Commit: 0c1f39588d6463d899aafbcd8e2855ee03672f56
Author: Stanislav Malyshev <[email protected]> Fri, 4 Sep 2015
12:39:23 -0700
Parents: dfe2ca5a14bcfa5a87cfd8f57139880886dd9d99
Branches: master
Link:
http://git.php.net/?p=web/php.git;a=commitdiff;h=0c1f39588d6463d899aafbcd8e2855ee03672f56
Log:
5.4.45
Changed paths:
M ChangeLog-5.php
M archive/archive.xml
M archive/entries/2015-08-06-2.xml
A archive/entries/2015-09-04-4.xml
M include/releases.inc
M include/version.inc
M releases/5_4_44.php
A releases/5_4_45.php
diff --git a/ChangeLog-5.php b/ChangeLog-5.php
index 5bf99ef..801d11e 100644
--- a/ChangeLog-5.php
+++ b/ChangeLog-5.php
@@ -117,6 +117,46 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
</ul>
<!-- }}} --></section>
+<section class="version" id="5.4.45"><!-- {{{ 5.4.45 -->
+<h3>Version 5.4.45</h3>
+<b><?php release_date('03-Sep-2015'); ?></b>
+<ul><li>Core:
+<ul>
+ <li><?php bugfix(70172); ?> (Use After Free Vulnerability in
unserialize()).</li>
+ <li><?php bugfix(70219); ?> (Use after free vulnerability in session
deserializer).</li>
+</ul></li>
+<li>EXIF:
+<ul>
+ <li><?php bugfix(70385); ?> (Buffer over-read in exif_read_data with TIFF
IFD tag byte value of 32 bytes).</li>
+</ul></li>
+<li>hash:
+<ul>
+ <li><?php bugfix(70312); ?> (HAVAL gives wrong hashes in specific
cases).</li>
+</ul></li>
+<li>PCRE:
+<ul>
+ <li><?php bugfix(70345); ?> (Multiple vulnerabilities related to PCRE
functions).</li>
+</ul></li>
+<li>SOAP:
+<ul>
+ <li><?php bugfix(70388); ?> (SOAP serialize_function_call() type confusion /
RCE).</li>
+</ul></li>
+<li>SPL:
+<ul>
+ <li><?php bugfix(70365); ?> (Use-after-free vulnerability in unserialize()
with SplObjectStorage).</li>
+ <li><?php bugfix(70366); ?> (Use-after-free vulnerability in unserialize()
with SplDoublyLinkedList).</li>
+</ul></li>
+<li>XSLT:
+<ul>
+ <li><?php bugfix(69782); ?> (NULL pointer dereference).</li>
+</ul></li>
+<li>ZIP:
+<ul>
+ <li><?php bugfix(70350); ?> (ZipArchive::extractTo allows for directory
traversal when creating directories).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
<section class="version" id="5.6.12"><!-- {{{ 5.6.12 -->
<h3>Version 5.6.12</h3>
<?php release_date('06-Aug-2015'); ?>
diff --git a/archive/archive.xml b/archive/archive.xml
index 12254b8..afdb4ed 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
<uri>http://php.net/contact</uri>
<email>[email protected]</email>
</author>
+ <xi:include href="entries/2015-09-04-4.xml"/>
<xi:include href="entries/2015-09-04-3.xml"/>
<xi:include href="entries/2015-09-04-2.xml"/>
<xi:include href="entries/2015-09-04-1.xml"/>
diff --git a/archive/entries/2015-08-06-2.xml b/archive/entries/2015-08-06-2.xml
index 51b6ba0..6f2c4d7 100644
--- a/archive/entries/2015-08-06-2.xml
+++ b/archive/entries/2015-08-06-2.xml
@@ -21,7 +21,7 @@
</p>
<p>Please note that PHP 5.4 branch is nearing the end of its <a
href="http://php.net/supported-versions.php";>support timeframe</a>. Either
September or October release, depending on discovered issues, will be the last
official release of PHP 5.4.
- If your PHP installations is based on PHP 5.4, it may be a good time to
start making the plans for the upgrade.
+ If your PHP installation is based on PHP 5.4, it may be a good time to
start making the plans for the upgrade.
</p>
</div>
</content>
diff --git a/archive/entries/2015-09-04-4.xml b/archive/entries/2015-09-04-4.xml
new file mode 100644
index 0000000..7eae0cc
--- /dev/null
+++ b/archive/entries/2015-09-04-4.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 5.4.45 Released</title>
+ <id>http://php.net/archive/2015.php#id2015-09-04-4</id>
+ <published>2015-09-04T12:37:46-07:00</published>
+ <updated>2015-09-04T12:37:46-07:00</updated>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <category term="releases" label="New PHP release"/>
+ <link href="http://php.net/index.php#id2015-09-04-4"; rel="alternate"
type="text/html"/>
+ <link href="http://php.net/archive/2015.php#id2015-09-04-4"; rel="via"
type="text/html"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";>
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.4.45. Ten security-related issues were fixed in this release.
+ All PHP 5.4 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 5.4.45 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.4.45";>ChangeLog</a>.
