Commit: cb32e506397611f3799c09598d5546c5b36ccb63
Author: Julien Pauli <jpa...@php.net> Thu, 26 Jun 2014 16:57:04 +0200
Parents: d20111d723478fdc30e3d19092e93010b8b4ecab
Branches: master
Link:
http://git.php.net/?p=web/php.git;a=commitdiff;h=cb32e506397611f3799c09598d5546c5b36ccb63
Log:
5.5.14 release
Changed paths:
M ChangeLog-5.php
M archive/archive.xml
A archive/entries/2014-06-27-1.xml
M include/releases.inc
M include/version.inc
A releases/5_5_14.php
diff --git a/ChangeLog-5.php b/ChangeLog-5.php
index b92c4ea..cc76565 100644
--- a/ChangeLog-5.php
+++ b/ChangeLog-5.php
@@ -8,6 +8,80 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
<h1>PHP 5 ChangeLog</h1>
+<section class="version" id="5.5.14"><!-- {{{ 5.5.14 -->
+<h3>Version 5.5.14</h3>
+<?php release_date('26-Jun-2014'); ?>
+<ul><li>CLI server:
+<ul>
+ <li><?php bugfix(67406); ?> (built-in web-server segfaults on startup).</li>
+</ul></li>
+<li>Core:
+<ul>
+ <li><?php bugfix(66622); ?> (Closures do not correctly capture the late
bound class
+ (static::) in some cases).</li>
+ <li><?php bugfix(67390); ?> (insecure temporary file use in the configure
script).
+ (CVE-2014-3981).</li>
+ <li><?php bugfix(67399); ?> (putenv with empty variable may lead to
crash).</li>
+ <li><?php bugfix(67498); ?> (phpinfo() Type Confusion Information Leak
Vulnerability).</li>
+ <li>Fixed BC break introduced by patch for bug #67072.</li>
+</ul></li>
+<li>Date:
+<ul>
+ <li><?php bugfix(67308); ?> (Serialize of DateTime truncates fractions of
second).</li>
+ <li>Fixed regression in fix for bug #67118 (constructor can't be called
twice).</li>
+</ul></li>
+<li>Fileinfo:
+<ul>
+ <li><?php bugfix(67326); ?> (cdf_read_short_sector insufficient boundary
check).
+ (CVE-2014-0207)).</li>
+ <li><?php bugfix(67410); ?> (mconvert incorrect handling of truncated pascal
+ string size). (CVE-2014-3478).</li>
+ <li><?php bugfix(67411); ?> (cdf_check_stream_offset insufficient boundary
+ check). (CVE-2014-3479).</li>
+ <li><?php bugfix(67412); ?> (cdf_count_chain insufficient boundary check).
+ (CVE-2014-3480).</li>
+ <li><?php bugfix(67413); ?> (cdf_read_property_info insufficient boundary
+ check). (CVE-2014-3487).</li>
+</ul></li>
+<li>Intl:
+<ul>
+ <li><?php bugfix(67349); ?> (Locale::parseLocale Double Free).</li>
+ <li><?php bugfix(67397); ?> (Buffer overflow in locale_get_display_name and
+ uloc_getDisplayName (libicu 4.8.1)).</li>
+</ul></li>
+<li>Network:
+<ul>
+ <li><?php bugfix(67432); ?> (Fix potential segfault in dns_get_record()).
+ (CVE-2014-4049)).</li>
+</ul></li>
+<li>OPCache:
+<ul>
+ <li>Fixed issue #183 (TMP_VAR is not only used once).</li>
+</ul></li>
+<li>OpenSSL:
+<ul>
+ <li><?php bugfix(65698); ?> (certificates validity parsing does not work
past 2050).</li>
+ <li><?php bugfix(66636); ?> (openssl_x509_parse warning with
V_ASN1_GENERALIZEDTIME).</li>
+</ul></li>
+<li>PDO-ODBC:
+<ul>
+ <li><?php bugfix(50444); ?> (PDO-ODBC changes for 64-bit).</li>
+</ul></li>
+<li>SOAP:
+<ul>
+ <li>Implemented FR #49898 (Add SoapClient::__getCookies()).</li>
+</ul></li>
+<li>SPL:
+<ul>
+ <li><?php bugfix(66127); ?> (Segmentation fault with ArrayObject unset).</li>
+ <li><?php bugfix(67359); ?> (Segfault in recursiveDirectoryIterator).</li>
+ <li><?php bugfix(67360); ?> (Missing element after
ArrayObject::getIterator).</li>
+ <li><?php bugfix(67492); ?> (unserialize() SPL ArrayObject /
SPLObjectStorage Type
+ Confusion). (CVE-2014-3515).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
<section class="version" id="5.4.30"><!-- {{{ 5.4.30 -->
<h3>Version 5.4.30</h3>
<b>26-Jun-2014</b>
diff --git a/archive/archive.xml b/archive/archive.xml
index 15cc0a9..6985f2b 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
<uri>http://php.net/contact</uri>
<email>php-webmaster@lists.php.net</email>
</author>
+ <xi:include href="entries/2014-06-27-1.xml"/>
<xi:include href="entries/2014-06-26-1.xml"/>
<xi:include href="entries/2014-06-19-3.xml"/>
<xi:include href="entries/2014-06-19-2.xml"/>
diff --git a/archive/entries/2014-06-27-1.xml b/archive/entries/2014-06-27-1.xml
new file mode 100644
index 0000000..efab54d
--- /dev/null
+++ b/archive/entries/2014-06-27-1.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 5.5.14 is released</title>
+ <id>http://php.net/archive/2014.php#id2014-06-27-1</id>
+ <published>2014-06-27T09:40:44+00:00</published>
+ <updated>2014-06-27T09:40:44+00:00</updated>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <category term="releases" label="New PHP release"/>
+ <link href="http://php.net/index.php#id2014-06-27-1"; rel="alternate"
type="text/html"/>
+ <link href="http://php.net/archive/2014.php#id2014-06-27-1"; rel="via"
type="text/html"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";>
+ <p>The PHP Development Team announces the immediate availability of PHP
5.5.14.
