Commit: 6828d86a2b9ec2ecc77d27bf8e1443a02c6a236e
Author: Julien Pauli <[email protected]> Thu, 23 Jun 2016 20:16:31 +0200
Parents: 2d3240832168b1cd64d3a71ccd829847a0251a9a
Branches: master
Link:
http://git.php.net/?p=web/php.git;a=commitdiff;h=6828d86a2b9ec2ecc77d27bf8e1443a02c6a236e
Log:
5.5.37
Changed paths:
M ChangeLog-5.php
M archive/archive.xml
A archive/entries/2016-06-23-3.xml
M include/releases.inc
M include/version.inc
A releases/5_5_37.php
diff --git a/ChangeLog-5.php b/ChangeLog-5.php
index 59b0f29..c5f6e95 100644
--- a/ChangeLog-5.php
+++ b/ChangeLog-5.php
@@ -7,6 +7,48 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
?>
<h1>PHP 5 ChangeLog</h1>
+<section class="version" id="5.5.37"><!-- {{{ 5.5.37 -->
+<h3>Version 5.5.37</h3>
+<b><?php release_date('23-Jun-2016'); ?></b>
+<ul><li>Core:
+<ul>
+ <li><?php bugfix(72268); ?> (Integer Overflow in nl2br()).</li>
+ <li><?php bugfix(72275); ?> (Integer Overflow in
json_encode()/json_decode()/ json_utf8_to_utf16()).</li>
+ <li><?php bugfix(72400); ?> (Integer Overflow in
addcslashes/addslashes).</li>
+ <li><?php bugfix(72403); ?> (Integer Overflow in Length of String-typed
ZVAL).</li>
+</ul></li>
+<li>GD:
+<ul>
+ <li><?php bugfix(66387); ?> (Stack overflow with imagefilltoborder)
(CVE-2015-8874).</li>
+ <li><?php bugfix(72298); ?> (pass2_no_dither out-of-bounds access).</li>
+ <li><?php bugfix(72339); ?> (Integer Overflow in _gd2GetHeader() resulting
in heap overflow).</li>
+ <li><?php bugfix(72407); ?> (NULL Pointer Dereference at _gdScaleVert).</li>
+ <li><?php bugfix(72446); ?> (Integer Overflow in gdImagePaletteToTrueColor()
resulting in heap overflow).</li>
+</ul></li>
+<li>mbstring:
+<ul>
+ <li><?php bugfix(72402); ?> (_php_mb_regex_ereg_replace_exec - double
free).</li>
+</ul></li>
+<li>mcrypt:
+<ul>
+ <li><?php bugfix(72455); ?> (Heap Overflow due to integer overflows).</li>
+</ul></li>
+<li>SPL:
+<ul>
+ <li><?php bugfix(72262); ?> (int/size_t confusion in
SplFileObject::fread).</li>
+ <li><?php bugfix(72433); ?> (Use After Free Vulnerability in PHP's GC
algorithm and unserialize).</li>
+</ul></li>
+<li>WDDX:
+<ul>
+ <li><?php bugfix(72340); ?> (Double Free Courruption in
wddx_deserialize).</li>
+</ul></li>
+<li>zip:
+<ul>
+ <li><?php bugfix(72434); ?> (ZipArchive class Use After Free Vulnerability
in PHP's GC algorithm and unserialize).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
<section class="version" id="5.6.23"><!-- {{{ 5.6.23 -->
<h3>Version 5.6.23</h3>
<b><?php release_date('23-Jun-2016'); ?></b>
diff --git a/archive/archive.xml b/archive/archive.xml
index 2e791f7..fb343b8 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
<uri>http://php.net/contact</uri>
<email>[email protected]</email>
</author>
+ <xi:include href="entries/2016-06-23-3.xml"/>
<xi:include href="entries/2016-06-23-2.xml"/>
<xi:include href="entries/2016-06-23-1.xml"/>
<xi:include href="entries/2016-06-15-1.xml"/>
diff --git a/archive/entries/2016-06-23-3.xml b/archive/entries/2016-06-23-3.xml
new file mode 100644
index 0000000..bee7142
--- /dev/null
+++ b/archive/entries/2016-06-23-3.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 5.5.37 is released</title>
+ <id>http://php.net/archive/2016.php#id2016-06-23-3</id>
+ <published>2016-06-23T18:11:22+00:00</published>
+ <updated>2016-06-23T18:11:22+00:00</updated>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <category term="releases" label="New PHP release"/>
+ <link href="http://php.net/index.php#id2016-06-23-3"; rel="alternate"
type="text/html"/>
+ <link href="http://php.net/archive/2016.php#id2016-06-23-3"; rel="via"
type="text/html"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";>
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.5.37. This is a security release, several security bugs were fixed.
