Deleted Added
full compact
NEWS (948ad747) NEWS (345cf5ea)
1PHP NEWS
2|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
1PHP NEWS
2|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
3?? ??? 2017 PHP 7.0.19
3?? ??? ????, PHP 7.2
4
4
5- GD:
6 . Fixed bug #74343 (compile fails on solaris 11 with system gd2 library).
7 (krakjoe)
8
9- OpenSSL:
10 . Fixed bug #74341 (openssl_x509_parse fails to parse ASN.1 UTCTime without
11 seconds). (Moritz Fain)
12 . Add OpenSSL 1.1.0 support. (Jakub Zelenka)
13
1413 Apr 2017 PHP 7.0.18
15
16- Core:
5- Core:
17 . Fixed bug #73370 (falsely exits with "Out of Memory" when using
18 USE_ZEND_ALLOC=0). (Nikita)
19 . Fixed bug #73960 (Leak with instance method calling static method with
20 referenced return). (Nikita)
21 . Fixed bug #74265 (Build problems after 7.0.17 release: undefined reference
22 to `isfinite'). (Nikita)
23 . Fixed bug #74302 (yield fromLABEL is over-greedy). (Sara)
24
25- Apache:
26 . Reverted patch for bug #61471, fixes bug #74318. (Anatol)
27
28- Date:
29 . Fixed bug #72096 (Swatch time value incorrect for dates before 1970). (mcq8)
30
31- DOM:
32 . Fixed bug #74004 (LIBXML_NOWARNING flag ingnored on loadHTML*).
33 (somedaysummer)
34
35- iconv:
36 . Fixed bug #74230 (iconv fails to fail on surrogates). (Anatol)
37
38- OpenSSL:
39 . Fixed bug #72333 (fwrite() on non-blocking SSL sockets doesn't work).
40 (Jakub Zelenka)
41
42- PDO MySQL:
43 . Fixed bug #71003 (Expose MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT to PDO
44 interface). (Thomas Orozco)
45
46- Streams:
47 . Fixed bug #74216 (Correctly fail on invalid IP address ports). (Sara)
48
49- Zlib:
50 . Fixed bug #74240 (deflate_add can allocate too much memory). (Matt Bonneau)
51
5216 Mar 2017 PHP 7.0.17
53
54- Core:
55 . Fixed bug #73989 (PHP 7.1 Segfaults within Symfony test suite).
56 (Dmitry, Laruence)
57 . Fixed bug #74084 (Out of bound read - zend_mm_alloc_small). (Laruence)
58 . Fixed bug #73807 (Performance problem with processing large post request).
59 (Nikita)
60 . Fixed bug #73998 (array_key_exists fails on arrays created by
61 get_object_vars). (mhagstrand)
62 . Fixed bug #73954 (NAN check fails on Alpine Linux with musl). (Andrea)
63 . Fixed bug #74039 (is_infinite(-INF) returns false). (Christian Schmidt)
64 . Fixed bug #73677 (Generating phar.phar core dump with gcc ASAN enabled
65 build). (ondrej)
66
67- Apache:
68 . Fixed bug #61471 (Incomplete POST does not timeout but is passed to PHP).
69 (Zheng Shao)
70
71- Date:
72 . Fixed bug #72719 (Relative datetime format ignores weekday on sundays
73 only). (Derick)
74 . Fixed bug #73294 (DateTime wrong when date string is negative). (Derick)
75 . Fixed bug #73489 (wrong timestamp when call setTimeZone multi times with
76 UTC offset). (xiami, Derick)
77 . Fixed bug #73858 (first/last day of' flag is not being reset). (Derick)
78 . Fixed bug #73942 ($date->modify('Friday this week') doesn't return a Friday
79 if $date is a Sunday). (Derick)
80 . Fixed bug #74057 (wrong day when using "this week" in strtotime). (Derick)
81
82- FPM:
83 . Fixed bug #69860 (php-fpm process accounting is broken with keepalive).
84 (Denis Yeldandi)
85
86- Hash:
87 . Fixed bug #73127 (gost-crypto hash incorrect if input data contains long
88 0xFF sequence). (Grundik)
89
90- GD:
91 . Fixed bug #74031 (ReflectionFunction for imagepng is missing last two
92 parameters). (finwe)
93
94- Mysqlnd:
95 . Fixed bug #74021 (fetch_array broken data. Data more then MEDIUMBLOB).
96 (Andrew Nester, Nikita)
97
98- Opcache:
99 . Fixed bug #74152 (if statement says true to a null variable). (Laruence)
100 . Fixed bug #74019 (Segfault with list). (Laruence)
101
102- OpenSSL:
103 . Fixed bug #74022 (PHP Fast CGI crashes when reading from a pfx file).
6 . Removed IS_TYPE_IMMUTABLE (it's the same as COPYABLE & !REFCOUNTED). (Dmitry)
7 . Removed the sql.safe_mode directive. (Kalle)
8 . Removed support for Netware. (Kalle)
9 . Fixed bug #54535 (WSA cleanup executes before MSHUTDOWN). (Kalle)
10 . Implemented FR #69791 (Disallow mail header injections by extra headers)
11 (Yasuo)
12 . Implemented FR #49806 (proc_nice() for Windows). (Kalle)
13 . Fix pthreads detection when cross-compiling (ffontaine)
14 . Fixed memory leaks caused by exceptions thrown from destructors. (Bob,
15 Dmitry).
16 . Fixed bug #73215 (uniqid() should use better random source). (Yasuo)
17 . Fixed bug #73337 (try/catch not working with two exceptions inside a same
18 operation). (Dmitry)
19 . Implemented FR #72768 (Add ENABLE_VIRTUAL_TERMINAL_PROCESSING flag for
20 php.exe). (Michele Locati)
21 . Implemented "Convert numeric keys in object/array casts" RFC, fixes
22 bugs #53838, #61655, #66173, #70925, #72254, etc. (Andrea)
23 . Implemented "Deprecate and Remove Bareword (Unquoted) Strings" RFC.
24 (Rowan Collins)
25 . Raised minimum supported Windows versions to Windows 7/Server 2008 R2.
104 (Anatol)
26 (Anatol)
105
106- PDO_OCI:
107 . Fixed bug #54379 (PDO_OCI: UTF-8 output gets truncated). (gureedo / Oracle)
108
109- Standard:
110 . Fixed bug #74148 (ReflectionFunction incorrectly reports the number of
111 arguments). (Laruence)
112 . Fixed bug #74005 (mail.add_x_header causes RFC-breaking lone line feed).
113 (Anatol)
114 . Fixed bug #73118 (is_callable callable name reports misleading value for
115 anonymous classes). (Adam Saponara)
116 . Fixed bug #74105 (PHP on Linux should use /dev/urandom when getrandom is
117 not available). (Benjamin Robin)
118
119- Streams:
120 . Fixed bug #73496 (Invalid memory access in zend_inline_hash_func).
121 (Laruence)
122 . Fixed bug #74090 (stream_get_contents maxlength>-1 returns empty string).
123 (Anatol)
124
125
12616 Feb 2017 PHP 7.0.16
127
128- Core:
129 . Fixed bug #73916 (zend_print_flat_zval_r doesn't consider reference).
