #42736 (xmlrpc_server_call_method() crashes). (Tony)
- Fixed bug #42692 (Procedure 'int1' not present with doc/lit SoapServer). (Dmitry)
- Fixed bug #42548 (mysqli PROCEDURE calls can't return result sets). (Hartmut)
- Fixed bug #42505 (new sendmail default breaks on Netware platform) (Guenter Knauf)
- Fixed bug #42369 (Implicit conversion to string leaks memory). (David C., Rob).
- Fixed bug #42272 (var_export() incorrectly escapes char(0)). (Derick)
- Fixed bug #42261 (Incorrect lengths for date and boolean data types). (Ilia)
- Fixed bug #42190 (Constructing DateTime with TimeZone Indicator invalidates DateTimeZone). (Derick)
- Fixed bug #42177 (Warning "array_merge_recursive(): recursion detected" comes again...). (Felipe)
- Fixed bug #41941 (oci8 extension not lib64 savvy). (Chris)
- Fixed bug #41828 (Failing to call RecursiveIteratorIterator::__construct() causes a sefault). (Etienne)
- Fixed bug #41599 (setTime() fails after modify() is used). (Derick)
- Fixed bug #41562 (SimpleXML memory issue). (Rob)
- Fixed bug #40013 (php_uname() does not return nodename on Netware (Guenter Knauf)
- Fixed bug #38468 (Unexpected creation of cycle). (Dmitry)
- Fixed bug #32979 (OpenSSL stream->fd casts broken in 64-bit build) (stotty at tvnet dot hu)
08 Nov 2007, PHP 5.2.5
- Upgraded PCRE to version 7.3 (Nuno)
- Added optional parameter $provide_object to debug_backtrace(). (Sebastian)
- Added alpha support for imagefilter() IMG_FILTER_COLORIZE. (Pierre)
- Added ability to control memory consumption between request using
ZEND_MM_COMPACT environment variable. (Dmitry)
- Improved speed of array_intersect_key(), array_intersect_assoc(),
array_uintersect_assoc(), array_diff_key(), array_diff_assoc() and
array_udiff_assoc(). (Dmitry)
- Fixed move_uploaded_file() to always set file permissions of resulting file
according to UMASK. (Andrew Sitnikov)
- Fixed possible crash in ext/soap because of uninitialized value. (Zdash Urf)
- Fixed regression in glob() when enforcing safe_mode/open_basedir checks on
paths containing '*'. (Ilia)
- Fixed "mail.force_extra_parameters" php.ini directive not to be modifiable
in .htaccess due to the security implications - reported by SecurityReason.
(Stas)
- Fixed PDO crash when driver returns empty LOB stream. (Stas)
- Fixed dl() to only accept filenames - reported by Laurent Gaffie. (Stas)
- Fixed dl() to limit argument size to MAXPATHLEN (CVE-2007-4887).
(Christian Hoffmann)
- Fixed iconv_*() functions to limit argument sizes as workaround to libc
bug (CVE-2007-4783, CVE-2007-4840 by Laurent Gaffie).
(Christian Hoffmann, Stas)
- Fixed missing brackets leading to build warning and error in the log.
Win32 code. (Andrey)
- Fixed leaks with multiple connects on one mysqli object. (Andrey)
- Fixed endianness detection on MacOS when building universal binary.
(Uwe Schindler, Christian Speich, Tony)
- Fixed possible triggering of buffer overflows inside glibc
implementations of the fnmatch(), setlocale() and glob() functions.
Reported by Laurent Gaffie. (Ilia)
- Fixed imagerectangle regression with 1x1 rectangle (libgd #106). (Pierre)
- Fixed htmlentities/htmlspecialchars not to accept partial multibyte
sequences. (Stas)
- Fixed bug #43196 (array_intersect_assoc() crashes with non-array input).
(Jani)
- Fixed bug #43139 (PDO ignores ATTR_DEFAULT_FETCH_MODE in some cases with
fetchAll()). (Ilia)
- Fixed bug #43137 (rmdir() and rename() do not clear statcache). (Jani)
- Fixed bug #43130 (Bound parameters cannot have - in their name). (Ilia)
- Fixed bug #43099 (XMLWriter::endElement() does not check # of params).
(Ilia)
- Fixed bug #43020 (Warning message is missing with shuffle() and more
than one argument). (Scott)
- Fixed bug #42976 (Crash when constructor for newInstance() or
newInstanceArgs() fails) (Ilia)
- Fixed bug #42943 (ext/mssql: Move *timeout initialization from RINIT
to connect time). (Ilia)
- Fixed bug #42917 (PDO::FETCH_KEY_PAIR doesn't work with setFetchMode).
(Ilia)
- Fixed bug #42890 (Constant "LIST" defined by mysqlclient and c-client).
