Commit: 45d8cddc56ea1ce27e61db85d42206ee1d4caa53
Author: Stanislav Malyshev <[email protected]> Thu, 6 Aug 2015
22:00:24 -0700
Parents: 0823931149b8775af414dc62e57260270b45c2c5
Branches: master
Link:
http://git.php.net/?p=web/php.git;a=commitdiff;h=45d8cddc56ea1ce27e61db85d42206ee1d4caa53
Log:
5.4.44 and 5.5.28
Changed paths:
M ChangeLog-5.php
M archive/archive.xml
A archive/entries/2015-08-06-2.xml
A archive/entries/2015-08-06-3.xml
M include/releases.inc
M include/version.inc
A releases/5_4_44.php
A releases/5_5_28.php
diff --git a/ChangeLog-5.php b/ChangeLog-5.php
index c1e7ade..7127b5b 100644
--- a/ChangeLog-5.php
+++ b/ChangeLog-5.php
@@ -8,6 +8,71 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
<h1>PHP 5 ChangeLog</h1>
+<section class="version" id="5.5.28"><!-- {{{ 5.5.28 -->
+<h3>Version 5.5.28</h3>
+<b>06-Aug-2015</b>
+<ul><li>Core:
+<ul>
+ <li><?php bugfix(69793); ?> (Remotely triggerable stack exhaustion via
recursive method calls).</li>
+ <li><?php bugfix(69892); ?> (Different arrays compare indentical due to
integer key truncation).</li>
+ <li><?php bugfix(70002); ?> (TS issues with temporary dir handling).</li>
+ <li><?php bugfix(70121); ?> (unserialize() could lead to unexpected methods
execution / NULL pointer deref).</li>
+</ul></li>
+<li>OpenSSL:
+<ul>
+ <li><?php bugfix(70014); ?> (openssl_random_pseudo_bytes() is not
cryptographically secure).</li>
+</ul></li>
+<li>Phar:
+<ul>
+ <li>Improved fix for bug #69441.</li>
+ <li><?php bugfix(70019); ?> (Files extracted from archive may be placed
outside of destination directory).</li>
+</ul></li>
+<li>SOAP:
+<ul>
+ <li><?php bugfix(70081); ?> (SoapClient info leak / null pointer dereference
via multiple type confusions).</li>
+</ul></li>
+<li>SPL:
+<ul>
+ <li><?php bugfix(70068); ?> (Dangling pointer in the unserialization of
ArrayObject items).</li>
+ <li><?php bugfix(70166); ?> (Use After Free Vulnerability in unserialize()
with SPLArrayObject).</li>
+ <li><?php bugfix(70168); ?> (Use After Free Vulnerability in unserialize()
with SplObjectStorage).</li>
+ <li><?php bugfix(70169); ?> (Use After Free Vulnerability in unserialize()
with SplDoublyLinkedList).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
+<section class="version" id="5.4.44"><!-- {{{ 5.4.44 -->
+<h3>Version 5.4.44</h3>
+<b>06-Aug-2015</b>
+<ul><li>Core:
+<ul>
+ <li><?php bugfix(69793); ?> (Remotely triggerable stack exhaustion via
recursive method calls).</li>
+ <li><?php bugfix(69892); ?> (Different arrays compare indentical due to
integer key truncation).</li>
+ <li><?php bugfix(70121); ?> (unserialize() could lead to unexpected methods
execution / NULL pointer deref).</li>
+</ul></li>
+<li>OpenSSL:
+<ul>
+ <li><?php bugfix(70014); ?> (openssl_random_pseudo_bytes() is not
cryptographically secure).</li>
+</ul></li>
+<li>Phar:
+<ul>
+ <li>Improved fix for bug <?php bugl(69441) ?>.</li>
+ <li><?php bugfix(70019); ?> (Files extracted from archive may be placed
outside of destination directory).</li>
+</ul></li>
+<li>SOAP:
+<ul>
+ <li><?php bugfix(70081); ?> (SoapClient info leak / null pointer dereference
via multiple type confusions).</li>
+</ul></li>
+<li>SPL:
+<ul>
+ <li><?php bugfix(70068); ?> (Dangling pointer in the unserialization of
ArrayObject items).</li>
+ <li><?php bugfix(70166); ?> (Use After Free Vulnerability in unserialize()
with SPLArrayObject).</li>
+ <li><?php bugfix(70168); ?> (Use After Free Vulnerability in unserialize()
with SplObjectStorage).</li>
+ <li><?php bugfix(70169); ?> (Use After Free Vulnerability in unserialize()