130 (Laruence)
131 . Fixed bug #73876 (Crash when exporting **= in expansion of assign op).
132 (Sara)
27 . Implemented minor optimization in array_keys/array_values(). (Sara)
133 . Fixed bug #73969 (segfault in debug_print_backtrace). (andrewnester)
28 . Fixed bug #73969 (segfault in debug_print_backtrace). (andrewnester)
29 . Added PHP_OS_FAMILY constant to determine on which OS we are. (Jan Altensen)
30 . Fixed bug #73994 (arginfo incorrect for unpack). (krakjoe)
134 . Fixed bug #73973 (assertion error in debug_zval_dump). (andrewnester)
31 . Fixed bug #73973 (assertion error in debug_zval_dump). (andrewnester)
32 . Fixed bug #73987 (Method compatibility check looks to original
33 definition and not parent). (pmmaga)
34 . Fixed bug #73991 (JSON_OBJECT_AS_ARRAY not respected). (Sara)
35 . Fixed bug #74053 (Corrupted class entries on shutdown when a destructor
36 spawns another object). (jim at commercebyte dot com)
37 . Fixed bug #73971 (Filename got limited to MAX_PATH on Win32 when scan
38 directory). (Anatol)
39 . Fixed bug #74149 (static embed SAPI linkage error). (krakjoe)
40 . Fixed bug #72359, bug #72451, bug #73706, bug #71115 and others related
41 to interned strings handling in TS builds. (Anatol, Dmitry)
135
42
136- DOM:
137 . Fixed bug #54382 (getAttributeNodeNS doesn't get xmlns* attributes).
138 (aboks)
43- BCMath:
44 . Fixed bug #46564 (bcmod truncates fractionals). (liborm85)
139
45
140- DTrace:
141 . Fixed bug #73965 (DTrace reported as enabled when disabled). (Remi)
142
143- FPM:
144 . Fixed bug #67583 (double fastcgi_end_request on max_children limit).
145 (Dmitry Saprykin)
146 . Fixed bug #69865 (php-fpm does not close stderr when using syslog).
147 (m6w6)
148
149- GD:
150 . Fixed bug #73968 (Premature failing of XBM reading). (cmb)
151
152- GMP:
153 . Fixed bug #69993 (test for gmp.h needs to test machine includes).
154 (Jordan Gigov)
155
156- Intl:
157 . Fix bug #73956 (Link use CC instead of CXX). (Remi)
158
159- LDAP:
160 . Fixed bug #73933 (error/segfault with ldap_mod_replace and opcache).
161 (Laruence)
162
163- MySQLi:
164 . Fixed bug #73949 (leak in mysqli_fetch_object). (krakjoe)
165
166- Mysqlnd:
167 . Fixed bug #69899 (segfault on close() after free_result() with mysqlnd).
168 (Richard Fussenegger)
169
170- Opcache:
171 . Fixed bug #73983 (crash on finish work with phar in cli + opcache).
172 (Anatol)
173
174- OpenSSL:
175 . Fixed bug #71519 (add serial hex to return value array). (xrobau)
176
177- PDO_Firebird:
178 . Implemented FR #72583 (All data are fetched as strings). (Dorin Marcoci)
179
180- PDO_PgSQL:
181 . Fixed bug #73959 (lastInsertId fails to throw an exception for wrong
182 sequence name). (andrewnester)
183
184- Phar:
185 . Fixed bug #70417 (PharData::compress() doesn't close temp file). (cmb)
186
187- posix:
188 . Fixed bug #71219 (configure script incorrectly checks for ttyname_r). (atoth)
189
190- Session:
191 . Fixed bug #69582 (session not readable by root in CLI). (EvgeniySpinov)
192
193- SPL:
194 . Fixed bug #73896 (spl_autoload() crashes when calls magic _call()). (Dmitry)
195
196- Standard:
197 . Fixed bug #69442 (closing of fd incorrect when PTS enabled). (jaytaph)
198 . Fixed bug #47021 (SoapClient stumbles over WSDL delivered with
199 "Transfer-Encoding: chunked"). (Rowan Collins)
200 . Fixed bug #72974 (imap is undefined service on AIX). (matthieu.sarter)
201 . Fixed bug #72979 (money_format stores wrong length AIX). (matthieu.sarter)
202
203- ZIP:
204 . Fixed bug #70103 (ZipArchive::addGlob ignores remove_all_path option). (cmb,
205 Mitch Hagstrand)
206
20719 Jan 2017 PHP 7.0.15
208
209- Core:
210 . Fixed bug #73792 (invalid foreach loop hangs script). (Dmitry)
211 . Fixed bug #73663 ("Invalid opcode 65/16/8" occurs with a variable created
212 with list()). (Laruence)
213 . Fixed bug #73585 (Logging of "Internal Zend error - Missing class
214 information" missing class name). (Laruence)
215 . Fixed bug #73753 (unserialized array pointer not advancing). (David Walker)
216 . Fixed bug #73825 (Heap out of bounds read on unserialize in
217 finish_nested_data()). (Stas)
218 . Fixed bug #73831 (NULL Pointer Dereference while unserialize php object).
219 (Stas)
220 . Fixed bug #73832 (Use of uninitialized memory in unserialize()). (Stas)
221 . Fixed bug #73092 (Unserialize use-after-free when resizing object's
222 properties hash table). (Nikita)
223 . Fixed bug #69425 (Use After Free in unserialize()). (Nikita)
224 . Fixed bug #72731 (Type Confusion in Object Deserialization). (Nikita)
225
226- COM:
227 . Fixed bug #73679 (DOTNET read access violation using invalid codepage).
228 (Anatol)
229
230- DOM:
231 . Fixed bug #67474 (getElementsByTagNameNS filter on default ns). (aboks)
232
233- EXIF:
234 . Bug bug #73737 (FPE when parsing a tag format). (Stas)
235
236- GD:
237 . Fixed bug #73869 (Signed Integer Overflow gd_io.c). (cmb)
238 . Fixed bug #73868 (DOS vulnerability in gdImageCreateFromGd2Ctx()). (cmb)
239
240- GMP:
241 . Fixed bug #70513 (GMP Deserialization Type Confusion Vulnerability).
242 (Nikita)
243
244- Mysqli:
245 . Fixed bug #73462 (Persistent connections don't set $connect_errno).
246 (darkain)
247
248- Mysqlnd:
249 . Fixed issue with decoding BIT columns when having more than one rows in the
250 result set. 7.0+ problem. (Andrey)
251 . Fixed bug #73800 (sporadic segfault with MYSQLI_OPT_INT_AND_FLOAT_NATIVE).
252 (vanviegen)
253
254- PCRE:
255 . Fixed bug #73612 (preg_*() may leak memory). (cmb)
256
257- PDO_Firebird:
258 . Fixed bug #72931 (PDO_FIREBIRD with Firebird 3.0 not work on returning
259 statement). (Dorin Marcoci)
260
261- Phar:
262 . Fixed bug #73773 (Seg fault when loading hostile phar). (Stas)
263 . Fixed bug #73768 (Memory corruption when loading hostile phar). (Stas)
264 . Fixed bug #73764 (Crash while loading hostile phar archive). (Stas)
265
266- Phpdbg:
267 . Fixed bug #73615 (phpdbg without option never load .phpdbginit at startup).
