Commit: d3cbe13d1956a984f25fe593dd1454d4b1e7046b
Author: Ferenc Kovacs <[email protected]> Fri, 11 Jan 2019 00:04:53
+0100
Parents: 657a9f0b4c619bd4e16f0aee3a4071de9608bd67
Branches: master
Link:
http://git.php.net/?p=web/php.git;a=commitdiff;h=d3cbe13d1956a984f25fe593dd1454d4b1e7046b
Log:
announce 5.6.40
Changed paths:
M ChangeLog-5.php
M archive/archive.xml
A archive/entries/2019-01-10-4.xml
M include/releases.inc
M include/version.inc
A releases/5_6_40.php
diff --git a/ChangeLog-5.php b/ChangeLog-5.php
index 07d6df4..26723c5 100644
--- a/ChangeLog-5.php
+++ b/ChangeLog-5.php
@@ -7,6 +7,37 @@ site_header("PHP 5 ChangeLog", array("current" => "docs",
"css" => array("change
<h1>PHP 5 ChangeLog</h1>
+<section class="version" id="5.6.40"><!-- {{{ 5.6.40 -->
+<h3>Version 5.6.40</h3>
+<b><?php release_date('10-Jan-2019'); ?></b>
+<ul><li>GD:
+<ul>
+ <li><?php bugfix(77269); ?> (efree() on uninitialized Heap data in
imagescale leads to
+use-after-free).</li>
+ <li><?php bugfix(77270); ?> (imagecolormatch Out Of Bounds Write on
Heap).</li>
+</ul></li>
+<li>Mbstring:
+<ul>
+ <li><?php bugfix(77370); ?> (Buffer overflow on mb regex functions -
fetch_token).</li>
+ <li><?php bugfix(77371); ?> (heap buffer overflow in mb regex functions -
compile_string_node).</li>
+ <li><?php bugfix(77381); ?> (heap buffer overflow in multibyte
match_at).</li>
+ <li><?php bugfix(77382); ?> (heap buffer overflow due to incorrect length in
expand_case_fold_string).</li>
+ <li><?php bugfix(77385); ?> (buffer overflow in fetch_token).</li>
+ <li><?php bugfix(77394); ?> (Buffer overflow in multibyte case folding -
unicode).</li>
+ <li><?php bugfix(77418); ?> (Heap overflow in utf32be_mbc_to_code).</li>
+</ul></li>
+<li>Phar:
+<ul>
+ <li><?php bugfix(77247); ?> (heap buffer overflow in
phar_detect_phar_fname_ext).</li>
+</ul></li>
+<li>Xmlrpc:
+<ul>
+ <li><?php bugfix(77242); ?> (heap out of bounds read in
xmlrpc_decode()).</li>
+ <li><?php bugfix(77380); ?> (Global out of bounds read in xmlrpc base64
code).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
<section class="version" id="5.6.39"><!-- {{{ 5.6.39 -->
<h3>Version 5.6.39</h3>
<b><?php release_date('06-Dec-2018'); ?></b>
diff --git a/archive/archive.xml b/archive/archive.xml
index cbc51d6..4cd490c 100644
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
<uri>http://php.net/contact</uri>
<email>[email protected]</email>
</author>
+ <xi:include href="entries/2019-01-10-4.xml"/>
<xi:include href="entries/2019-01-10-3.xml"/>
<xi:include href="entries/2019-01-10-2.xml"/>
<xi:include href="entries/2019-01-10-1.xml"/>
diff --git a/archive/entries/2019-01-10-4.xml b/archive/entries/2019-01-10-4.xml
new file mode 100644
index 0000000..ce28a6c
--- /dev/null
+++ b/archive/entries/2019-01-10-4.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom";>
+ <title>PHP 5.6.40 Released</title>
+ <id>http://php.net/archive/2019.php#id2019-01-10-4</id>
+ <published>2019-01-10T15:01:12-08:00</published>
+ <updated>2019-01-10T15:01:12-08:00</updated>
+ <category term="frontpage" label="PHP.net frontpage news"/>
+ <category term="releases" label="New PHP release"/>
+ <link href="http://php.net/index.php#id2019-01-10-4"; rel="alternate"
type="text/html"/>
+ <link href="http://php.net/archive/2019.php#id2019-01-10-4"; rel="via"
type="text/html"/>
+ <content type="xhtml">
+ <div xmlns="http://www.w3.org/1999/xhtml";>
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.6.40. This is a security release. Several security bugs have been fixed
+ in this release.
+
+ All PHP 5.6 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 5.6.40 please visit our <a
+href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows source and binaries can be found on <a
+href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
+href="http://www.php.net/ChangeLog-5.php#5.6.40";>ChangeLog</a>.
+ </p>
+
+ <p>Please note that according to the <a
href="http://php.net/supported-versions.php";>PHP version
+support timelines</a>,
+ PHP 5.6.40 is the last scheduled release of PHP 5.6 branch. There may
be additional release if we
+discover
+ important security issues that warrant it, otherwise this release will
be the final one in the PHP
+5.6 branch.