with SplDoublyLinkedList).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
<section class="version" id="5.6.11"><!-- {{{ 5.6.11 -->
<h3>Version 5.6.11</h3>
<?php release_date('10-Jul-2015'); ?>
diff --git a/archive/archive.xml b/archive/archive.xml
index 26b063a..a71c042 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,8 @@
<uri>http://php.net/contact</uri>
<email>[email protected]</email>
</author>
+ <xi:include href="entries/2015-08-06-3.xml"/>
+ <xi:include href="entries/2015-08-06-2.xml"/>
<xi:include href="entries/2015-08-06-1.xml"/>
<xi:include href="entries/2015-07-24-1.xml"/>
<xi:include href="entries/2015-07-10-4.xml"/>
diff --git a/archive/entries/2015-08-06-2.xml b/archive/entries/2015-08-06-2.xml
new file mode 100644
index 0000000..51b6ba0
--- /dev/null
+++ b/archive/entries/2015-08-06-2.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 5.4.44 Released</title>
+ <id>http://php.net/archive/2015.php#id2015-08-06-2</id>
+ <published>2015-08-06T21:58:57-07:00</published>
+ <updated>2015-08-06T21:58:57-07:00</updated>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <category term="releases" label="New PHP release"/>
+ <link href="http://php.net/index.php#id2015-08-06-2"; rel="alternate"
type="text/html"/>
+ <link href="http://php.net/archive/2015.php#id2015-08-06-2"; rel="via"
type="text/html"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";>
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.4.44. 11 security-related issues were fixed in this release.
+ All PHP 5.4 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 5.4.44 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.4.44";>ChangeLog</a>.
+ </p>
+
+ <p>Please note that PHP 5.4 branch is nearing the end of its <a
href="http://php.net/supported-versions.php";>support timeframe</a>. Either
September or October release, depending on discovered issues, will be the last
official release of PHP 5.4.
+ If your PHP installations is based on PHP 5.4, it may be a good time to
start making the plans for the upgrade.
+ </p>
+ </div>
+ </content>
+</entry>
diff --git a/archive/entries/2015-08-06-3.xml b/archive/entries/2015-08-06-3.xml
new file mode 100644
index 0000000..55eccc6
--- /dev/null
+++ b/archive/entries/2015-08-06-3.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 5.5.28 Released</title>
+ <id>http://php.net/archive/2015.php#id2015-08-06-3</id>
+ <published>2015-08-06T21:59:41-07:00</published>
+ <updated>2015-08-06T21:59:41-07:00</updated>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <category term="releases" label="New PHP release"/>
+ <link href="http://php.net/index.php#id2015-08-06-3"; rel="alternate"
type="text/html"/>
+ <link href="http://php.net/archive/2015.php#id2015-08-06-3"; rel="via"
type="text/html"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";>
+ <p>The PHP development team announces the immediate availability of
PHP
+ 5.5.28. 12 security-related issues were fixed in this release.
+
+ All PHP 5.5 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>
+ According to <a href="http://php.net/supported-versions.php";>our
release calendar</a>, this PHP 5.5 version
+ is the first security release of the PHP 5.5 branch. This and all
the following releases of this branch
+ do not contain bugfixes that are not considered relevant for security.
+ PHP 5.5 users that need further bugfixes are encouraged to upgrade
to PHP 5.6.
+ </p>
+
+ <p>For source downloads of PHP 5.5.28 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.5.28";>ChangeLog</a>.