268 (Bob)
269 . Fixed issue getting executable lines from custom wrappers. (Bob)
270 . Fixed bug #73704 (phpdbg shows the wrong line in files with shebang). (Bob)
271
272- Reflection:
273 . Fixed bug #46103 (ReflectionObject memory leak). (Nikita)
274
275- Streams:
276 . Fixed bug #73586 (php_user_filter::$stream is not set to the stream the
277 filter is working on). (Dmitry)
278
279- SQLite3:
280 . Reverted fix for bug #73530 (Unsetting result set may reset other result
281 set). (cmb)
282
283- Standard:
284 . Fixed bug #73594 (dns_get_record does not populate $additional out
285 parameter). (Bruce Weirdan)
286 . Fixed bug #70213 (Unserialize context shared on double class lookup).
287 (Taoguang Chen)
288 . Fixed bug #73154 (serialize object with __sleep function crash). (Nikita)
289 . Fixed bug #70490 (get_browser function is very slow). (Nikita)
290 . Fixed bug #73265 (Loading browscap.ini at startup causes high memory usage).
291 (Nikita)
292 . Fixed bug #31875 (get_defined_functions additional param to exclude
293 disabled functions). (willianveiga)
294
295- Zlib:
296 . Fixed bug #73373 (deflate_add does not verify that output was not truncated).
297 (Matt Bonneau)
298
29908 Dec 2016 PHP 7.0.14
300
301- Core:
302 . Fixed memory leak(null coalescing operator with Spl hash). (Tyson Andre)
303 . Fixded bug #72736 (Slow performance when fetching large dataset with mysqli
304 / PDO). (Dmitry)
305
306- Calendar:
307 . Fix integer overflows (Joshua Rogers)
308
309- Date:
310 . Fixed bug #69587 (DateInterval properties and isset). (jhdxr)
311
46- Calendar:
47 . Fix integer overflows (Joshua Rogers)
48
49- Date:
50 . Fixed bug #69587 (DateInterval properties and isset). (jhdxr)
51
312- DTrace:
313 . Disabled PHP call tracing by default (it makes significant overhead).
314 This may be enabled again using envirionment variable USE_ZEND_DTRACE=1.
315 (Dmitry)
316
317- JSON:
318 . Fixed bug #73526 (php_json_encode depth issue). (Jakub Zelenka)
319
320- Mysqlnd:
321 . Fixed bug #64526 (Add missing mysqlnd.* parameters to php.ini-*). (cmb)
322
323- ODBC:
324 . Fixed bug #73448 (odbc_errormsg returns trash, always 513 bytes).
325 (Anatol)
326
327- Opcache:
328 . Fixed bug #69090 (check cached files permissions). (dmitry)
329 . Fixed bug #73546 (Logging for opcache has an empty file name). (mhagstrand)
330
331- PCRE:
332 . Fixed bug #73483 (Segmentation fault on pcre_replace_callback). (Laruence)
333 . Fixed bug #73392 (A use-after-free in zend allocator management).
334 (Laruence)
335
336- PDO_Firebird:
337 . Fixed bug #73087, #61183, #71494 (Memory corruption in bindParam).
338 (Dorin Marcoci)
339
340- Postgres:
341 . Fixed bug #73498 (Incorrect SQL generated for pg_copy_to()). (Craig Duncan)
342
343- Phar:
344 . Fixed bug #73580 (Phar::isValidPharFilename illegal memory access). (Stas)
345
346- Soap:
347 . Fixed bug #73538 (SoapClient::__setSoapHeaders doesn't overwrite SOAP
348 headers). (duncan3dc)
349 . Fixed bug #73452 (Segfault (Regression for #69152)). (Dmitry)
350
351- SPL:
352 . Fixed bug #73423 (Reproducible crash with GDB backtrace). (Laruence)
353
354- SQLite3:
355 . Fixed bug #73530 (Unsetting result set may reset other result set). (cmb)
356
357- Standard:
358 . Fixed bug #73297 (HTTP stream wrapper should ignore HTTP 100 Continue).
359 (rowan dot collins at gmail dot com)
360 . Fixed bug #73645 (version_compare illegal write access). (Stas)
361
362- Wddx:
363 . Fixed bug #73631 (Invalid read when wddx decodes empty boolean element).
364 (Stas)
365
366- XML:
367 . Fixed bug #72135 (malformed XML causes fault) (edgarsandi)
368
36910 Nov 2016 PHP 7.0.13
370
371- Core:
372 . Fixed bug #73350 (Exception::__toString() cause circular references).
373 (Laruence)
374 . Fixed bug #73181 (parse_str() without a second argument leads to crash).
375 (Nikita)
376 . Fixed bug #66773 (Autoload with Opcache allows importing conflicting class
377 name to namespace). (Nikita)
378 . Fixed bug #66862 ((Sub-)Namespaces unexpected behaviour). (Nikita)
379 . Fix pthreads detection when cross-compiling (ffontaine)
380 . Fixed bug #73337 (try/catch not working with two exceptions inside a same
381 operation). (Dmitry)
382 . Fixed bug #73338 (Exception thrown from error handler causes valgrind
383 warnings (and crashes)). (Bob, Dmitry)
384 . Fixed bug #73329 ((Float)"Nano" == NAN). (Anatol)
385
386- GD:
387 . Fixed bug #73213 (Integer overflow in imageline() with antialiasing). (cmb)
388 . Fixed bug #73272 (imagescale() is not affected by, but affects
389 imagesetinterpolation()). (cmb)
390 . Fixed bug #73279 (Integer overflow in gdImageScaleBilinearPalette()). (cmb)
391 . Fixed bug #73280 (Stack Buffer Overflow in GD dynamicGetbuf). (cmb)
392 . Fixed bug #72482 (Ilegal write/read access caused by gdImageAALine
393 overflow). (cmb)
394 . Fixed bug #72696 (imagefilltoborder stackoverflow on truecolor images).
395 (cmb)
396
397- IMAP:
398 . Fixed bug #73418 (Integer Overflow in "_php_imap_mail" leads to crash).
399 (Anatol)
400
401- OCI8
402 . Fixed bug #71148 (Bind reference overwritten on PHP 7). (Oracle Corp.)
403
404- phpdbg:
405 . Properly allow for stdin input from a file. (Bob)
406 . Add -s command line option / stdin command for reading script from stdin.
407 (Bob)
408 . Ignore non-executable opcodes in line mode of phpdbg_end_oplog(). (Bob)
409 . Fixed bug #70776 (Simple SIGINT does not have any effect with -rr). (Bob)
410 . Fixed bug #71234 (INI files are loaded even invoked as -n --version). (Bob)
411
412- Session:
413 . Fixed bug #73273 (session_unset() empties values from all variables in which
414 is $_session stored). (Nikita)
415
416- SOAP:
417 . Fixed bug #73037 (SoapServer reports Bad Request when gzipped). (Anatol)
418 . Fixed bug #73237 (Nested object in "any" element overwrites other fields).