(Andrey)
- Fixed bug #42869 (automatic session id insertion adds sessions id to
non-local forms). (Ilia)
- Fixed bug #42818 ($foo = clone(array()); leaks memory). (Dmitry)
- Fixed bug #42817 (clone() on a non-object does not result in a fatal
error). (Ilia)
- Fixed bug #42785 (json_encode() formats doubles according to locale rather
then following standard syntax). (Ilia)
- Fixed bug #42783 (pg_insert() does not accept an empty list for
insertion). (Ilia)
- Fixed bug #42773 (WSDL error causes HTTP 500 Response). (Dmitry)
- Fixed bug #42772 (Storing $this in a static var fails while handling a cast
to string). (Dmitry)
- Fixed bug #42767 (highlight_string() truncates trailing comment). (Ilia)
- Fixed bug #42739 (mkdir() doesn't like a trailing slash when safe_mode is
enabled). (Ilia)
- Fixed bug #42703 (Exception raised in an iterator::current() causes segfault
in FilterIterator) (Marcus)
- Fixed bug #42699 (PHP_SELF duplicates path). (Dmitry)
- Fixed bug #42654 (RecursiveIteratorIterator modifies only part of leaves)
(Marcus)
- Fixed bug #42643 (CLI segfaults if using ATTR_PERSISTENT). (Ilia)
- Fixed bug #42637 (SoapFault : Only http and https are allowed). (Bill Moran)
- Fixed bug #42629 (Dynamically loaded PHP extensions need symbols exported
on MacOSX). (jdolecek at NetBSD dot org)
- Fixed bug #42627 (bz2 extension fails to build with -fno-common).
(dolecek at netbsd dot org)
- Fixed Bug #42596 (session.save_path MODE option does not work). (Ilia)
- Fixed bug #42590 (Make the engine recognize \v and \f escape sequences).
(Ilia)
- Fixed bug #42587 (behavior change regarding symlinked .php files). (Dmitry)
- Fixed bug #42579 (apache_reset_timeout() does not exist). (Jani)
- Fixed bug #42549 (ext/mysql failed to compile with libmysql 3.23). (Scott)
- Fixed bug #42523 (PHP_SELF duplicates path). (Dmitry)
- Fixed bug #42512 (ip2long('255.255.255.255') should return 4294967295 on
64-bit PHP). (Derick)
- Fixed bug #42506 (php_pgsql_convert() timezone parse bug) (nonunnet at
gmail dot com, Ilia)
- Fixed bug #42496 (OCI8 cursor is not closed when using 2 clobs in a select
query). (Oracle Corp.)
- Fixed bug #42462 (Segmentation when trying to set an attribute in a
DOMElement). (Rob)
- Fixed bug #42453 (CGI SAPI does not shut down cleanly with -i/-m/-v cmdline
options). (Dmitry)
- Fixed bug #42452 (PDO classes do not expose Reflection API information).
(Hannes)
- Fixed bug #42468 (Write lock on file_get_contents fails when using a
compression stream). (Ilia)
- Fixed bug #42488 (SoapServer reports an encoding error and the error itself
breaks). (Dmitry)
- Fixed bug #42378 (mysqli_stmt_bind_result memory exhaustion). (Andrey)
- Fixed bug #42359 (xsd:list type not parsed). (Dmitry)
- Fixed bug #42326 (SoapServer crash). (Dmitry)
- Fixed bug #42214 (SoapServer sends clients internal PHP errors). (Dmitry)
- Fixed bug #42189 (xmlrpc_set_type() crashes php on invalid datetime
values). (Ilia)
- Fixed bug #42139 (XMLReader option constants are broken using XML()). (Rob)
- Fixed bug #42086 (SoapServer return Procedure '' not present for WSIBasic
compliant wsdl). (Dmitry)
- Fixed bug #41822 (Relative includes broken when getcwd() fails). (Ab5602,
Jani)
- Fixed bug #41561 (Values set with php_admin_* in httpd.conf can be overwritten
with ini_set()). (Stas, Jani)
- Fixed bug #39651 (proc_open() append mode doesn't work on windows). (Nuno)
30 Aug 2007, PHP 5.2.4
- Removed --enable-versioning configure option. (Jani)
- Upgraded PCRE to version 7.2 (Nuno)
- Updated timezone database to version 2007.6. (Derick)
- Improved openssl_x509_parse() to return extensions in readable form. (Dmitry)
- Enabled changing the size of statement cache for non-persistent OCI8
connections. (Chris Jones, Tony)
- Changed "display_errors" php.ini option to accept "stderr" as value which
makes the error messages to be outputted to STDERR instead of STDOUT with
CGI and CLI SAPIs (FR #22839). (Jani)
- Changed error handler to send HTTP 500 instead of blank page on PHP errors.
(Dmitry, Andrei Nigmatulin)
- Changed mail() function to be always available. (Johannes)
- Added check for unknown options passed to configure. (Jani)
- Added persistent connection status checker to pdo_pgsql.
(Elvis Pranskevichus, Ilia)
- Added support for ATTR_TIMEOUT inside pdo_pgsql driver. (Ilia)
- Added php_ini_loaded_file() function which returns the path to the actual
php.ini in use. (Jani)
- Added GD version constants GD_MAJOR_VERSION, GD_MINOR_VERSION,
GD_RELEASE_VERSION, GD_EXTRA_VERSION and GD_VERSION_STRING. (Pierre)
- Added missing open_basedir checks to CGI.
(anight at eyelinkmedia dot com, Tony)
- Added missing format validator to unpack() function. (Ilia)
- Added missing error check inside bcpowmod(). (Ilia)
- Added CURLOPT_PRIVATE & CURLINFO_PRIVATE constants.
(Andrey A. Belashkov, Tony)
- Added missing MSG_EOR and MSG_EOF constants to sockets extension. (Jani)
- Added PCRE_VERSION constant. (Tony)
- Added ReflectionExtension::info() function to print the phpinfo()
block for an extension. (Johannes)
- Implemented FR #41884 (ReflectionClass::getDefaultProperties() does not
handle static attributes). (Tony)
- Fixed "Floating point exception" inside wordwrap().