+ </p>
+ </div>
+ </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
index 4896a7e..5f7151f 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -2,7 +2,43 @@
$OLDRELEASES = array (
5 =>
array (
- '5.6.10' =>
+ '5.5.27' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/5_5_27.php',
+ ),
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-5.5.27.tar.bz2',
+ 'name' => 'PHP 5.5.27 (tar.bz2)',
+ 'md5' => 'e105f664450efd87513f5b4a2055e917',
+ 'sha256' =>
'c4b4c6a534c0ca67a9ae39bec4f51e52d13e820135dd016eae230e15337e1f70',
+ 'date' => '09 Jul 2015',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-5.5.27.tar.gz',
+ 'name' => 'PHP 5.5.27 (tar.gz)',
+ 'md5' => '39cc2659f8d777e803816f7b437d9001',
+ 'sha256' =>
'57cc716ebb37a62654c154582e48a282055b08ce91995c79b0be41b9940237f0',
+ 'date' => '09 Jul 2015',
+ ),
+ 2 =>
+ array (
+ 'filename' => 'php-5.5.27.tar.xz',
+ 'name' => 'PHP 5.5.27 (tar.xz)',
+ 'md5' => '2efe7c087d7073bffa64e5d538f22711',
+ 'sha256' =>
'7ee398058067a7d8184e402fcdccb25003852cb8dc94eefa3cda051a3e47fdd8',
+ 'date' => '09 Jul 2015',
+ ),
+ ),
+ 'date' => '09 Jul 2015',
+ 'museum' => false,
+ ),
+ '5.6.10' =>
array (
'announcement' =>
array (
@@ -1267,6 +1303,39 @@ $OLDRELEASES = array (
'date' => '20 Jun 2013',
'museum' => true,
),
+ '5.4.43' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/5_4_43.php',
+ ),
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-5.4.43.tar.bz2',
+ 'name' => 'PHP 5.4.43 (tar.bz2)',
+ 'md5' => 'eedfa86393db2ae49a163d1f80aa2c19',
+ 'sha256' =>
'25d7724fb00ad1b520f5bad2173717031153d0a8e3de2c75e7a084c76f8ecd6b',
+ 'date' => '09 Jul 2015',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-5.4.43.tar.gz',
+ 'name' => 'PHP 5.4.43 (tar.gz)',
+ 'md5' => 'b09580551c32ba191e926bbbdea4e082',
+ 'sha256' =>
'cfc2176adc05f009666ecfab4a1cc66cc546c5d071245b2a048b3d113f67a2af',
+ 'date' => '09 Jul 2015',
+ ),
+ 2 =>
+ array (
+ 'link' => 'http://windows.php.net/download/#php-5.4',
+ 'name' => 'Windows 5.4.43 binaries and source',
+ ),
+ ),
+ 'date' => '09 Jul 2015',
+ 'museum' => false,
+ ),
'5.4.42' =>
array (
'announcement' =>
diff --git a/include/version.inc b/include/version.inc
index 0a94421..cca5c8b 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -36,31 +36,31 @@ $PHP_5_6_SHA256 = array(
$PHP_5_5_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
$PHP_5_5_RC_DATE = '25 Jun 2015';
-$PHP_5_5_VERSION = "5.5.27";
-$PHP_5_5_DATE = "09 Jul 2015";
+$PHP_5_5_VERSION = "5.5.28";
+$PHP_5_5_DATE = "06 Aug 2015";
$PHP_5_5_MD5 = array(
- "tar.bz2" => "e105f664450efd87513f5b4a2055e917",
- "tar.gz" => "39cc2659f8d777e803816f7b437d9001",
- "tar.xz" => "2efe7c087d7073bffa64e5d538f22711",
+ "tar.bz2" => "5595dffa11f153e5b5cb8bf57242797e",
+ "tar.gz" => "4a29be836e9609d12468f8819287faec",
+ "tar.xz" => "d0caf908b129f2538d942d756c4cb04e",
);
$PHP_5_5_SHA256 = array(
- "tar.bz2" =>
"c4b4c6a534c0ca67a9ae39bec4f51e52d13e820135dd016eae230e15337e1f70",
- "tar.gz" =>
"57cc716ebb37a62654c154582e48a282055b08ce91995c79b0be41b9940237f0",
- "tar.xz" =>
"7ee398058067a7d8184e402fcdccb25003852cb8dc94eefa3cda051a3e47fdd8",
+ "tar.bz2" =>
"197d2c572e030c177e53d3763d59ac6d363d7c78dc22e6cc1e2ac65573d9c2f3",
+ "tar.gz" =>