419 (Keith Smiley)
420 . Fixed bug #69137 (Peer verification fails when using a proxy with SoapClient)
421 (Keith Smiley)
422
423- SQLite3:
424 . Fixed bug #73333 (2147483647 is fetched as string). (cmb)
425
426- Standard:
427 . Fixed bug #73203 (passing additional_parameters causes mail to fail). (cmb)
428 . Fixed bug #71241 (array_replace_recursive sometimes mutates its parameters).
429 (adsr)
430 . Fixed bug #73192 (parse_url return wrong hostname). (Nikita)
431
432- Wddx:
433 . Fixed bug #73331 (NULL Pointer Dereference in WDDX Packet Deserialization
434 with PDORow). (Stas)
435
43613 Oct 2016 PHP 7.0.12
437
438- Core:
439 . Fixed bug #73025 (Heap Buffer Overflow in virtual_popen of
440 zend_virtual_cwd.c). (cmb)
441 . Fixed bug #72703 (Out of bounds global memory read in BF_crypt triggered by
442 password_verify). (Anatol)
443 . Fixed bug #73058 (crypt broken when salt is 'too' long). (Anatol)
444 . Fixed bug #69579 (Invalid free in extension trait). (John Boehr)
445 . Fixed bug #73156 (segfault on undefined function). (Dmitry)
446 . Fixed bug #73163 (PHP hangs if error handler throws while accessing undef
447 const in default value). (Nikita)
448 . Fixed bug #73172 (parse error: Invalid numeric literal). (Nikita, Anatol)
449 . Fixed for #73240 (Write out of bounds at number_format). (Stas)
450 . Fixed bug #73147 (Use After Free in PHP7 unserialize()). (Stas)
451 . Fixed bug #73189 (Memcpy negative size parameter php_resolve_path). (Stas)
452
453- BCmath:
454 . Fix bug #73190 (memcpy negative parameter _bc_new_num_ex). (Stas)
455
456- COM:
457 . Fixed bug #73126 (Cannot pass parameter 1 by reference). (Anatol)
458
459- Date:
460 . Fixed bug #73091 (Unserializing DateInterval object may lead to __toString
461 invocation). (Stas)
462
463- DOM:
52- DOM:
464 . Fixed bug #73150 (missing NULL check in dom_document_save_html). (Stas)
53 . Fixed bug #67474 (getElementsByTagNameNS filter on default ns). (aboks)
54 . Fixed bug #54382 (getAttributeNodeNS doesn't get xmlns* attributes).
55 (aboks)
56 . Fixed bug #74004 (LIBXML_NOWARNING (etc) ignored by DOMDocument::loadHTML).
57 (somedaysummer)
465
58
466- Filter:
467 . Fixed bug #72972 (Bad filter for the flags FILTER_FLAG_NO_RES_RANGE and
468 FILTER_FLAG_NO_PRIV_RANGE). (julien)
469 . Fixed bug #73054 (default option ignored when object passed to int filter).
470 (cmb)
471
472- GD:
473 . Fixed bug #67325 (imagetruecolortopalette: white is duplicated in palette).
474 (cmb)
475 . Fixed bug #50194 (imagettftext broken on transparent background w/o
476 alphablending). (cmb)
477 . Fixed bug #73003 (Integer Overflow in gdImageWebpCtx of gd_webp.c). (trylab,
478 cmb)
479 . Fixed bug #53504 (imagettfbbox gives incorrect values for bounding box).
480 (Mark Plomer, cmb)
481 . Fixed bug #73157 (imagegd2() ignores 3rd param if 4 are given). (cmb)
482 . Fixed bug #73155 (imagegd2() writes wrong chunk sizes on boundaries). (cmb)
483 . Fixed bug #73159 (imagegd2(): unrecognized formats may result in corrupted
484 files). (cmb)
485 . Fixed bug #73161 (imagecreatefromgd2() may leak memory). (cmb)
486
487- Intl:
488 . Fixed bug #73218 (add mitigation for ICU int overflow). (Stas)
489
490- Mbstring:
491 . Fixed bug #66797 (mb_substr only takes 32-bit signed integer). (cmb)
492 . Fixed bug #66964 (mb_convert_variables() cannot detect recursion) (Yasuo)
493 . Fixed bug #72992 (mbstring.internal_encoding doesn't inherit default_charset).
494 (Yasuo)
495
496- Mysqlnd:
497 . Fixed bug #72489 (PHP Crashes When Modifying Array Containing MySQLi Result
498 Data). (Nikita)
499
500- Opcache:
501 . Fixed bug #72982 (Memory leak in zend_accel_blacklist_update_regexp()
502 function). (Laruence)
503
504- OpenSSL:
505 . Fixed bug #73072 (Invalid path SNI_server_certs causes segfault).
506 (Jakub Zelenka)
507 . Fixed bug #73276 (crash in openssl_random_pseudo_bytes function). (Stas)
508 . Fixed bug #73275 (crash in openssl_encrypt function). (Stas)
509
510- PCRE:
511 . Fixed bug #73121 (Bundled PCRE doesn't compile because JIT isn't supported
512 on s390). (Anatol)
513 . Fixed bug #73174 (heap overflow in php_pcre_replace_impl). (Stas)
514
515- PDO_DBlib:
516 . Fixed bug #72414 (Never quote values as raw binary data). (Adam Baratz)
517 . Allow \PDO::setAttribute() to set query timeouts. (Adam Baratz)
518 . Handle SQLDECIMAL/SQLNUMERIC types, which are used by later TDS versions.
519 (Adam Baratz)
520 . Add common PDO test suite. (Adam Baratz)
521 . Free error and message strings when cleaning up PDO instances.
522 (Adam Baratz)
523 . Fixed bug #67130 (\PDOStatement::nextRowset() should succeed when all rows
524 in current rowset haven't been fetched). (Peter LeBrun)
525 . Ignore potentially misleading dberr values. (Chris Kings-Lynne)
526
527- phpdbg:
528 . Fixed bug #72996 (phpdbg_prompt.c undefined reference to DL_LOAD). (Nikita)
529 . Fixed next command not stopping when leaving function. (Bob)
530
531- Session:
532 . Fixed bug #68015 (Session does not report invalid uid for files save handler).
533 (Yasuo)
534 . Fixed bug #73100 (session_destroy null dereference in ps_files_path_create).
535 (cmb)
536
537- SimpleXML:
538 . Fixed bug #73293 (NULL pointer dereference in SimpleXMLElement::asXML()).
539 (Stas)
540
541- SOAP:
542 . Fixed bug #71711 (Soap Server Member variables reference bug). (Nikita)
543 . Fixed bug #71996 (Using references in arrays doesn't work like expected).
544 (Nikita)
545
546- SPL:
547 . Fixed bug #73257, #73258 (SplObjectStorage unserialize allows use of
548 non-object as key). (Stas)
549
550- SQLite3:
551 . Updated bundled SQLite3 to 3.14.2. (cmb)
552
553- Zip:
554 . Fixed bug #70752 (Depacking with wrong password leaves 0 length files).
555 (cmb)
556
55715 Sep 2016 PHP 7.0.11
558
559- Core:
560 . Fixed bug #72944 (Null pointer deref in zval_delref_p). (Dmitry)
561 . Fixed bug #72943 (assign_dim on string doesn't reset hval). (Laruence)
562 . Fixed bug #72911 (Memleak in zend_binary_assign_op_obj_helper). (Laruence)
563 . Fixed bug #72813 (Segfault with __get returned by ref). (Laruence)
564 . Fixed bug #72767 (PHP Segfaults when trying to expand an infinite operator).