+
+ All PHP 5.5 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 5.5.37 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows source and binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.5.37";>ChangeLog</a>.
+ </p>
+ </div>
+ </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
index 77c32ac..088afdc 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -293,6 +293,42 @@ $OLDRELEASES = array (
),
5 =>
array (
+ '5.5.36' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/5_5_36.php',
+ ),
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-5.5.36.tar.bz2',
+ 'name' => 'PHP 5.5.36 (tar.bz2)',
+ 'md5' => '8be3d821bfedc091d3c0befc9309b945',
+ 'sha256' =>
'2484edfaa3de606d74f927b55c5206f51b1ae24ea8e428aa9fc15474c7bb71bb',
+ 'date' => '26 May 2016',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-5.5.36.tar.gz',
+ 'name' => 'PHP 5.5.36 (tar.gz)',
+ 'md5' => '90bcbc3c45dc35532208fc84774c0341',
+ 'sha256' =>
'ef829f9a9600a858e2363533b80c4e4773505bdc8ea3692d703fc893f267728a',
+ 'date' => '26 May 2016',
+ ),
+ 2 =>
+ array (
+ 'filename' => 'php-5.5.36.tar.xz',
+ 'name' => 'PHP 5.5.36 (tar.xz)',
+ 'md5' => '1db93aa3a3cfd7cfe0f41f3697db35a4',
+ 'sha256' =>
'e1bbe33d6b4da66b15c483131520a9fc505eeb6629fa70c5cfba79590a1d0801',
+ 'date' => '26 May 2016',
+ ),
+ ),
+ 'date' => '26 May 2016',
+ 'museum' => false,
+ ),
'5.6.22' =>
array (
'announcement' =>
diff --git a/include/version.inc b/include/version.inc
index 5e0df2a..44c836e 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -55,17 +55,17 @@ $PHP_5_6_SHA256 = array(
$PHP_5_5_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
$PHP_5_5_RC_DATE = '25 Jun 2015';
-$PHP_5_5_VERSION = "5.5.36";
-$PHP_5_5_DATE = "26 May 2016";
+$PHP_5_5_VERSION = "5.5.37";
+$PHP_5_5_DATE = "23 Jun 2016";
$PHP_5_5_MD5 = array(
- "tar.bz2" => "8be3d821bfedc091d3c0befc9309b945",
- "tar.gz" => "90bcbc3c45dc35532208fc84774c0341",
- "tar.xz" => "1db93aa3a3cfd7cfe0f41f3697db35a4",
+ "tar.bz2" => "3a4b249bee5451a0982263a94a8a8c9d",
+ "tar.gz" => "6431716479805df74df27377ce485bd1",
+ "tar.xz" => "707a528176283b8eecba1fa3c7123dd2",
);
$PHP_5_5_SHA256 = array(
- "tar.bz2" =>
"2484edfaa3de606d74f927b55c5206f51b1ae24ea8e428aa9fc15474c7bb71bb",
- "tar.gz" =>
"ef829f9a9600a858e2363533b80c4e4773505bdc8ea3692d703fc893f267728a",
- "tar.xz" =>
"e1bbe33d6b4da66b15c483131520a9fc505eeb6629fa70c5cfba79590a1d0801",
+ "tar.bz2" =>
"d2380ebe46caf17f2c4cd055867d00a82e6702dc5f62dc29ce864a5742905d88",
+ "tar.gz" =>
"7cef04b549fdbe00c26dc785b6ba10439672a1596db518fc46632ecba45f44b9",
+ "tar.xz" =>
"c322444fdf6d3ba26aa67d67ee32d1e815a877f35831351c83763431a80e3612",
);
$RELEASES = array(
diff --git a/releases/5_5_37.php b/releases/5_5_37.php
new file mode 100644
index 0000000..db0e6a1
--- /dev/null
+++ b/releases/5_5_37.php
@@ -0,0 +1,20 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_5_37.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.5.37 Release Announcement");
+?>
+ <h1>PHP 5.5.37 Release Announcement</h1>
+
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.5.37. This is a security release, several security bugs were fixed.
+
+ All PHP 5.5 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 5.5.37 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows source and binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.5.37";>ChangeLog</a>.
+ </p>
+
+<?php site_footer(); ?>--
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