+ This release fixes several bugs against PHP 5.5.13.
+ Also, this release fixes a total of 8 CVEs, half of them concerning
the FileInfo
+ extension.</p>
+
+ <p>All PHP users are encouraged to upgrade to this new version.</p>
+
+ <p>Please, note that this release also fixes a backward compatibility
issue that has been
+ detected in the PHP 5.5.13 release. Still, the fix in PHP 5.5.14 may
break some very rare
+ situations. As this tiny compatibility break involves security, and as
security is our primary
+ concern, we had to fix it. This concerns
+ <a href="https://bugs.php.net/bug.php?id=67072";>bug 67072</a>. For
more information about
+ this bug and its actual resolution, please visit our
+ <a
href="http://git.php.net/?p=php-src.git;a=blob_plain;f=UPGRADING;hb=refs/heads/PHP-5.5";>upgrading
guide</a>.
+ We apologize for any inconvenience you may have experienced with this
behavior.</p>
+
+ <p>For source downloads of PHP 5.5.14, please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>.
+ Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.5.14";>ChangeLog</a>.
+ </p>
+ </div>
+ </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
index 8b0a90f..6b9c15e 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -2,6 +2,32 @@
$OLDRELEASES = array (
5 =>
array (
+ '5.5.13' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/5_5_13.php',
+ ),
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-5.5.13.tar.bz2',
+ 'name' => 'PHP 5.5.13 (tar.bz2)',
+ 'md5' => 'e26e90af25ee6505dc18855e0180ffe9',
+ 'date' => '29 May 2014',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-5.5.13.tar.gz',
+ 'name' => 'PHP 5.5.13 (tar.gz)',
+ 'md5' => '32d0fc26fccdb249a918c0e01ffb7b82',
+ 'date' => '29 May 2014',
+ ),
+ ),
+ 'date' => '29 May 2014',
+ 'museum' => false,
+ ),
'5.5.12' =>
array (
'announcement' =>
diff --git a/include/version.inc b/include/version.inc
index a76e663..3155786 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -15,15 +15,15 @@
* ),
* );6 Dec
/* PHP 5.5 Release */
-$PHP_5_5_RC = '5.5.14RC1'; // Current RC version (e.g., '5.6.7RC1') or false
+$PHP_5_5_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
$PHP_5_5_RC_DATE = '12 Jun 2014';
-$PHP_5_5_VERSION = "5.5.13";
-$PHP_5_5_DATE = "29 May 2014";
+$PHP_5_5_VERSION = "5.5.14";
+$PHP_5_5_DATE = "26 Jun 2014";
$PHP_5_5_MD5 = array(
- "tar.bz2" => "e26e90af25ee6505dc18855e0180ffe9",
- "tar.gz" => "32d0fc26fccdb249a918c0e01ffb7b82",
- "tar.xz" => "57d5d9607511a5cb76e9af49dd5874e3",
+ "tar.bz2" => "b53e5f47c59ffbe26d20957636695baa",
+ "tar.gz" => "b34262d4ccbb6bef8d2cf83840625201",
+ "tar.xz" => "c59068a2f9e7d02aa36e2d56fde48713",
);
/* PHP 5.4 Release */
$PHP_5_4_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
diff --git a/releases/5_5_14.php b/releases/5_5_14.php
new file mode 100644
index 0000000..341f963
--- /dev/null
+++ b/releases/5_5_14.php
@@ -0,0 +1,31 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_5_14.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.5.14 Release Announcement");
+?>
+
+<h1>PHP 5.5.14 Release Announcement</h1>
+
+<p>The PHP Development Team announces the immediate availability of PHP 5.5.14.
+This release fixes several bugs against PHP 5.5.13.
+Also, this release fixes a total of 8 CVEs, half of them concerning the
FileInfo
+extension.</p>
+
+<p>All PHP users are encouraged to upgrade to this new version.</p>
+
+<p>Please, note that this release also fixes a backward compatibility issue
that has been
+detected in the PHP 5.5.13 release. Still, the fix in PHP 5.5.14 may break
some very rare
+situations. As this tiny compatibility break involves security, and as
security is our primary
+concern, we had to fix it. This concerns
+<a href="https://bugs.php.net/bug.php?id=67072";>bug 67072</a>. For more
information about
+this bug and its actual resolution, please visit our
+<a
href="http://git.php.net/?p=php-src.git;a=blob_plain;f=UPGRADING;hb=refs/heads/PHP-5.5";>upgrading
guide</a>.
+We apologize for any inconvenience you may have experienced with this
behavior.</p>
+
+<p>For source downloads of PHP 5.5.14, please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>.
+Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.5.14";>ChangeLog</a>.
+</p>
+
+<?php site_footer(); ?>--
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