(Mattias Bengtsson, Ilia)
- Fixed several integer overflows in ImageCreate(), ImageCreateTrueColor(),
ImageCopyResampled() and ImageFilledPolygon() reported by Mattias Bengtsson.
(Tony)
- Fixed size calculation in chunk_split(). (Stas)
- Fixed integer overflow in str[c]spn(). (Stas)
- Fixed money_format() not to accept multiple %i or %n tokens.
(Stas, Ilia)
- Fixed zend_alter_ini_entry() memory_limit interruption
vulnerability. (Ilia)
- Fixed INFILE LOCAL option handling with MySQL extensions not to be
allowed when open_basedir or safe_mode is active. (Stas)
- Fixed session.save_path and error_log values to be checked against
open_basedir and safe_mode (CVE-2007-3378) (Stas, Maksymilian Arciemowicz)
- Fixed possible invalid read in glob() win32 implementation (CVE-2007-3806).
(Tony)
- Improved fix for MOPB-03-2007. (Ilia)
- Corrected fix for CVE-2007-2872. (Ilia)
- Fixed possible crash in imagepsloadfont(), work around a bug in the pslib on
Windows. (Pierre)
- Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g
client libraries. (Chris Jones)
- Fixed EOF handling in case of reading from file opened in write only mode.
(Dmitry)
- Fixed var_export() to use the new H modifier so that it can generate
parseable PHP code for floats, independent of the locale. (Derick)
- Fixed regression introduced by the fix for the libgd bug #74. (Pierre)
- Fixed SimpleXML's behavior when used with empty(). (Sara)
- Fixed crash in OpenSSL extension because of non-string passphrase. (Dmitry)
- Fixed PECL Bug #11345 (PDO_OCI crash after National language Support "NLS"
environment initialization error). (Chris Jones)
- Fixed PECL bug #11216 (crash in ZipArchive::addEmptyDir when a directory
already exists). (Pierre)
- Fixed bug #42848 (Status: header incorrect under FastCGI). (Dmitry)
- Fixed bug #42368 (Incorrect error message displayed by pg_escape_string).
(Ilia)
- Fixed bug #42365 (glob() crashes and/or accepts way too many flags).
(Jani)
- Fixed Bug #42364 (Crash when using getRealPath with DirectoryIterator).
(Johannes)
- Fixed bug #42292 ($PHP_CONFIG not set for phpized builds). (Jani)
- Fixed bug #42261 (header wrong for date field).
(roberto at spadim dot com dot br, Ilia)
- Fixed bug #42259 (SimpleXMLIterator loses ancestry). (Rob)
- Fixed bug #42247 (ldap_parse_result() not defined under win32). (Jani)
- Fixed bug #42243 (copy() does not output an error when the first arg is a
dir). (Ilia)
- Fixed bug #42242 (sybase_connect() crashes). (Ilia)
- Fixed bug #42237 (stream_copy_to_stream returns invalid values for mmaped
streams). (andrew dot minerd at sellingsource dot com, Ilia)
- Fixed bug #42233 (Problems with æøå in extract()). (Jani)
- Fixed bug #42222 (possible buffer overflow in php_openssl_make_REQ). (Pierre)
- Fixed bug #42211 (property_exists() fails to find protected properties
from a parent class). (Dmitry)
- Fixed bug #42208 (substr_replace() crashes when the same array is passed
more than once). (crrodriguez at suse dot de, Ilia)
- Fixed bug #42198 (SCRIPT_NAME and PHP_SELF truncated when inside a userdir
and using PATH_INFO). (Dmitry)
- Fixed bug #42195 (C++ compiler required always). (Jani)
- Fixed bug #42183 (classmap causes crash in non-wsdl mode). (Dmitry)
- Fixed bug #42173 (oci8 INTERVAL and TIMESTAMP type fixes). (Chris)
- Fixed bug #42151 (__destruct functions not called after catching a SoapFault
exception). (Dmitry)
- Fixed bug #42142 (substr_replace() returns FALSE when length > string length).
(Ilia)
- Fixed bug #42135 (Second call of session_start() causes creation of SID).
(Ilia)
- Fixed bug #42134 (oci_error() returns false after oci_new_collection() fails).
(Tony)
- Fixed bug #42119 (array_push($arr,&$obj) doesn't work with
zend.ze1_compatibility_mode On). (Dmitry)
- Fixed bug #42117 (bzip2.compress loses data in internal buffer).
(Philip, Ilia)
- Fixed bug #42112 (deleting a node produces memory corruption). (Rob)
- Fixed bug #42107 (sscanf broken when using %2$s format parameters). (Jani)
- Fixed bug #42090 (json_decode causes segmentation fault). (Hannes)
- Fixed bug #42082 (NodeList length zero should be empty). (Hannes)
- Fixed bug #42072 (No warning message for clearstatcache() with arguments).
(Ilia)
- Fixed bug #42071 (ini scanner allows using NULL as option name). (Jani)
- Fixed bug #42027 (is_file() / is_dir() matches file/dirnames with wildcard char
or trailing slash in Windows). (Dmitry)
- Fixed bug #42019 (configure option --with-adabas=DIR does not work). (Jani)
- Fixed bug #42015 (ldap_rename(): server error "DSA is unwilling to perform").
