Commit: b62019cbbc6ab55e4379a315803fc83b604ebb4c
Author: Anatol Belski <[email protected]> Thu, 21 Jul 2016 12:16:22 +0200
Parents: d4cc47cc1f4aee8bc8c3a82745080d16163d90f8
Branches: master
Link:
http://git.php.net/?p=web/php.git;a=commitdiff;h=b62019cbbc6ab55e4379a315803fc83b604ebb4c
Log:
7.0.9 announce
Changed paths:
M ChangeLog-7.php
M archive/archive.xml
A archive/entries/2016-07-21-3.xml
M include/releases.inc
M include/version.inc
A releases/7_0_9.php
diff --git a/ChangeLog-7.php b/ChangeLog-7.php
index ffcc2c0..1bf59cb 100644
--- a/ChangeLog-7.php
+++ b/ChangeLog-7.php
@@ -7,6 +7,102 @@ site_header("PHP 7 ChangeLog", array("current" => "docs",
"css" => array("change
<h1>PHP 7 ChangeLog</h1>
+<section class="version" id="7.0.9"><!-- {{{ 7.0.9 -->
+<h3>Version 7.0.9</h3>
+<b><?php release_date('21-Jul-2016'); ?></b>
+<ul><li>Core:
+<ul>
+ <li><?php bugfix(72508); ?> (strange references after recursive function
call and "switch" statement).</li>
+ <li><?php bugfix(72513); ?> (Stack-based buffer overflow vulnerability in
virtual_file_ex).</li>
+ <li><?php bugfix(72573); ?> (HTTP_PROXY is improperly trusted by some PHP
libraries and applications).</li>
+</ul></li>
+<li>bz2:
+<ul>
+ <li><?php bugfix(72613); ?> (Inadequate error handling in bzread()).</li>
+</ul></li>
+<li>CLI:
+<ul>
+ <li><?php bugfix(72484); ?> (SCRIPT_FILENAME shows wrong path if the user
specify router.php).</li>
+</ul></li>
+<li>COM:
+<ul>
+ <li><?php bugfix(72498); ?> (variant_date_from_timestamp null
dereference).</li>
+</ul></li>
+<li>Curl:
+<ul>
+ <li><?php bugfix(72541); ?> (size_t overflow lead to heap corruption).</li>
+</ul></li>
+<li>Exif:
+<ul>
+ <li><?php bugfix(72603); ?> (Out of bound read in
exif_process_IFD_in_MAKERNOTE).</li>
+ <li><?php bugfix(72618); ?> (NULL Pointer Dereference in
exif_process_user_comment).</li>
+</ul></li>
+<li>GD:
+<ul>
+ <li><?php bugfix(43475); ?> (Thick styled lines have scrambled
patterns).</li>
+ <li><?php bugfix(53640); ?> (XBM images require width to be multiple of
8).</li>
+ <li><?php bugfix(64641); ?> (imagefilledpolygon doesn't draw horizontal
line).</li>
+ <li><?php bugfix(72512); ?> (gdImageTrueColorToPaletteBody allows arbitrary
write/read access).</li>
+ <li><?php bugfix(72519); ?> (imagegif/output out-of-bounds access).</li>
+ <li><?php bugfix(72558); ?> (Integer overflow error within
_gdContributionsAlloc()).</li>
+ <li><?php bugfix(72482); ?> (Ilegal write/read access caused by
gdImageAALine overflow).</li>
+ <li><?php bugfix(72494); ?> (imagecropauto out-of-bounds access).</li>
+</ul></li>
+<li>Intl:
+<ul>
+ <li><?php bugfix(72533); ?> (locale_accept_from_http out-of-bounds
access).</li>
+</ul></li>
+<li>Mbstring:
+<ul>
+ <li><?php bugfix(72405); ?> (mb_ereg_replace - mbc_to_code (oniguruma) - oob
read access).</li>
+ <li><?php bugfix(72399); ?> (Use-After-Free in MBString (search_re)).</li>
+</ul></li>
+<li>mcrypt:
+<ul>
+ <li><?php bugfix(72551); ?>, bug <?php bugl(72552) ?> (Incorrect casting
from size_t to int lead to heap overflow in mdecrypt_generic).</li>
+</ul></li>
+<li>PDO_pgsql:
+<ul>