"6084f25a39ab2f79ade46bf0258a1cd6c9bbb09a106b40dd996dbdf8cd3b08f2",
+ "tar.xz" =>
"d060455c804c622cda9f3f5f084b10c6ceba73ee76c1720897e17137a0f75ecd",
);
/* PHP 5.4 Release */
$PHP_5_4_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
$PHP_5_4_RC_DATE = '4 Sep 2014';
-$PHP_5_4_VERSION = "5.4.43";
-$PHP_5_4_DATE = "09 Jul 2015";
+$PHP_5_4_VERSION = "5.4.44";
+$PHP_5_4_DATE = "06 Aug 2015";
$PHP_5_4_MD5 = array(
- "tar.bz2" => "eedfa86393db2ae49a163d1f80aa2c19",
- "tar.gz" => "b09580551c32ba191e926bbbdea4e082",
+ "tar.bz2" => "25725eb0dff0d45351b01fb483709b8d",
+ "tar.gz" => "9a6f79bc68eb926d230448905229dd1c",
);
$PHP_5_4_SHA256 = array(
- "tar.bz2" =>
"25d7724fb00ad1b520f5bad2173717031153d0a8e3de2c75e7a084c76f8ecd6b",
- "tar.gz" =>
"cfc2176adc05f009666ecfab4a1cc66cc546c5d071245b2a048b3d113f67a2af",
+ "tar.bz2" =>
"8dd59e5ce9248cf36ac3de5412a518b8b24c01ace6c46ce3d12e4ce981a3856d",
+ "tar.gz" =>
"1799998e48da3d8f34722840628e18789e26ea21741d4e498ade6749b3266602",
);
$RELEASES = array(
diff --git a/releases/5_4_44.php b/releases/5_4_44.php
new file mode 100644
index 0000000..fb446d1
--- /dev/null
+++ b/releases/5_4_44.php
@@ -0,0 +1,24 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_4_44.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.4.44 Release Announcement");
+?>
+
+<h1>PHP 5.4.44 Release Announcement</h1>
+
+<p>The PHP development team announces the immediate availability of PHP
+5.4.44. 11 security-related issues were fixed in this release.
+All PHP 5.4 users are encouraged to upgrade to this version.
+</p>
+
+<p>For source downloads of PHP 5.4.44 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.4.44";>ChangeLog</a>.
+</p>
+
+<p>Please note that PHP 5.4 branch is nearing the end of its <a
href="http://php.net/supported-versions.php";>support timeframe</a>. Either
September or October release, depending on discovered issues, will be the last
official release of PHP 5.4.
+If your PHP installations is based on PHP 5.4, it may be a good time to start
making the plans for the upgrade.
+</p>
+
+<?php site_footer(); ?>
diff --git a/releases/5_5_28.php b/releases/5_5_28.php
new file mode 100644
index 0000000..01a8a2d
--- /dev/null
+++ b/releases/5_5_28.php
@@ -0,0 +1,27 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_5_28.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.5.28 Release Announcement");
+?>
+ <h1>PHP 5.5.28 Release Announcement</h1>
+
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.5.28. 12 security-related issues were fixed in this release.
+
+ All PHP 5.5 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>
+ According to <a href="http://php.net/supported-versions.php";>our release
calendar</a>, this PHP 5.5 version
+ is the first security release of the PHP 5.5 branch. This and all the
following releases of this branch
+ do not contain bugfixes that are not considered relevant for security.
+ PHP 5.5 users that need further bugfixes are encouraged to upgrade to PHP
5.6.
+ </p>
+
+ <p>For source downloads of PHP 5.5.28 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.5.28";>ChangeLog</a>.
+ </p>
+
+<?php site_footer(); ?>--
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