(bob at mroczka dot com, Jani)
- Fixed bug #42009 (is_a() and is_subclass_of() should NOT call autoload, in the
same way as "instanceof" operator). (Dmitry)
- Fixed bug #41989 (move_uploaded_file() & relative path in ZTS mode). (Tony)
- Fixed bug #41984 (Hangs on large SoapClient requests). (Dmitry)
- Fixed bug #41983 (Error Fetching http headers terminated by '\n'). (Dmitry)
- Fixed bug #41973 (--with-ldap=shared fails with LDFLAGS="-Wl,--as-needed"). (Nuno)
- Fixed bug #41971 (PDOStatement::fetch and PDOStatement::setFetchMode causes
unexpected behavior). (Ilia)
- Fixed bug #41964 (strtotime returns a timestamp for non-time string of
pattern '(A|a) .+'). (Derick)
- Fixed bug #41961 (Ensure search for hidden private methods does not stray from
class hierarchy). (robin_fernandes at uk dot ibm dot com)
- Fixed bug #41947 (SimpleXML incorrectly registers empty strings asnamespaces).
(Rob)
- Fixed bug #41929 (Foreach on object does not iterate over all visible properties).
(Dmitry)
- Fixed bug #41919 (crash in string to array conversion).
(judas dot iscariote at gmail dot com, Ilia)
- Fixed bug #41909 (var_export() is locale sensitive when exporting float
values). (Derick)
- Fixed bug #41908 (CFLAGS="-Os" ./configure --enable-debug fails).
(christian at hoffie dot info, Tony)
- Fixed bug #41904 (proc_open(): empty env array should cause empty environment
to be passed to process). (Jani)
- Fixed bug #41867 (SimpleXML: getName is broken). (Rob)
- Fixed bug #41865 (fputcsv(): 2nd parameter is not optional). (Jani)
- Fixed bug #41861 (SimpleXML: getNamespaces() returns the namespaces of a node's
siblings). (Rob)
- Fixed bug #41845 (pgsql extension does not compile with PostgreSQL <7.4). (Ilia)
- Fixed bug #41844 (Format returns incorrect number of digits for negative years
-0001 to -0999). (Derick)
- Fixed bug #41842 (Cannot create years < 0100 & negative years with date_create
or new DateTime). (Derick)
- Fixed bug #41833 (addChild() on a non-existent node, no node created,
getName() segfaults). (Rob)
- Fixed bug #41831 (pdo_sqlite prepared statements convert resources to
strings). (Ilia)
- Fixed bug #41815 (Concurrent read/write fails when EOF is reached). (Sascha)
- Fixed bug #41813 (segmentation fault when using string offset as an object).
(judas dot iscariote at gmail dot com, Tony)
- Fixed bug #41795 (checkdnsrr does not support DNS_TXT type).
(lucas at facebook dot com, Tony)
- Fixed bug #41773 (php_strip_whitespace() sends headers with errors
suppressed). (Tony)
- Fixed bug #41770 (SSL: fatal protocol error due to buffer issues). (Ilia)
- Fixed bug #41765 (Recode crashes/does not work on amd64).
(nexus at smoula dot net, Stas)
- Fixed bug #41724 (libxml_get_last_error() - errors service request scope).
(thekid at php dot net, Ilia)
- Fixed bug #41717 (imagepolygon does not respect thickness). (Pierre)
- Fixed bug #41713 (Persistent memory consumption on win32 since 5.2). (Dmitry)
- Fixed bug #41711 (NULL temporary lobs not supported in OCI8).
(Chris Jones, Tony)
- Fixed bug #41709 (strtotime() does not handle 00.00.0000). (Derick)
- Fixed bug #41698 (float parameters truncated to integer in prepared
statements). (Ilia)
- Fixed bug #41692 (ArrayObject shows weird behavior in respect to
inheritance). (Tony)
- Fixed bug #41691 (ArrayObject::exchangeArray hangs Apache). (Tony)
- Fixed bug #41686 (Omitting length param in array_slice not possible). (Ilia)
- Fixed bug #41685 (array_push() fails to warn when next index is
already occupied). (Ilia)
- Fixed bug #41655 (open_basedir bypass via glob()). (Ilia)
- Fixed bug #41640 (get_class_vars produces error on class constants).
(Johannes)
- Fixed bug #41635 (SoapServer and zlib.output_compression with FastCGI
result in major slowdown). (Dmitry)
- Fixed bug #41633 (Crash instantiating classes with self-referencing
constants). (Dmitry)
- Fixed bug #41630 (segfault when an invalid color index is present in the
image data). (Reported by Elliot <wccoder@gmail dot com>) (Pierre)
- Fixed bug #41628 (PHP settings leak between Virtual Hosts in Apache 1.3).
(Scott, manuel at mausz dot at)
- Fixed bug #41608 (segfault on a weird code with objects and switch()).
(Tony)
- Fixed bug #41600 (url rewriter tags doesn't work with namespaced tags).
(Ilia)
- Fixed bug #41596 (Fixed a crash inside pdo_pgsql on some non-well-formed
SQL queries). (Ilia)
- Fixed bug #41594 (OCI8 statement cache is flushed too frequently). (Tony)
- Fixed bug #41582 (SimpleXML crashes when accessing newly created element).
(Tony)
- Fixed bug #41576 (configure failure when using --without-apxs or some other
SAPIs disabling options). (Jani)
- Fixed bug #41567 (json_encode() double conversion is inconsistent with PHP).
(Lucas, Ilia)
- Fixed bug #41566 (SOAP Server not properly generating href attributes).
(Dmitry)
- Fixed bug #41555 (configure failure: regression caused by fix for #41265).
(Jani)
- Fixed bug #41527 (WDDX deserialize numeric string array key).
