PHP 7.1.28、7.2.17、7.3.4 發佈,主要是安全更新

PHP是一種通用開源腳本語言。語法吸收了C語言、Java和Perl的特點,利於學習,使用廣泛,主要適用於Web開發領域。PHP 獨特的語法混合了C、Java、Perl以及PHP自創的語法。它可以比CGI或者Perl更快速地執行動態網頁。今日發佈了三個更新版本,這三個版本主要都是安全方面的更新,詳細改進記錄如下:

Version 7.1.28

04 Apr 2019

  • EXIF:

    • Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s).

    • Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value).

  • SQLite3:

    • Added sqlite3.defensive INI directive.

Version 7.3.4

04 Apr 2019

  • Core:

    • Fixed bug #77738 (Nullptr deref in zend_compile_expr).

    • Fixed bug #77660 (Segmentation fault on break 2147483648).

    • Fixed bug #77652 (Anonymous classes can lose their interface information).

    • Fixed bug #77345 (Stack Overflow caused by circular reference in garbage collection).

    • Fixed bug #76956 (Wrong value for ‘syslog.filter’ documented in php.ini).

  • Apache2Handler:

    • Fixed bug #77648 (BOM in sapi/apache2handler/php_functions.c).

  • Bcmath:

    • Fixed bug #77742 (bcpow() implementation related to gcc compiler optimization).

  • CLI Server:

    • Fixed bug #77722 (Incorrect IP set to $_SERVER[‘REMOTE_ADDR’] on the localhost).

  • COM:

    • Fixed bug #77578 (Crash when php unload).

  • EXIF:

    • Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s).

    • Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value).

  • FPM:

    • Fixed bug #77677 (FPM fails to build on AIX due to missing WCOREDUMP).

  • GD:

    • Fixed bug #77700 (Writing truecolor images as GIF ignores interlace flag).

  • MySQLi:

    • Fixed bug #77597 (mysqli_fetch_field hangs scripts).

  • Opcache:

    • Fixed bug #77743 (Incorrect pi node insertion for jmpznz with identical successors).

  • PCRE:

    • Fixed bug #76127 (preg_split does not raise an error on invalid UTF-8).

  • Phar:

    • Fixed bug #77697 (Crash on Big_Endian platform).

  • phpdbg:

    • Fixed bug #77767 (phpdbg break cmd aliases listed in help do not match actual aliases).

  • sodium:

    • Fixed bug #77646 (sign_detached() strings not terminated).

  • SQLite3:

    • Added sqlite3.defensive INI directive.

  • Standard:

    • Fixed bug #77664 (Segmentation fault when using undefined constant in custom wrapper).

    • Fixed bug #77669 (Crash in extract() when overwriting extracted array).

    • Fixed bug #76717 (var_export() does not create a parsable value for PHP_INT_MIN).

    • Fixed bug #77765 (FTP stream wrapper should set the directory as executable).

下載地址:

https://www.php.net/downloads.php

來源:cnBeta

RELATED ARTICLESMORE FROM AUTHOR