+ If your PHP installation is based on PHP 5.6, it may be a good time to
start making the plans for
+the upgrade
+ to PHP 7.1, PHP 7.2 or PHP 7.3.
+ </p>
+ </div>
+ </content>
+</entry>
diff --git a/include/releases.inc b/include/releases.inc
index 91d9f98..9e4e2ca 100644
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -2447,6 +2447,39 @@ $OLDRELEASES = array (
),
5 =>
array (
+ '5.6.39' =>
+ array (
+ 'announcement' =>
+ array (
+ 'English' => '/releases/5_6_39.php',
+ ),
+ 'source' =>
+ array (
+ 0 =>
+ array (
+ 'filename' => 'php-5.6.39.tar.bz2',
+ 'name' => 'PHP 5.6.39 (tar.bz2)',
+ 'sha256' =>
'b3db2345f50c010b01fe041b4e0f66c5aa28eb325135136f153e18da01583ad5',
+ 'date' => '06 Dec 2018',
+ ),
+ 1 =>
+ array (
+ 'filename' => 'php-5.6.39.tar.gz',
+ 'name' => 'PHP 5.6.39 (tar.gz)',
+ 'sha256' =>
'127b122b7d6c7f3c211c0ffa554979370c3131196137404a51a391d8e2e9c7bb',
+ 'date' => '06 Dec 2018',
+ ),
+ 2 =>
+ array (
+ 'filename' => 'php-5.6.39.tar.xz',
+ 'name' => 'PHP 5.6.39 (tar.xz)',
+ 'sha256' =>
'8147576001a832ff3d03cb2980caa2d6b584a10624f87ac459fcd3948c6e4a10',
+ 'date' => '06 Dec 2018',
+ ),
+ ),
+ 'date' => '06 Dec 2018',
+ 'museum' => false,
+ ),
'5.6.38' =>
array (
'announcement' =>
diff --git a/include/version.inc b/include/version.inc
index 653f1a9..1dcd625 100644
--- a/include/version.inc
+++ b/include/version.inc
@@ -67,12 +67,12 @@ $PHP_7_0_SHA256 = array(
$PHP_5_6_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
$PHP_5_6_RC_DATE = "05 Jan 2017";
-$PHP_5_6_VERSION = "5.6.39";
-$PHP_5_6_DATE = "06 Dec 2018";
+$PHP_5_6_VERSION = "5.6.40";
+$PHP_5_6_DATE = "10 Jan 2019";
$PHP_5_6_SHA256 = array(
- "tar.bz2" =>
"b3db2345f50c010b01fe041b4e0f66c5aa28eb325135136f153e18da01583ad5",
- "tar.gz" =>
"127b122b7d6c7f3c211c0ffa554979370c3131196137404a51a391d8e2e9c7bb",
- "tar.xz" =>
"8147576001a832ff3d03cb2980caa2d6b584a10624f87ac459fcd3948c6e4a10",
+ "tar.bz2" =>
"ffd025d34623553ab2f7fd8fb21d0c9e6f9fa30dc565ca03a1d7b763023fba00",
+ "tar.gz" =>
"56fb9878d12fdd921f6a0897e919f4e980d930160e154cbde2cc6d9206a27cac",
+ "tar.xz" =>
"1369a51eee3995d7fbd1c5342e5cc917760e276d561595b6052b21ace2656d1c",
);
$RELEASES = array(
diff --git a/releases/5_6_40.php b/releases/5_6_40.php
new file mode 100644
index 0000000..c8cba4f
--- /dev/null
+++ b/releases/5_6_40.php
@@ -0,0 +1,32 @@
+<?php
+$_SERVER['BASE_PAGE'] = 'releases/5_6_40.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.6.40 Release Announcement");
+?>
+
+ <h1>PHP 5.6.40 Release Announcement</h1>
+
+ <p>The PHP development team announces the immediate availability of PHP
+ 5.6.40. This is a security release. Several security bugs have been fixed
+ in this release.
+
+ All PHP 5.6 users are encouraged to upgrade to this version.
+ </p>
+
+ <p>For source downloads of PHP 5.6.40 please visit our <a
href="http://www.php.net/downloads.php";>downloads page</a>,
+ Windows source and binaries can be found on <a
href="http://windows.php.net/download/";>windows.php.net/download/</a>.
+ The list of changes is recorded in the <a
href="http://www.php.net/ChangeLog-5.php#5.6.40";>ChangeLog</a>.
+ </p>
+
+ <p>Please note that according to the <a
href="http://php.net/supported-versions.php";>PHP version
+support timelines</a>,
+ PHP 5.6.40 is the last scheduled release of PHP 5.6 branch. There may
be additional release if we
+discover
+ important security issues that warrant it, otherwise this release will
be the final one in the PHP
+5.6 branch.
+ If your PHP installation is based on PHP 5.6, it may be a good time to
start making the plans for
+the upgrade
+ to PHP 7.1, PHP 7.2 or PHP 7.3.
+ </p>
+
+<?php site_footer(); ?>
--
PHP Webmaster List Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