(Matt, Ilia)
- Fixed bug #41523 (strtotime('0000-00-00 00:00:00') is parsed as 1999-11-30).
(Derick)
- Fixed bug #41518 (file_exists() warns of open_basedir restriction on
non-existent file). (Tony)
- Fixed bug #41445 (parse_ini_file() has a problem with certain types of
integer as sections). (Tony)
- Fixed bug #41433 (DBA: configure fails to include correct db.h for db4).
(Jani)
- Fixed bug #41372 (Internal pointer of source array resets during array
copying). (Dmitry)
- Fixed bug #41350 (my_thread_global_end() error during request shutdown on
Windows). (Scott, Andrey)
- Fixed bug #41278 (get_loaded_extensions() should list Zend extensions).
(Johannes)
- Fixed bug #41127 (Memory leak in ldap_{first|next}_attribute functions).
(Jani)
- Fixed bug #40757 (get_object_vars get nothing in child class). (Dmitry)
- Fixed bug #40705 (Iterating within function moves original array pointer).
(Dmitry)
- Fixed bug #40509 (key() function changed behaviour if global array is used
within function). (Dmitry)
- Fixed bug #40419 (Trailing slash in CGI request does not work). (Dmitry)
- Fixed bug #39330 (apache2handler does not call shutdown actions before
apache child die). (isk at ecommerce dot com, Gopal, Tony)
- Fixed bug #39291 (ldap_sasl_bind() misses the sasl_authc_id parameter).
(diafour at gmail dot com, Jani)
- Fixed bug #37715 (array pointers resetting on copy). (Dmitry)
- Fixed bug #37273 (Symlinks and mod_files session handler allow open_basedir
bypass). (Ilia)
- Fixed bug #36492 (Userfilters can leak buckets). (Sara)
- Fixed bugs #36796, #36918, #41371 (stream_set_blocking() does not work).
(Jani)
- Fixed bug #35981 (pdo-pgsql should not use pkg-config when not present).
(Jani)
- Fixed bug #31892 (PHP_SELF incorrect without cgi.fix_pathinfo, but turning on
screws up PATH_INFO). (Dmitry)
- Fixed bug #21197 (socket_read() outputs error with PHP_NORMAL_READ).
(Nuno, Jani)
31 May 2007, PHP 5.2.3
- Changed CGI install target to php-cgi and 'make install' to install CLI
when CGI is selected. (Jani)
- Changed JSON maximum nesting depth from 20 to 128. (Rasmus)
- Improved compilation of heredocs and interpolated strings. (Matt, Dmitry)
- Optimized out a couple of per-request syscalls. (Rasmus)
- Optimized digest generation in md5() and sha1() functions. (Ilia)
- Upgraded bundled SQLite 3 to version 3.3.17. (Ilia)
- Added "max_input_nesting_level" php.ini option to limit nesting level of
input variables. Fix for MOPB-03-2007. (Stas)
- Added a 4th parameter flag to htmlspecialchars() and htmlentities() that
makes the function not encode existing html entities. (Ilia)
- Added PDO::FETCH_KEY_PAIR mode that will fetch a 2 column result set into
an associated array. (Ilia)
- Added CURLOPT_TIMEOUT_MS and CURLOPT_CONNECTTIMEOUT_MS cURL constants. (Sara)
- Added --ini switch to CLI that prints out configuration file names. (Marcus)
- Added mysql_set_charset() to allow runtime altering of connection encoding.
(Scott)
- Implemented FR #41416 (getColumnMeta() should also return table name). (Tony)
- Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner.
(Ilia)
- Fixed SOAP extension's handler() to work even when
"always_populate_raw_post_data" is off. (Ilia)
- Fixed possible infinite loop in imagecreatefrompng. (libgd #86)
(by Xavier Roche, CVE-2007-2756). (Pierre)
- Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser).
(Ilia)
- Fixed altering $this via argument named "this". (Dmitry)
- Fixed PHP CLI usage of php.ini from the binary location. (Hannes)
- Fixed segfault in strripos(). (Tony, Joxean Koret)
- Fixed bug #41693 (scandir() allows empty directory names). (Ilia)
- Fixed bug #41673 (json_encode breaks large numbers in arrays). (Ilia)
- Fixed bug #41525 (ReflectionParameter::getPosition() not available). (Marcus)
- Fixed bug #41511 (Compile failure under IRIX 6.5.30 building md5.c). (Jani)
- Fixed bug #41504 (json_decode() incorrectly decodes JSON arrays with empty
string keys). (Ilia)
- Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()). (Ilia)
- Fixed bug #41477 (no arginfo about SoapClient::__soapCall()). (Ilia)
- Fixed bug #41455 (ext/dba/config.m4 pollutes global $LIBS and $LDFLAGS).
(mmarek at suse dot cz, Tony)
- Fixed bug #41442 (imagegd2() under output control). (Tony)
- Fixed bug #41430 (Fatal error with negative values of maxlen parameter of
file_get_contents()). (Tony)
- Fixed bug #41423 (PHP assumes wrongly that certain ciphers are enabled in
OpenSSL). (Pierre)
- Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults).
(Tony, Dmitry)
- Fixed bug #41403 (json_decode cannot decode floats if localeconv
decimal_point is not '.'). (Tony)
- Fixed bug #41401 (wrong unary operator precedence). (Stas)
- Fixed bug #41394 (dbase_create creates file with corrupted header). (Tony)
- Fixed bug #41390 (Clarify error message with invalid protocol scheme).