565 (Nikita)
566 . Fixed bug #72854 (PHP Crashes on duplicate destructor call). (Nikita)
567 . Fixed bug #72857 (stream_socket_recvfrom read access violation). (Anatol)
568
569- COM:
570 . Fixed bug #72922 (COM called from PHP does not return out parameters).
571 (Anatol)
572
573- Dba:
574 . Fixed bug #70825 (Cannot fetch multiple values with group in ini file).
575 (cmb)
576
577- FTP:
578 . Fixed bug #70195 (Cannot upload file using ftp_put to FTPES with
579 require_ssl_reuse). (Benedict Singer)
580
581- GD:
582 . Fixed bug #72709 (imagesetstyle() causes OOB read for empty $styles). (cmb)
583 . Fixed bug #66005 (imagecopy does not support 1bit transparency on truecolor
584 images). (cmb)
585 . Fixed bug #72913 (imagecopy() loses single-color transparency on palette
586 images). (cmb)
587 . Fixed bug #68716 (possible resource leaks in _php_image_convert()). (cmb)
588
589- iconv:
590 . Fixed bug #72320 (iconv_substr returns false for empty strings). (cmb)
591
592- IMAP:
593 . Fixed bug #72852 (imap_mail null dereference). (Anatol)
594
595- Intl:
596 . Fixed bug #65732 (grapheme_*() is not Unicode compliant on CR LF
597 sequence). (cmb)
598 . Fixed bug #73007 (add locale length check). (Stas)
599
600- Mysqlnd:
601 . Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields). (Stas)
602
603- OCI8
604 . Fixed invalid handle error with Implicit Result Sets. (Chris Jones)
605 . Fixed bug #72524 (Binding null values triggers ORA-24816 error). (Chris Jones)
606
607- Opcache:
608 . Fixed bug #72949 (Typo in opcache error message). (cmb)
609
610- PDO:
611 . Fixed bug #72788 (Invalid memory access when using persistent PDO
612 connection). (Keyur)
613 . Fixed bug #72791 (Memory leak in PDO persistent connection handling). (Keyur)
614 . Fixed bug #60665 (call to empty() on NULL result using PDO::FETCH_LAZY
615 returns false). (cmb)
616
617- PDO_DBlib:
618 . Implemented stringify 'uniqueidentifier' fields.
619 (Alexander Zhuravlev, Adam Baratz)
620
621- PDO_pgsql:
622 . Implemented FR #72633 (Postgres PDO lastInsertId() should work without
623 specifying a sequence). (Pablo Santiago S��nchez, Matteo)
624 . Fixed bug #72759 (Regression in pgo_pgsql). (Anatol)
625
626- Phar:
627 . Fixed bug #72928 (Out of bound when verify signature of zip phar in
628 phar_parse_zipfile). (Stas)
629 . Fixed bug #73035 (Out of bound when verify signature of tar phar in
630 phar_parse_tarfile). (Stas)
631
632- Reflection:
633 . Fixed bug #72846 (getConstant for a array constant with constant values
634 returns NULL/NFC/UKNOWN). (Laruence)
635
636- Session:
637 . Fixed bug #72724 (PHP7: session-uploadprogress kills httpd). (Nikita)
638 . Fixed bug #72940 (SID always return "name=ID", even if session
639 cookie exist). (Yasuo)
640
641- SimpleXML:
642 . Fixed bug #72971 (SimpleXML isset/unset do not respect namespace). (Nikita)
643 . Fixed bug #72957 (Null coalescing operator doesn't behave as expected with
644 SimpleXMLElement). (Nikita)
645
646- SPL:
647 . Fixed bug #73029 (Missing type check when unserializing SplArray). (Stas)
648
649- Standard:
650 . Fixed bug #55451 (substr_compare NULL length interpreted as 0). (Lauri
651 Kentt��)
652 . Fixed bug #72278 (getimagesize returning FALSE on valid jpg). (cmb)
653 . Fixed bug #65550 (get_browser() incorrectly parses entries with "+" sign).
654 (cmb)
655
656- Streams:
657 . Fixed bug #72853 (stream_set_blocking doesn't work). (Laruence)
658 . Fixed bug #72764 (ftps:// opendir wrapper data channel encryption fails
659 with IIS FTP 7.5, 8.5). (vhuk)
660 . Fixed bug #71882 (Negative ftruncate() on php://memory exhausts memory).
661 (cmb)
662
663- SQLite3:
664 . Downgraded bundled SQLite to 3.8.10.2. (Anatol);
665
666- Sysvshm:
667 . Fixed bug #72858 (shm_attach null dereference). (Anatol)
668
669- XML:
670 . Fixed bug #72085 (SEGV on unknown address zif_xml_parse). (cmb)
671 . Fixed bug #72714 (_xml_startElementHandler() segmentation fault). (cmb)
672
673- Wddx:
674 . Fixed bug #72860 (wddx_deserialize use-after-free). (Stas)
675 . Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element). (Stas)
676
677- ZIP:
678 . Fixed bug #68302 (impossible to compile php with zip support). (cmb)
679
68018 Aug 2016 PHP 7.0.10
681
682- Core:
683 . Fixed bug #72629 (Caught exception assignment to variables ignores
684 references). (Laruence)
685 . Fixed bug #72594 (Calling an earlier instance of an included anonymous
686 class fatals). (Laruence)
687 . Fixed bug #72581 (previous property undefined in Exception after
688 deserialization). (Laruence)
689 . Fixed bug #72496 (Cannot declare public method with signature incompatible
690 with parent private method). (Pedro Magalh��es)
691 . Fixed bug #72024 (microtime() leaks memory). (maroszek at gmx dot net)
692 . Fixed bug #71911 (Unable to set --enable-debug on building extensions by
693 phpize on Windows). (Yuji Uchiyama)
694 . Fixed bug causing ClosedGeneratorException being thrown into the calling
695 code instead of the Generator yielding from. (Bob)
696 . Implemented FR #72614 (Support "nmake test" on building extensions by
697 phpize). (Yuji Uchiyama)
698 . Fixed bug #72641 (phpize (on Windows) ignores PHP_PREFIX).
699 (Yuji Uchiyama)
700 . Fixed potential segfault in object storage freeing in shutdown sequence.
701 (Bob)
702 . Fixed bug #72663 (Create an Unexpected Object and Don't Invoke
703 __wakeup() in Deserialization). (Stas)
704 . Fixed bug #72681 (PHP Session Data Injection Vulnerability). (Stas)
705 . Fixed bug #72683 (getmxrr broken). (Anatol)
706 . Fixed bug #72742 (memory allocator fails to realloc small block to large
707 one). (Stas)
708 . Fixed URL rewriter partially. It would not rewrite '//example.com/' URL
709 unconditionally. Only requested host(HTTP_HOST) is rewritten. (Yasuo)
710
711- Bz2:
712 . Fixed bug #72837 (integer overflow in bzdecompress caused heap
713 corruption). (Stas)
714
715- Calendar:
716 . Fixed bug #67976 (cal_days_month() fails for final month of the French
717 calendar). (cmb)
718 . Fixed bug #71894 (AddressSanitizer: global-buffer-overflow in
719 zif_cal_from_jd). (cmb)
720
721- COM:
722 . Fixed bug #72569 (DOTNET/COM array parameters broke in PHP7). (Anatol)
723
724- CURL:
725 . Fixed bug #71709 (curl_setopt segfault with empty CURLOPT_HTTPHEADER).