+ <li><?php bugfix(72570); ?> (Segmentation fault when binding parameters on a
query without placeholders).</li>
+</ul></li>
+<li>PCRE:
+<ul>
+ <li><?php bugfix(72476); ?> (Memleak in jit_stack).</li>
+ <li><?php bugfix(72463); ?> (mail fails with invalid argument).</li>
+</ul></li>
+<li>Readline:
+<ul>
+ <li><?php bugfix(72538); ?> (readline_redisplay crashes php).</li>
+</ul></li>
+<li>Standard:
+<ul>
+ <li><?php bugfix(72505); ?> (readfile() mangles files larger than 2G).</li>
+ <li><?php bugfix(72306); ?> (Heap overflow through proc_open and $env
parameter).</li>
+</ul></li>
+<li>Session:
+<ul>
+ <li><?php bugfix(72531); ?> (ps_files_cleanup_dir Buffer overflow).</li>
+ <li><?php bugfix(72562); ?> (Use After Free in unserialize() with Unexpected
Session Deserialization).</li>
+</ul></li>
+<li>SNMP:
+<ul>
+ <li><?php bugfix(72479); ?> (Use After Free Vulnerability in SNMP with GC
and unserialize()).</li>
+</ul></li>
+<li>Streams:
+<ul>
+ <li><?php bugfix(72439); ?> (Stream socket with remote address leads to a
segmentation fault).</li>
+</ul></li>
+<li>XMLRPC:
+<ul>
+ <li><?php bugfix(72606); ?> (heap-buffer-overflow (write) simplestring_addn
simplestring.c).</li>
+</ul></li>
+<li>Zip:
+<ul>
+ <li><?php bugfix(72520); ?> (Stack-based buffer overflow vulnerability in
php_stream_zip_opener).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
<section class="version" id="7.0.8"><!-- {{{ 7.0.8 -->
<h3>Version 7.0.8</h3>
<b><?php release_date('23-Jun-2016'); ?></b>
diff --git a/archive/archive.xml b/archive/archive.xml
index c7ac0be..124054f 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
<uri>http://php.net/contact</uri>
<email>[email protected]</email>
</author>
+ <xi:include href="entries/2016-07-21-3.xml"/>
<xi:include href="entries/2016-07-21-1.xml"/>
<xi:include href="entries/2016-07-07-1.xml"/>
<xi:include href="entries/2016-06-24-1.xml"/>
diff --git a/archive/entries/2016-07-21-3.xml b/archive/entries/2016-07-21-3.xml
new file mode 100644
index 0000000..34b8bcd
--- /dev/null
+++ b/archive/entries/2016-07-21-3.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 7.0.9 Released</title>
+ <id>http://php.net/archive/2016.php#id2016-07-21-3</id>
+ <published>2016-07-21T13:00:00+01:00</published>
+ <updated>2016-07-21T13:00:00+01:00</updated>
+ <category term="releases" label="New PHP release"/>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <link href="http://php.net/index.php#id2016-07-21-3"; rel="alternate"
type="text/html"/>
+ <link href="http://php.net/archive/2016.php#id2016-07-21-3"; rel="via"
type="text/html"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";>
+ <p>The PHP development team announces the immediate availability of PHP
+ 7.0.9. This is a security release. Several security bugs were fixed in
+ this release, including the HTTP_PROXY issue.
+
+ All PHP 7.0 users are encouraged to upgrade to this version.</p>
+
+ <p>For source downloads of PHP 7.0.9 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows source and binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-7.php#7.0.9";>ChangeLog</a>.