(Scott)
- Fixed bug #41378 (fastcgi protocol lacks support for Reason-Phrase in
"Status:" header). (anight at eyelinkmedia dot com, Dmitry)
- Fixed bug #41374 (whole text concats values of wrong nodes). (Rob)
- Fixed bug #41358 (configure cannot determine SSL lib with libcurl >= 7.16.2).
(Mike)
- Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input). (Ilia)
- Fixed bug #41351 (Invalid opcode with foreach ($a[] as $b)). (Dmitry, Tony)
- Fixed bug #41347 (checkdnsrr() segfaults on empty hostname). (Scott)
- Fixed bug #41337 (WSDL parsing doesn't ignore non soap bindings). (Dmitry)
- Fixed bug #41326 (Writing empty tags with Xmlwriter::WriteElement[ns])
(Pierre)
- Fixed bug #41321 (downgrade read errors in getimagesize() to E_NOTICE).
(Ilia)
- Fixed bug #41304 (compress.zlib temp files left). (Dmitry)
- Fixed bug #41293 (Fixed creation of HTTP_RAW_POST_DATA when there is no
default post handler). (Ilia)
- Fixed bug #41291 (FastCGI does not set SO_REUSEADDR).
(fmajid at kefta dot com, Dmitry)
- Fixed gd build when used with freetype 1.x (Pierre, Tony)
- Fixed bug #41287 (Namespace functions don't allow xmlns definition to be
optional). (Rob)
- Fixed bug #41285 (Improved fix for CVE-2007-1887 to work with non-bundled
sqlite2 lib). (Ilia)
- Fixed bug #41283 (Bug with deserializing array key that are doubles or
floats in wddx). (Ilia)
- Fixed bug #41257 (lookupNamespaceURI does not work as expected). (Rob)
- Fixed bug #41236 (Regression in timeout handling of non-blocking SSL
connections during reads and writes). (Ilia)
- Fixed bug #41134 (zend_ts_hash_clean not thread-safe).
(marco dot cova at gmail dot com, Tony)
- Fixed bug #41097 (ext/soap returning associative array as indexed without
using WSDL). (Dmitry)
- Fixed bug #41004 (minOccurs="0" and null class member variable). (Dmitry)
- Fixed bug #39542 (Behavior of require/include different to < 5.2.0).
(Dmitry)
03 May 2007, PHP 5.2.2
- Improved bundled GD
. Sync to 2.0.35
. Added imagegrabwindow and imagegrabscreen, capture a screen or a
window using its handle (Pierre)
. colors allocated henceforth from the resulting image overwrite the palette
colors (Rob Leslie)
. Improved thread safety of the gif support (Roman Nemecek, Nuno, Pierre)
. Use the dimension of the GIF frame to create the destination image (Pierre)
. Load only once the local color map from a GIF data (Pierre)
. Improved thread safety of the freetype cache (Scott MacVicar, Nuno, Pierre)
. imagearc huge CPU usage with large angles, libgd bug #74 (Pierre)
- Improved FastCGI SAPI to support external pipe and socket servers on win32.
(Dmitry)
- Improved Zend Memory Manager
. guarantee of reasonable time for worst cases of best-fit free block
searching algorithm. (Dmitry)
. better cache usage and less fragmentation on erealloc() (Tony, Dmitry)
- Improved SPL (Marcus)
. Added SplFileInfo::getBasename(), DirectoryIterator::getBasename().
. Added SplFileInfo::getLinkTarget(), SplFileInfo::getRealPath().
. Made RecursiveFilterIterator::accept() abstract as stated in documentation.
- Improved SOAP
. Added ability to encode arrays with "SOAP-ENC:Array" type instead of WSDL
type. To activate the ability use "feature"=>SOAP_USE_XSI_ARRAY_TYPE
option in SoapClient/SoapServer constructors. (Rob, Dmitry)
- Added GMP_VERSION constant. (Tony)
- Added --ri switch to CLI which allows to check extension information. (Marcus)
- Added tidyNode::getParent() method (John, Nuno)
- Added openbasedir and safemode checks in zip:// stream wrapper and
ZipArchive::open (Pierre)
- Added php_pdo_sqlite_external.dll, a version of the PDO SQLite driver that
links against an external sqlite3.dll. This provides Windows users to upgrade
their sqlite3 version outside of the PHP release cycle. (Wez, Edin)
- Added linenumbers to array returned by token_get_all(). (Johannes)
- Upgraded SQLite 3 to version 3.3.16 (Ilia)
- Upgraded libraries bundled in the Windows distribution. (Edin)
. c-client (imap) to version 2006e
. libpq (PostgreSQL) to version 8.2.3
. libmysql (MySQL) to version 5.0.37
. openssl to version 0.9.8e
- Upgraded PCRE to version 7.0 (Nuno)
- Updated timezone database to version 2007.5. (Derick)
- Fixed commandline handling for CLI and CGI. (Marcus, Johannes)
- Fixed iterator_apply() with a callback using __call(). (Johannes)
- Fixed possible multi bytes issues in openssl csr parser (Pierre)
- Fixed shmop_open() with IPC_CREAT|IPC_EXCL flags on Windows.
(Vladimir Kamaev, Tony).