726 (Pierrick)
727 . Fixed bug #71929 (CURLINFO_CERTINFO data parsing error). (Pierrick)
728 . Fixed bug #72674 (Heap overflow in curl_escape). (Stas)
729
730- DOM:
731 . Fixed bug #66502 (DOM document dangling reference). (Sean Heelan, cmb)
732
733- EXIF:
59- EXIF:
734 . Fixed bug #72735 (Samsung picture thumb not read (zero size)). (Kalle, Remi)
735 . Fixed bug #72627 (Memory Leakage In exif_process_IFD_in_TIFF). (Stas)
60 . Added support for vendor specific tags for the following formats:
61 Samsung, DJI, Panasonic, Sony, Pentax, Minolta & Sigma/Foveon. (Kalle)
62 . Fixed bug #72682 (exif_read_data() fails to read all data for some
63 images). (Kalle)
64 . Fixed bug #71534 (Type confusion in exif_read_data() leading to heap
65 overflow in debug mode). (hlt99 at blinkenshell dot org, Kalle)
66 . Fixed bug #68547 (Exif Header component value check error).
67 (sjh21a at gmail dot com, Kalle)
68 . Fixed bug #66443 (Corrupt EXIF header: maximum directory nesting level
69 reached for some cameras). (Kalle)
70 . Fixed Redhat bug #1362571 (PHP not returning full results for
71 exif_read_data function). (Kalle)
736
72
737- Filter:
738 . Fixed bug #71745 (FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8
739 range). (bugs dot php dot net at majkl578 dot cz)
740
741- FPM:
73- FPM:
742 . Fixed bug #72575 (using --allow-to-run-as-root should ignore missing user).
743 (gooh)
74 . Configuration to limit fpm slow log trace callers. (Sannis)
75 . Fixed bug #69865 (php-fpm does not close stderr when using syslog).
76 (Mike)
744
77
745- GD:
746 . Fixed bug #72596 (imagetypes function won't advertise WEBP support). (cmb)
747 . Fixed bug #72604 (imagearc() ignores thickness for full arcs). (cmb)
748 . Fixed bug #70315 (500 Server Error but page is fully rendered). (cmb)
749 . Fixed bug #43828 (broken transparency of imagearc for truecolor in
750 blendingmode). (cmb)
751 . Fixed bug #66555 (Always false condition in ext/gd/libgd/gdkanji.c). (cmb)
752 . Fixed bug #68712 (suspicious if-else statements). (cmb)
753 . Fixed bug #72697 (select_colors write out-of-bounds). (Stas)
754 . Fixed bug #72730 (imagegammacorrect allows arbitrary write access). (Stas)
755 . Fixed bug #72494 (imagecropauto out-of-bounds access). (Fernando, Pierre,
756 cmb)
78- FTP:
79 . Implement MLSD for structured listing of directories. (blar)
757
80
758- Intl:
759 . Fixed bug #72639 (Segfault when instantiating class that extends
760 IntlCalendar and adds a property). (Laruence)
761 . Partially fixed #72506 (idn_to_ascii for UTS #46 incorrect for long domain
762 names). (cmb)
763
764- mbstring:
765 . Fixed bug #72691 (mb_ereg_search raises a warning if a match zero-width).
766 (cmb)
767 . Fixed bug #72693 (mb_ereg_search increments search position when a match
768 zero-width). (cmb)
769 . Fixed bug #72694 (mb_ereg_search_setpos does not accept a string's last
770 position). (cmb)
771 . Fixed bug #72710 (`mb_ereg` causes buffer overflow on regexp compile error).
772 (ju1ius)
773
774- Mcrypt:
775 . Fixed bug #72782 (Heap Overflow due to integer overflows). (Stas)
776
777- Opcache:
778 . Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).
779 (Keyur)
780
781- PCRE:
782 . Fixed bug #72688 (preg_match missing group names in matches). (cmb)
783
784- PDO_pgsql:
785 . Fixed bug #70313 (PDO statement fails to throw exception). (Matteo)
786
787- Reflection:
788 . Fixed bug #72222 (ReflectionClass::export doesn't handle array constants).
789 (Nikita Nefedov)
790
791- SimpleXML:
792 . Fixed bug #72588 (Using global var doesn't work while accessing SimpleXML
793 element). (Laruence)
794
795- SNMP:
796 . Fixed bug #72708 (php_snmp_parse_oid integer overflow in memory
797 allocation). (djodjo at gmail dot com)
798
799- SPL:
800 . Fixed bug #55701 (GlobIterator throws LogicException). (Valentin V��LCIU)
801 . Fixed bug #72646 (SplFileObject::getCsvControl does not return the escape
802 character). (cmb)
803 . Fixed bug #72684 (AppendIterator segfault with closed generator). (Pierrick)
804
805- SQLite3:
806 . Fixed bug #72668 (Spurious warning when exception is thrown in user defined
807 function). (Laruence)
808 . Fixed bug #72571 (SQLite3::bindValue, SQLite3::bindParam crash). (Laruence)
809 . Implemented FR #72653 (SQLite should allow opening with empty filename).
810 (cmb)
811 . Updated to SQLite3 3.13.0. (cmb)
812
813- Standard:
814 . Fixed bug #72622 (array_walk + array_replace_recursive create references
815 from nothing). (Laruence)
816 . Fixed bug #72152 (base64_decode $strict fails to detect null byte).
817 (Lauri Kentt��)
818 . Fixed bug #72263 (base64_decode skips a character after padding in strict
819 mode). (Lauri Kentt��)
820 . Fixed bug #72264 (base64_decode $strict fails with whitespace between
821 padding). (Lauri Kentt��)
822 . Fixed bug #72330 (CSV fields incorrectly split if escape char followed by
823 UTF chars). (cmb)
824
825- Streams:
826 . Fixed bug #41021 (Problems with the ftps wrapper). (vhuk)
827 . Fixed bug #54431 (opendir() does not work with ftps:// wrapper). (vhuk)
828 . Fixed bug #72667 (opendir() with ftp:// attempts to open data stream for
829 non-existent directories). (vhuk)
830 . Fixed bug #72771 (ftps:// wrapper is vulnerable to protocol downgrade
831 attack). (Stas)
832
833- XMLRPC:
834 . Fixed bug #72647 (xmlrpc_encode() unexpected output after referencing
835 array elements). (Laruence)
836
837- Wddx:
838 . Fixed bug #72564 (boolean always deserialized as "true") (Remi)
839 . Fixed bug #72142 (WDDX Packet Injection Vulnerability in
840 wddx_serialize_value()). (Taoguang Chen)
841 . Fixed bug #72749 (wddx_deserialize allows illegal memory access) (Stas)
842 . Fixed bug #72750 (wddx_deserialize null dereference). (Stas)
843 . Fixed bug #72790 (wddx_deserialize null dereference with invalid xml).
