Commit: 1f617719a34701470e8fa84b34e40f4260aacb7b
Author: kovacs.ferenc <[email protected]> Thu, 16 Apr 2015
19:54:10 +0200
Parents: b86da454cd198200693730c774a284e3a4b8b163
Branches: master
Link:
http://git.php.net/?p=web/php.git;a=commitdiff;h=1f617719a34701470e8fa84b34e40f4260aacb7b
Log:
announce php-5.6.8
Changed paths:
M ChangeLog-5.php
M archive/archive.xml
A archive/entries/2015-04-16-2.xml
M include/releases.inc
M include/version.inc
A releases/5_6_8.php
diff --git a/ChangeLog-5.php b/ChangeLog-5.php
index 3b746f1..35d94dc 100644
--- a/ChangeLog-5.php
+++ b/ChangeLog-5.php
@@ -8,6 +8,96 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
<h1>PHP 5 ChangeLog</h1>
+<section class="version" id="5.6.8"><!-- {{{ 5.6.8 -->
+<h3>Version 5.6.8</h3>
+<b>16-Apr-2015</b>
+<ul><li>Core:
+<ul>
+ <li><?php bugfix(66609); ?> (php crashes with __get() and ++ operator in
some cases).</li>
+ <li><?php bugfix(68021); ?> (get_browser() browser_name_regex returns
non-utf-8 characters).</li>
+ <li><?php bugfix(68917); ?> (parse_url fails on some partial urls).</li>
+ <li><?php bugfix(69134); ?> (Per Directory Values overrides PHP_INI_SYSTEM
configuration options).</li>
+ <li>Additional fix for bug #69152 (Type confusion vulnerability in
exception::getTraceAsString).</li>
+ <li><?php bugfix(69210); ?> (serialize function return corrupted data when
sleep has non-string values).</li>
+ <li><?php bugfix(69212); ?> (Leaking VIA_HANDLER func when exception thrown
in __call/... arg passing).</li>
+ <li><?php bugfix(69221); ?> (Segmentation fault when using a generator in
combination with an Iterator).</li>
+ <li><?php bugfix(69337); ?> (php_stream_url_wrap_http_ex() type-confusion
vulnerability).</li>
+ <li><?php bugfix(69353); ?> (Missing null byte checks for paths in various
PHP extensions).</li>
+</ul></li>
+<li>Apache2handler:
+<ul>
+ <li><?php bugfix(69218); ?> (potential remote code execution with apache 2.4
apache2handler).</li>
+</ul></li>
+<li>cURL:
+<ul>
+ <li><?php implemented(69278); ?> (HTTP2 support).</li>
+ <li><?php bugfix(68739); ?> (Missing break / control flow).</li>
+ <li><?php bugfix(69316); ?> (Use-after-free in php_curl related to
CURLOPT_FILE/_INFILE/_WRITEHEADER).</li>
+</ul></li>
+<li>Date:
+<ul>
+ <li><?php bugfix(69336); ?> (Issues with "last day of
<monthname>").</li>
+</ul></li>
+<li>Enchant:
+<ul>
+ <li><?php bugfix(65406); ?> (Enchant broker plugins are in the wrong place
in windows builds).</li>
+</ul></li>
+<li>Ereg:
+<ul>
+ <li><?php bugfix(68740); ?> (NULL Pointer Dereference).</li>
+</ul></li>
+<li>Fileinfo:
+<ul>
+ <li><?php bugfix(68819); ?> (Fileinfo on specific file causes spurious OOM
and/or segfault).</li>
+</ul></li>
+<li>Filter:
+<ul>
+ <li><?php bugfix(69202); ?>: (FILTER_FLAG_STRIP_BACKTICK ignored unless
other flags are used).</li>
+ <li><?php bugfix(69203); ?> (FILTER_FLAG_STRIP_HIGH doesn't strip ASCII
127).</li>
+</ul></li>
+<li>OPCache:
+<ul>
+ <li><?php bugfix(69297); ?> (function_exists strange behavior with OPCache
on disabled function).</li>
+ <li><?php bugfix(69281); ?> (opcache_is_script_cached no longer works).</li>
+ <li><?php bugfix(68677); ?> (Use After Free). (CVE-2015-1351)</li>
+</ul></li>
+<li>OpenSSL:
+<ul>
+ <li>Fixed bugs #68853, #65137 (Buffered crypto stream data breaks IO polling
in stream_select() contexts) (Chris Wright)</li>
+ <li><?php bugfix(69197); ?> (openssl_pkcs7_sign handles default value
incorrectly) (Daniel Lowrey)</li>
+ <li><?php bugfix(69215); ?> (Crypto servers should send client CA list)
(Daniel Lowrey)</li>
+ <li>Add a check for RAND_egd to allow compiling against LibreSSL (Leigh)</li>