- Fixed possible leak in ZipArchive::extractTo when safemode checks fails (Ilia)
- Fixed possible relative path issues in zip_open and TS mode (old API) (Pierre)
- Fixed zend_llist_remove_tail (Michael Wallner, Dmitry)
- Fixed a thread safety issue in gd gif read code (Nuno, Roman Nemecek)
- Fixed CVE-2007-1001, GD wbmp used with invalid image size (Pierre)
- Fixed unallocated memory access/double free in in array_user_key_compare()
(MOPB-24 by Stefan Esser) (Stas)
- Fixed wrong length calculation in unserialize S type
(MOPB-29 by Stefan Esser) (Stas)
- Fixed bug #41215 (setAttribute return code reversed). (Ilia)
- Fixed bug #41192 (Per Directory Values only work for one key). (Dmitry)
- Fixed bug #41175 (addAttribute() fails to add an attribute with an empty
value). (Ilia)
- Fixed bug #41159 (mysql_pconnect() hash does not account for connect
flags). (Ilia)
- Fixed bug #41121 (range() overflow handling for large numbers on 32bit
machines). (Ilia)
- Fixed bug #41118 (PHP does not handle overflow of octal integers). (Tony)
- Fixed bug #41109 (recursiveiterator.inc says "implements" Iterator instead of
"extends"). (Marcus)
- Fixed bug #40130 (TTF usage doesn't work properly under Netware). (Scott,
gk at gknw dot de)
- Fixed bug #41093 (magic_quotes_gpc ignores first arrays keys). (Arpad, Ilia)
- Fixed bug #41075 (memleak when creating default object caused exception).
(Dmitry)
- Fixed bug #41067 (json_encode() problem with UTF-16 input). (jp at df5ea
dot net. Ilia)
- Fixed bug #41063 (chdir doesn't like root paths). (Dmitry)
- Fixed bug #41061 ("visibility error" in ReflectionFunction::export()).
(Johannes)
- Fixed bug #41043 (pdo_oci crash when freeing error text with persistent
connection). (Tony)
- Fixed bug #41037 (unregister_tick_function() inside the tick function crash PHP).
(Tony)
- Fixed bug #41034 (json_encode() ignores null byte started keys in arrays).
(Ilia)
- Fixed bug #41026 (segfault when calling "self::method()" in shutdown functions).
(Tony)
- Fixed bug #40999 (mcrypt_create_iv() not using random seed). (Ilia)
- Fixed bug #40998 (long session array keys are truncated). (Tony)
- Implement feature request #40947, allow a single filter as argument
for filter_var_array (Pierre)
- Fixed bug #40935 (pdo_mysql does not raise an exception on empty
fetchAll()). (Ilia)
- Fixed bug #40931 (open_basedir bypass via symlink and move_uploaded_file()).
(Tony)
- Fixed bug #40921 (php_default_post_reader crashes when post_max_size is
exceeded). (trickie at gmail dot com, Ilia)
- Fixed bug #40915 (addcslashes unexpected behavior with binary input). (Tony)
- Fixed bug #40899 (memory leak when nesting list()). (Dmitry)
- Fixed bug #40897 (error_log file not locked). (Ilia)
- Fixed bug #40883 (mysql_query() is allocating memory incorrectly). (Tony)
- Fixed bug #40872 (inconsistency in offsetSet, offsetExists treatment of
string enclosed integers). (Marcus)
- Fixed bug #40861 (strtotime() doesn't handle double negative relative time
units correctly). (Derick, Ilia)
- Fixed bug #40854 (imap_mail_compose() creates an invalid terminator for
multipart e-mails). (Ilia)
- Fixed bug #40848 (sorting issue on 64-bit Solaris). (Wez)
- Fixed bug #40836 (Segfault in ext/dom). (Rob)
- Fixed bug #40833 (Crash when using unset() on an ArrayAccess object retrieved
via __get()). (Dmitry)
- Fixed bug #40822 (pdo_mysql does not return rowCount() on select). (Ilia)
- Fixed bug #40815 (using strings like "class::func" and static methods in
set_exception_handler() might result in crash). (Tony)
- Fixed bug #40809 (Poor performance of ".="). (Dmitry)
- Fixed bug #40805 (Failure executing function ibase_execute()). (Tony)
- Fixed bug #40800 (cannot disable memory_limit with -1). (Dmitry, Tony)
- Fixed bug #40794 (ReflectionObject::getValues() may crash when used with
dynamic properties). (Tony)
- Fixed bug #40784 (Case sensitivity in constructor's fallback). (Tony)
- Fixed bug #40770 (Apache child exits when PHP memory limit reached). (Dmitry)
- Fixed bug #40764 (line thickness not respected for horizontal and vertical
lines). (Pierre)
- Fixed bug #40758 (Test fcgi_is_fastcgi() is wrong on windows). (Dmitry)
- Fixed bug #40754 (added substr() & substr_replace() overflow checks). (Ilia)
- Fixed bug #40752 (parse_ini_file() segfaults when a scalar setting is
redeclared as an array). (Tony)
- Fixed bug #40750 (openssl stream wrapper ignores default_stream_timeout).
(Tony)
- Fixed bug #40727 (segfault in PDO when failed to bind parameters). (Tony)
- Fixed bug #40709 (array_reduce() behaves strange with one item stored arrays).
(Ilia)
- Fixed bug #40703 (Resolved a possible namespace conflict between libxmlrpc
and MySQL's NDB table handler). (Ilia)
- Fixed bug #40961 (Incorrect results of DateTime equality check). (Mike)
- Fixed bug #40678 (Cross compilation fails). (Tony)
- Fixed bug #40621 (Crash when constructor called inappropriately). (Tony)
- Fixed bug #40609 (Segfaults when using more than one SoapVar in a request).