844 (Stas)
845 . Fixed bug #72799 (wddx_deserialize null dereference in
846 php_wddx_pop_element). (Stas)
847
848- Zip:
849 . Fixed bug #72660 (NULL Pointer dereference in zend_virtual_cwd).
850 (Laruence)
851
85221 Jul 2016 PHP 7.0.9
853
854- Core:
855 . Fixed bug #72508 (strange references after recursive function call and
856 "switch" statement). (Laruence)
857 . Fixed bug #72513 (Stack-based buffer overflow vulnerability in
858 virtual_file_ex). (Stas)
859 . Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries
860 and applications). (Stas)
861
862- bz2:
863 . Fixed bug #72613 (Inadequate error handling in bzread()). (Stas)
864
865- CLI:
866 . Fixed bug #72484 (SCRIPT_FILENAME shows wrong path if the user specify
867 router.php). (Laruence)
868
869- COM:
870 . Fixed bug #72498 (variant_date_from_timestamp null dereference). (Anatol)
871
872- Curl:
873 . Fixed bug #72541 (size_t overflow lead to heap corruption). (Stas)
874
875- Date:
876 . Fixed bug #66836 (DateTime::createFromFormat 'U' with pre 1970 dates fails
877 parsing). (derick)
878
879- Exif:
880 . Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE).
881 (Stas)
882 . Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).
883 (Stas)
884
885- GD:
81- GD:
886 . Fixed bug #43475 (Thick styled lines have scrambled patterns). (cmb)
887 . Fixed bug #53640 (XBM images require width to be multiple of 8). (cmb)
888 . Fixed bug #64641 (imagefilledpolygon doesn't draw horizontal line). (cmb)
889 . Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read
890 access). (Pierre)
891 . Fixed bug #72519 (imagegif/output out-of-bounds access). (Pierre)
892 . Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()).
893 (Pierre)
894 . Fixed bug #72482 (Ilegal write/read access caused by gdImageAALine
895 overflow). (Pierre)
896 . Fixed bug #72494 (imagecropauto out-of-bounds access). (Pierre)
897
898- Intl:
899 . Fixed bug #72533 (locale_accept_from_http out-of-bounds access). (Stas)
900
901- Mbstring:
902 . Fixed bug #72405 (mb_ereg_replace - mbc_to_code (oniguruma) -
903 oob read access). (Laruence)
904 . Fixed bug #72399 (Use-After-Free in MBString (search_re)). (Laruence)
905
906- mcrypt:
907 . Fixed bug #72551, bug #72552 (In correct casting from size_t to int lead to
908 heap overflow in mdecrypt_generic). (Stas)
909
910- PDO_pgsql:
911 . Fixed bug #72570 (Segmentation fault when binding parameters on a query
912 without placeholders). (Matteo)
913
914- PCRE:
915 . Fixed bug #72476 (Memleak in jit_stack). (Laruence)
916 . Fixed bug #72463 (mail fails with invalid argument). (Anatol)
917
918- Readline:
919 . Fixed bug #72538 (readline_redisplay crashes php). (Laruence)
920
921- Standard:
922 . Fixed bug #72505 (readfile() mangles files larger than 2G). (Cschneid)
923 . Fixed bug #72306 (Heap overflow through proc_open and $env parameter).
924 (Laruence)
925
926- Session:
927 . Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow). (Laruence)
928 . Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session
929 Deserialization). (Stas)
930
931- SNMP:
932 . Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and
933 unserialize()). (Stas)
934
935- Streams:
936 . Fixed bug #72439 (Stream socket with remote address leads to a segmentation
937 fault). (Laruence)
938
939- XMLRPC:
940 . Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn
941 simplestring.c). (Stas)
942
943- Zip:
944 . Fixed bug #72520 (Stack-based buffer overflow vulnerability in
945 php_stream_zip_opener). (Stas)
946
94723 Jun 2016 PHP 7.0.8
948
949- Core:
950 . Fixed bug #72218 (If host name cannot be resolved then PHP 7 crashes).
951 (Esminis at esminis dot lt)
952 . Fixed bug #72221 (segfault, past-the-end access). (Lauri Kentt��)
953 . Fixed bug #72268 (Integer Overflow in nl2br()). (Stas)
954 . Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/
955 json_utf8_to_utf16()). (Stas)
956 . Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas)
957 . Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas)
958
959- Date:
960 . Fixed bug #63740 (strtotime seems to use both sunday and monday as start of
961 week). (Derick)
962
963- FPM:
964 . Fixed bug #72308 (fastcgi_finish_request and logging environment
965 variables). (Laruence)
966
967- GD:
968 . Fixed bug #66387 (Stack overflow with imagefilltoborder). (CVE-2015-8874)
969 (cmb)
970 . Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
971 . Fixed bug #72337 (invalid dimensions can lead to crash). (Pierre)
972 . Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in heap
973 overflow). (CVE-2016-5766) (Pierre)
974 . Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)
975 . Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting
976 in heap overflow). (CVE-2016-5767) (Pierre)
977
978- Intl:
979 . Fixed bug #70484 (selectordinal doesn't work with named parameters).
980 (Anatol)
981
982- mbstring:
983 . Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free).
984 (CVE-2016-5768) (Stas)
985
986- mcrypt:
987 . Fixed bug #72455 (Heap Overflow due to integer overflows). (CVE-2016-5769)
988 (Stas)
989
990- OpenSSL:
991 . Fixed bug #72140 (segfault after calling ERR_free_strings()).
992 (Jakub Zelenka)
993
994- PCRE:
995 . Fixed bug #72143 (preg_replace uses int instead of size_t). (Joe)
996
997- PDO_pgsql:
998 . Fixed bug #71573 (Segfault (core dumped) if paramno beyond bound).
999 (Laruence)
1000 . Fixed bug #72294 (Segmentation fault/invalid pointer in connection
1001 with pgsql_stmt_dtor). (Anatol)
1002
1003- Phar:
1004 . Fixed bug #72321 (invalid free in phar_extract_file()).
1005 (hji at dyntopia dot com)
1006
1007- Phpdbg:
1008 . Fixed bug #72284 (phpdbg fatal errors with coverage). (Bob)
1009
1010- Postgres:
1011 . Fixed bug #72195 (pg_pconnect/pg_connect cause use-after-free). (Laruence)
1012 . Fixed bug #72197 (pg_lo_create arbitrary read). (Anatol)
1013
1014- Standard:
1015 . Fixed bug #72369 (array_merge() produces references in PHP7). (Dmitry)
1016 . Fixed bug #72300 (ignore_user_abort(false) has no effect). (Laruence)
1017 . Fixed bug #72229 (Wrong reference when serialize/unserialize an object).
1018 (Laruence)
1019 . Fixed bug #72193 (dns_get_record returns array containing elements of
1020 type 'unknown'). (Laruence)
1021 . Fixed bug #72017 (range() with float step produces unexpected result).
1022 (Thomas Punt)
1023
1024- WDDX:
1025 . Fixed bug #72340 (Double Free Courruption in wddx_deserialize).
1026 (CVE-2016-5772) (Stas)
1027
1028- XML:
1029 . Fixed bug #72206 (xml_parser_create/xml_parser_free leaks mem). (Joe)
1030
1031- XMLRPC:
1032 . Fixed bug #72155 (use-after-free caused by get_zval_xmlrpc_type).