+ </p>
+
+ <p>Please note that according to the <a
href="http://php.net/supported-versions.php";>PHP version support timelines</a>,
+ PHP 5.4.45 is the last scheduled release of PHP 5.4 branch. There may be
additional release if we discover
+ important security issues that warrant it, otherwise this release will be
the final one in the PHP 5.4
+ If your PHP installation is based on PHP 5.4, it may be a good time to
start making the plans for the upgrade to PHP 5.5 or PHP 5.6.
+ </p>
+ </div>
+ </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
index b12a63c..ea70c38 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -1411,6 +1411,39 @@ $OLDRELEASES = array (
'date' => '20 Jun 2013',
'museum' => true,
),
+ '5.4.44' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/5_4_44.php',
+ ),
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-5.4.44.tar.bz2',
+ 'name' => 'PHP 5.4.44 (tar.bz2)',
+ 'md5' => '25725eb0dff0d45351b01fb483709b8d',
+ 'sha256' =>
'8dd59e5ce9248cf36ac3de5412a518b8b24c01ace6c46ce3d12e4ce981a3856d',
+ 'date' => '06 Aug 2015',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-5.4.44.tar.gz',
+ 'name' => 'PHP 5.4.44 (tar.gz)',
+ 'md5' => '9a6f79bc68eb926d230448905229dd1c',
+ 'sha256' =>
'1799998e48da3d8f34722840628e18789e26ea21741d4e498ade6749b3266602',
+ 'date' => '06 Aug 2015',
+ ),
+ 2 =>
+ array (
+ 'link' => 'http://windows.php.net/download/#php-5.4',
+ 'name' => 'Windows 5.4.44 binaries and source',
+ ),
+ ),
+ 'date' => '06 Aug 2015',
+ 'museum' => false,
+ ),
'5.4.43' =>
array (
'announcement' =>
diff --git a/include/version.inc b/include/version.inc
index c8512d6..3e69b48 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -52,15 +52,15 @@ $PHP_5_5_SHA256 = array(
$PHP_5_4_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
$PHP_5_4_RC_DATE = '4 Sep 2014';
-$PHP_5_4_VERSION = "5.4.44";
-$PHP_5_4_DATE = "06 Aug 2015";
+$PHP_5_4_VERSION = "5.4.45";
+$PHP_5_4_DATE = "03 Sep 2015";
$PHP_5_4_MD5 = array(
- "tar.bz2" => "25725eb0dff0d45351b01fb483709b8d",
- "tar.gz" => "9a6f79bc68eb926d230448905229dd1c",
+ "tar.bz2" => "185f67f1ca652b18bc0cca9d7edbde7c",
+ "tar.gz" => "ba580e774ed1ab256f22d1fa69a59311",
);
$PHP_5_4_SHA256 = array(
- "tar.bz2" =>
"8dd59e5ce9248cf36ac3de5412a518b8b24c01ace6c46ce3d12e4ce981a3856d",
- "tar.gz" =>
"1799998e48da3d8f34722840628e18789e26ea21741d4e498ade6749b3266602",
+ "tar.bz2" =>
"4e0d28b1554c95cfaea6fa2b64aac85433f158ce72bb571bcd5574f98f4c6582",
+ "tar.gz" =>
"25bc4723955f4e352935258002af14a14a9810b491a19400d76fcdfa9d04b28f",
);
$RELEASES = array(
diff --git a/releases/5_4_44.php b/releases/5_4_44.php
index fb446d1..2bc33a9 100644
--- a/releases/5_4_44.php
+++ b/releases/5_4_44.php
@@ -18,7 +18,7 @@ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.p
</p>
<p>Please note that PHP 5.4 branch is nearing the end of its <a
href="http://php.net/supported-versions.php";>support timeframe</a>. Either
September or October release, depending on discovered issues, will be the last
official release of PHP 5.4.
-If your PHP installations is based on PHP 5.4, it may be a good time to start
making the plans for the upgrade.
+If your PHP installation is based on PHP 5.4, it may be a good time to start
making the plans for the upgrade.
</p>
<?php site_footer(); ?>
diff --git a/releases/5_4_45.php b/releases/5_4_45.php
new file mode 100644
index 0000000..5d8c467
--- /dev/null
+++ b/releases/5_4_45.php
@@ -0,0 +1,26 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_4_45.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.4.45 Release Announcement");
+?>
+
+<h1>PHP 5.4.45 Release Announcement</h1>
+
+<p>The PHP development team announces the immediate availability of PHP
+5.4.45. Ten security-related issues were fixed in this release.
+All PHP 5.4 users are encouraged to upgrade to this version.
+</p>
+
+<p>For source downloads of PHP 5.4.45 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+Windows binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.4.45";>ChangeLog</a>.
+</p>
+
+<p>Please note that according to the <a
href="http://php.net/supported-versions.php";>PHP version support timelines</a>,
+PHP 5.4.45 is the last scheduled release of PHP 5.4 branch. There may be
additional release if we discover
+important security issues that warrant it, otherwise this release will be the
final one in the PHP 5.4
+If your PHP installation is based on PHP 5.4, it may be a good time to start
making the plans for the upgrade to PHP 5.5 or PHP 5.6.
+</p>
+
+<?php site_footer(); ?>--
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