+</ul></li>
+<li>Phar:
+<ul>
+ <li><?php bugfix(64343); ?> (PharData::extractTo fails for tarball created
by BSD tar).</li>
+ <li><?php bugfix(64931); ?> (phar_add_file is too restrictive on
filename).</li>
+ <li><?php bugfix(65467); ?> (Call to undefined method
cli_arg_typ_string).</li>
+ <li><?php bugfix(67761); ?> (Phar::mapPhar fails for Phars inside a path
containing ".tar").</li>
+ <li><?php bugfix(69324); ?> (Buffer Over-read in unserialize when parsing
Phar).</li>
+ <li><?php bugfix(69441); ?> (Buffer Overflow when parsing tar/zip/phar in
phar_set_inode).</li>
+</ul></li>
+<li>Postgres:
+<ul>
+ <li><?php bugfix(68741); ?> (Null pointer dereference). (CVE-2015-1352)</li>
+</ul></li>
+<li>SPL:
+<ul>
+ <li><?php bugfix(69227); ?> (Use after free in zval_scan caused by
spl_object_storage_get_gc).</li>
+</ul></li>
+<li>SOAP:
+<ul>
+ <li><?php bugfix(69293); ?> (NEW segfault when using
SoapClient::__setSoapHeader (bisected, regression)).</li>
+</ul></li>
+<li>Sqlite3:
+<ul>
+ <li><?php bugfix(68760); ?> (SQLITE segfaults if custom collator throws an
exception).</li>
+ <li><?php bugfix(69287); ?> (Upgrade bundled libsqlite to 3.8.8.3).</li>
+ <li><?php bugfix(66550); ?> (SQLite prepared statement use-after-free).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
<section class="version" id="5.5.24"><!-- {{{ 5.5.24 -->
<h3>Version 5.5.24</h3>
<b>16-Apr-2015</b>
@@ -30,7 +120,7 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
</ul></li>
<li>Curl:
<ul>
- <li>Implemented FR#69278 (HTTP2 support).</li>
+ <li><?php implemented(69278); ?> (HTTP2 support).</li>
<li><?php bugfix(69316); ?> (Use-after-free in php_curl related to
CURLOPT_FILE/_INFILE/_WRITEHEADER).</li>
</ul></li>
<li>Date:
@@ -57,7 +147,7 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
</ul></li>
<li>OPCache:
<ul>
- <li><?php bugfix(68677); ?> (Use After Free).</li>
+ <li><?php bugfix(68677); ?> (Use After Free). (CVE-2015-1351)</li>
<li><?php bugfix(69281); ?> (opcache_is_script_cached no longer works).</li>
</ul></li>
<li>OpenSSL:
@@ -76,7 +166,7 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
</ul></li>
<li>Postgres:
<ul>
- <li><?php bugfix(68741); ?> (Null pointer dereference).</li>
+ <li><?php bugfix(68741); ?> (Null pointer dereference). (CVE-2015-1352)</li>
</ul></li>
<li>SPL:
<ul>
diff --git a/archive/archive.xml b/archive/archive.xml
index e7e9587..1fe2e99 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
<uri>http://php.net/contact</uri>
<email>[email protected]</email>
</author>
+ <xi:include href="entries/2015-04-16-2.xml"/>
<xi:include href="entries/2015-04-16-1.xml"/>
<xi:include href="entries/2015-03-20-2.xml"/>
<xi:include href="entries/2015-03-20-1.xml"/>
diff --git a/archive/entries/2015-04-16-2.xml b/archive/entries/2015-04-16-2.xml
new file mode 100644
index 0000000..7564435
--- /dev/null
+++ b/archive/entries/2015-04-16-2.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 5.6.8 is available</title>
+ <id>http://php.net/archive/2015.php#id2015-04-16-2</id>
+ <published>2015-04-16T10:50:30-07:00</published>
+ <updated>2015-04-16T10:50:30-07:00</updated>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <category term="releases" label="New PHP release"/>
+ <link href="http://php.net/index.php#id2015-04-16-2"; rel="alternate"
type="text/html"/>
+ <link href="http://php.net/archive/2015.php#id2015-04-16-2"; rel="via"
type="text/html"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";>
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.6.8. Several bugs have been fixed some of them beeing security related,
like CVE-2015-1351 and CVE-2015-1352.