+ </p>
+ </div>
+ </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
index 088afdc..0d59a2b 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -2,6 +2,42 @@
$OLDRELEASES = array (
7 =>
array (
+ '7.0.8' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/7_0_8.php',
+ ),
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-7.0.8.tar.bz2',
+ 'name' => 'PHP 7.0.8 (tar.bz2)',
+ 'md5' => 'd4f67b081a3c1b0b35f729ef8131cdda',
+ 'sha256' =>
'66dc7ba388490e07b1313fe3a06b1fa822e1310585fe29f4909995f131e27c8d',
+ 'date' => '23 Jun 2016',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-7.0.8.tar.gz',
+ 'name' => 'PHP 7.0.8 (tar.gz)',
+ 'md5' => '642d86f3269404abc1bbfd887b682ccf',
+ 'sha256' =>
'1f024fa6d87594b99fa312e3185c357dcffa42e07d21c726f41d1fa6f773720b',
+ 'date' => '23 Jun 2016',
+ ),
+ 2 =>
+ array (
+ 'filename' => 'php-7.0.8.tar.xz',
+ 'name' => 'PHP 7.0.8 (tar.xz)',
+ 'md5' => 'c4438583c95d3ddf746929d7fcb61045',
+ 'sha256' =>
'0a2142c458b0846f556b16da1c927d74c101aa951bb840549abe5c58584fb394',
+ 'date' => '23 Jun 2016',
+ ),
+ ),
+ 'date' => '23 Jun 2016',
+ 'museum' => false,
+ ),
'7.0.7' =>
array (
'announcement' =>
diff --git a/include/version.inc b/include/version.inc
index 5e34a28..3641e76 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -18,20 +18,20 @@
*/
/* PHP 7.0 Release */
-$PHP_7_0_RC = "7.0.9RC1"; // Current RC version (e.g., '5.6.7RC1') or false
+$PHP_7_0_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
$PHP_7_0_RC_DATE = '07 Jul 2016';
-$PHP_7_0_VERSION = "7.0.8";
-$PHP_7_0_DATE = "23 Jun 2016";
+$PHP_7_0_VERSION = "7.0.9";
+$PHP_7_0_DATE = "21 Jul 2016";
$PHP_7_0_MD5 = array(
- "tar.bz2" => "d4f67b081a3c1b0b35f729ef8131cdda",
- "tar.gz" => "642d86f3269404abc1bbfd887b682ccf",
- "tar.xz" => "c4438583c95d3ddf746929d7fcb61045",
+ "tar.bz2" => "63b32d3e97df7b30c2bcd138ef0b21c0",
+ "tar.gz" => "32ea3ce54d7d5ed03c6c600dffd65813",
+ "tar.xz" => "6294813fb3c8158cfde74302f573cac7",
);
$PHP_7_0_SHA256 = array(
- "tar.bz2" =>
"66dc7ba388490e07b1313fe3a06b1fa822e1310585fe29f4909995f131e27c8d",
- "tar.gz" =>
"1f024fa6d87594b99fa312e3185c357dcffa42e07d21c726f41d1fa6f773720b",
- "tar.xz" =>
"0a2142c458b0846f556b16da1c927d74c101aa951bb840549abe5c58584fb394",
+ "tar.bz2" =>
"2ee6968b5875f2f38700c58a189aad859a6a0b85fc337aa102ec2dc3652c3b7b",
+ "tar.gz" =>
"93895a6a610c94751c890e5ee91a7f4bc0eae476b95fe30425d13f7ae88753d5",
+ "tar.xz" =>
"970c322ba3e472cb0264b8ba9d4d92e87918da5d0cca53c4aba2a70545b8626d",
);
/* PHP 5.6 Release */
diff --git a/releases/7_0_9.php b/releases/7_0_9.php
new file mode 100644
index 0000000..bc353d7
--- /dev/null
+++ b/releases/7_0_9.php
@@ -0,0 +1,22 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/7_0_9.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 7.0.9 Release Announcement");
+?>
+
+ <h1>PHP 7.0.9 Release Announcement</h1>
+
+ <p>The PHP development team announces the immediate availability of PHP
+ 7.0.9. This is a security release. Several security bugs were fixed in
+ this release, including the HTTP_PROXY issue.
+
+ All PHP 7.0 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 7.0.9 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows source and binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-7.php#7.0.9";>ChangeLog</a>.
+ </p>
+
+<?php site_footer(); ?>--
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