(Rob, Dmitry)
- Fixed bug #40606 (umask is not being restored when request is finished).
(Tony)
- Fixed bug #40598 (libxml segfault). (Rob)
- Fixed bug #40591 (list()="string"; gives invalid opcode). (Dmitry)
- Fixed bug #40578 (imagettftext() multithreading issue). (Tony, Pierre)
- Fixed bug #40576 (double values are truncated to 6 decimal digits when
encoding). (Tony)
- Fixed bug #40560 (DIR functions do not work on root UNC path). (Dmitry)
- Fixed bug #40548 (SplFileInfo::getOwner/getGroup give a warning on broken
symlink). (Marcus)
- Fixed bug #40546 (SplFileInfo::getPathInfo() throws an exception if directory
is in root dir). (Marcus)
- Fixed bug #40545 (multithreading issue in zend_strtod()). (Tony)
- Fixed bug #40503 (json_encode() value corruption on 32bit systems with
overflown values). (Ilia)
- Fixed bug #40467 (Partial SOAP request sent when XSD sequence or choice
include minOccurs=0). (Dmitry)
- Fixed bug #40465 (Ensure that all PHP elements are printed by var_dump).
(wharmby at uk dot ibm dot com, Ilia)
- Fixed bug #40464 (session.save_path wont use default-value when safe_mode
or open_basedir is enabled). (Ilia)
- Fixed bug #40455 (proc_open() uses wrong command line when safe_mode_exec_dir
is set). (Tony)
- Fixed bug #40432 (strip_tags() fails with greater than in attribute). (Ilia)
- Fixed bug #40431 (dynamic properties may cause crash in ReflectionProperty
methods). (Tony)
- Fixed bug #40451 (addAttribute() may crash when used with non-existent child
node). (Tony)
- Fixed bug #40442 (ArrayObject::offsetExists broke in 5.2.1, works in 5.2.0).
(olivier at elma dot fr, Marcus)
- Fixed bug #40428 (imagepstext() doesn't accept optional parameter). (Pierre)
- Fixed bug #40417 (Allow multiple instances of the same named PDO token in
prepared statement emulation code). (Ilia)
- Fixed bug #40414 (possible endless fork() loop when running fastcgi).
(Dmitry)
- Fixed bug #40410 (ext/posix does not compile on MacOS 10.3.9). (Tony)
- Fixed bug #40392 (memory leaks in PHP milter SAPI).
(tuxracer69 at gmail dot com, Tony)
- Fixed bug #40371 (pg_client_encoding() not working on Windows). (Edin)
- Fixed bug #40352 (FCGI_WEB_SERVER_ADDRS function get lost). (Dmitry)
- Fixed bug #40290 (strtotime() returns unexpected result with particular
timezone offset). (Derick)
- Fixed bug #40286 (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when
parent is killed). (Dmitry)
- Fixed bug #40261 (Extremely slow data handling due to memory fragmentation).
(Dmitry)
- Fixed bug #40236 (php -a function allocation eats memory). (Dmitry)
- Fixed bug #40109 (iptcembed fails on non-jfif jpegs). (Tony)
- Fixed bug #39965 (Latitude and longitude are backwards in date_sun_info()).
(Derick)
- Implement #39867 (openssl PKCS#12 support) (Marc Delling, Pierre)
- Fixed bug #39836 (SplObjectStorage empty after unserialize). (Marcus)
- Fixed bug #39416 (Milliseconds in date()). (Derick)
- Fixed bug #39396 (stream_set_blocking crashes on Win32). (Ilia, maurice at
iceblog dot de)
- Fixed bug #39351 (relative include fails on Solaris). (Dmitry, Tony)
- Fixed bug #39322 (proc_terminate() destroys process resource). (Nuno)
- Fixed bug #38406 (crash when assigning objects to SimpleXML attributes). (Tony)
- Fixed bug #37799 (ftp_ssl_connect() falls back to non-ssl connection). (Nuno)
- Fixed bug #36496 (SSL support in imap_open() not working on Windows). (Edin)
- Fixed bug #36226 (Inconsistent handling when passing nillable arrays).
(Dmitry)
- Fixed bug #35872 (Avoid crash caused by object store being referenced during
RSHUTDOWN). (Andy)
- Fixed bug #34794 (proc_close() hangs when used with two processes).
(jdolecek at netbsd dot org, Nuno)
- Fixed PECL bug #10194 (crash in Oracle client when memory limit reached in
the callback). (Tony)
- Fixed substr_compare and substr_count information leak (MOPB-14) (Stas, Ilia)
- Fixed crash on op-assign where argument is string offset (Brian, Stas)
- Fixed bug #38710 (data leakage because of nonexisting boundary checking in
statements in mysqli) (Stas)
- Fixed bug #37386 (autocreating element doesn't assign value to first node).
(Rob)
- Fixed bug #37013 (server hangs when returning circular object references).
(Dmitry)
- Fixed bug #33664 Console window appears when using exec()
(Richard Quadling, Stas)
08 Feb 2007, PHP 5.2.1
- Added read-timeout context option "timeout" for HTTP streams. (Hannes, Ilia).
- Added CURLOPT_TCP_NODELAY constant to Curl extension. (Sara)
- Added support for hex numbers of any size. (Matt)
- Added function stream_socket_shutdown(). It is a wrapper for system
shutdown() function, that shut downs part of a full-duplex connection.