+
+ All PHP 5.6 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 5.6.8 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.6.8";>ChangeLog</a>.
+ </p>
+ </div>
+ </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
index 129d316..c1afbd5 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -2,7 +2,40 @@
$OLDRELEASES = array (
5 =>
array (
- '5.5.23' =>
+ '5.6.7' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/5_6_7.php',
+ ),
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-5.6.7.tar.bz2',
+ 'name' => 'PHP 5.6.7 (tar.bz2)',
+ 'md5' => '2e4b0534d4b8aa9aabedeef12e7c0aa8',
+ 'date' => '19 Mar 2015',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-5.6.7.tar.gz',
+ 'name' => 'PHP 5.6.7 (tar.gz)',
+ 'md5' => '92a7d40a5d42a24506f1cea2709f3633',
+ 'date' => '19 Mar 2015',
+ ),
+ 2 =>
+ array (
+ 'filename' => 'php-5.6.7.tar.xz',
+ 'name' => 'PHP 5.6.7 (tar.xz)',
+ 'md5' => '4e04eb021de009981ed963f993a171c1',
+ 'date' => '19 Mar 2015',
+ ),
+ ),
+ 'date' => '19 Mar 2015',
+ 'museum' => false,
+ ),
+ '5.5.23' =>
array (
'announcement' =>
array (
diff --git a/include/version.inc b/include/version.inc
index 087730d..6d16df1 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -16,15 +16,15 @@
* ),
* );
/* PHP 5.6 Release */
-$PHP_5_6_RC = '5.6.8RC1'; // Current RC version (e.g., '5.6.7RC1') or false
+$PHP_5_6_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
$PHP_5_6_RC_DATE = '2 Apr 2015';
-$PHP_5_6_VERSION = "5.6.7";
-$PHP_5_6_DATE = "19 Mar 2015";
+$PHP_5_6_VERSION = "5.6.8";
+$PHP_5_6_DATE = "16 Apr 2015";
$PHP_5_6_MD5 = array(
- "tar.bz2" => "2e4b0534d4b8aa9aabedeef12e7c0aa8",
- "tar.gz" => "92a7d40a5d42a24506f1cea2709f3633",
- "tar.xz" => "4e04eb021de009981ed963f993a171c1",
+ "tar.bz2" => "a5a6df33aade0cb5425e4374e3832f0b",
+ "tar.gz" => "0167d60fd45891f131f0ccdb51c13cb5",
+ "tar.xz" => "526a5a7f593de632cd9e8546335de8b7",
);
/* PHP 5.5 Release */
$PHP_5_5_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
diff --git a/releases/5_6_8.php b/releases/5_6_8.php
new file mode 100644
index 0000000..9f472ec
--- /dev/null
+++ b/releases/5_6_8.php
@@ -0,0 +1,19 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_6_8.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.6.8 Release Announcement");
+?>
+
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.6.8. Several bugs have been fixed some of them beeing security related,
like CVE-2015-1351 and CVE-2015-1352.
+
+ All PHP 5.6 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 5.6.8 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.6.8";>ChangeLog</a>.
+ </p>
+
+<?php site_footer(); ?>--
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