1033 (Joe, Laruence)
1034
1035- Zip:
1036 . Fixed ug #72258 (ZipArchive converts filenames to unrecoverable form).
1037 (Anatol)
1038 . Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC
1039 algorithm and unserialize). (CVE-2016-5773) (Dmitry)
1040
104126 May 2016 PHP 7.0.7
1042
1043- Core:
1044 . Fixed bug #72162 (use-after-free - error_reporting). (Laruence)
1045 . Add compiler option to disable special case function calls. (Joe)
1046 . Fixed bug #72101 (crash on complex code). (Dmitry)
1047 . Fixed bug #72100 (implode() inserts garbage into resulting string when
1048 joins very big integer). (Mikhail Galanin)
1049 . Fixed bug #72057 (PHP Hangs when using custom error handler and typehint).
1050 (Nikita Nefedov)
1051 . Fixed bug #72038 (Function calls with values to a by-ref parameter don't
1052 always throw a notice). (Bob)
1053 . Fixed bug #71737 (Memory leak in closure with parameter named $this).
1054 (Nikita)
1055 . Fixed bug #72059 (?? is not allowed on constant expressions). (Bob, Marcio)
1056 . Fixed bug #72159 (Imported Class Overrides Local Class Name). (Nikita)
1057
1058- Curl:
1059 . Fixed bug #68658 (Define CURLE_SSL_CACERT_BADFILE). (Pierrick)
1060
1061- DBA:
1062 . Fixed bug #72157 (use-after-free caused by dba_open). (Shm, Laruence)
1063
1064- GD:
1065 . Fixed bug #72227 (imagescale out-of-bounds read). (Stas)
1066
1067- Intl:
1068 . Fixed bug #64524 (Add intl.use_exceptions to php.ini-*). (Anatol)
1069 . Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (Stas)
1070
1071- JSON:
1072 . Fixed bug #72069 (Behavior \JsonSerializable different from json_encode).
1073 (Laruence)
1074
1075- Mbstring:
1076 . Fixed bug #72164 (Null Pointer Dereference - mb_ereg_replace). (Laruence)
1077
1078- OCI8:
1079 . Fixed bug #71600 (oci_fetch_all segfaults when selecting more than eight
1080 columns). (Tian Yang)
1081
1082- Opcache:
1083 . Fixed bug #72014 (Including a file with anonymous classes multiple times
1084 leads to fatal error). (Laruence)
1085
1086- OpenSSL:
1087 . Fixed bug #72165 (Null pointer dereference - openssl_csr_new). (Anatol)
1088
1089- PCNTL:
1090 . Fixed bug #72154 (pcntl_wait/pcntl_waitpid array internal structure
1091 overwrite). (Laruence)
1092
1093- POSIX:
1094 . Fixed bug #72133 (php_posix_group_to_array crashes if gr_passwd is NULL).
1095 (esminis at esminis dot lt)
1096
1097- Postgres:
1098 . Fixed bug #72028 (pg_query_params(): NULL converts to empty string).
1099 (Laruence)
1100 . Fixed bug #71062 (pg_convert() doesn't accept ISO 8601 for datatype
1101 timestamp). (denver at timothy dot io)
1102 . Fixed bug #72151 (mysqli_fetch_object changed behaviour). (Anatol)
1103
1104- Reflection:
1105 . Fixed bug #72174 (ReflectionProperty#getValue() causes __isset call).
1106 (Nikita)
1107
1108- Session:
1109 . Fixed bug #71972 (Cyclic references causing session_start(): Failed to
1110 decode session object). (Laruence)
1111
1112- Sockets:
1113 . Added socket_export_stream() function for getting a stream compatible
1114 resource from a socket resource. (Chris Wright, Bob)
1115
1116- SPL:
1117 . Fixed bug #72051 (The reference in CallbackFilterIterator doesn't work as
1118 expected). (Laruence)
1119
1120- SQLite3:
1121 . Fixed bug #68849 (bindValue is not using the right data type). (Anatol)
1122
1123- Standard:
1124 . Fixed bug #72075 (Referencing socket resources breaks stream_select).
1125 (Laruence)
1126 . Fixed bug #72031 (array_column() against an array of objects discards all
1127 values matching null). (Nikita)
1128
112928 Apr 2016 PHP 7.0.6
1130
1131- Core:
1132 . Fixed bug #71930 (_zval_dtor_func: Assertion `(arr)->gc.refcount <= 1'
1133 failed). (Laruence)
1134 . Fixed bug #71922 (Crash on assert(new class{})). (Nikita)
1135 . Fixed bug #71914 (Reference is lost in "switch"). (Laruence)
1136 . Fixed bug #71871 (Interfaces allow final and abstract functions). (Nikita)
1137 . Fixed Bug #71859 (zend_objects_store_call_destructors operates on realloced
1138 memory, crashing). (Laruence)
1139 . Fixed bug #71841 (EG(error_zval) is not handled well). (Laruence)
1140 . Fixed bug #71750 (Multiple Heap Overflows in php_raw_url_encode/
1141 php_url_encode). (Stas)
1142 . Fixed bug #71731 (Null coalescing operator and ArrayAccess). (Nikita)
1143 . Fixed bug #71609 (Segmentation fault on ZTS with gethostbyname). (krakjoe)
1144 . Fixed bug #71414 (Inheritance, traits and interfaces). (krakjoe)
1145 . Fixed bug #71359 (Null coalescing operator and magic). (krakjoe)
1146 . Fixed bug #71334 (Cannot access array keys while uksort()). (Nikita)
1147 . Fixed bug #69659 (ArrayAccess, isset() and the offsetExists method).
1148 (Nikita)
1149 . Fixed bug #69537 (__debugInfo with empty string for key gives error).
82 . Implemented imageresolution as getter and setter (Christoph)
83 . Fixed bug #74343 (compile fails on solaris 11 with system gd2 library).
1150 (krakjoe)
84 (krakjoe)
1151 . Fixed bug #62059 (ArrayObject and isset are not friends). (Nikita)
1152 . Fixed bug #71980 (Decorated/Nested Generator is Uncloseable in Finally).
1153 (Nikita)
1154
85
1155- BCmath:
1156 . Fixed bug #72093 (bcpowmod accepts negative scale and corrupts
1157 _one_ definition). (Stas)
1158
1159- Curl:
1160 . Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string).
1161 (Michael Sierks)
1162
1163- Date:
1164 . Fixed bug #71889 (DateInterval::format Segmentation fault). (Thomas Punt)
1165
1166- EXIF:
1167 . Fixed bug #72094 (Out of bounds heap read access in exif header processing). (Stas)
1168
1169- GD:
1170 . Fixed bug #71912 (libgd: signedness vulnerability). (CVE-2016-3074) (Stas)
1171
1172- Intl:
1173 . Fixed bug #71516 (IntlDateFormatter looses locale if pattern is set via
1174 constructor). (Anatol)
1175 . Fixed bug #70455 (Missing constant: IntlChar::NO_NUMERIC_VALUE). (Anatol)
1176 . Fixed bug #70451, #70452 (Inconsistencies in return values of IntlChar
1177 methods). (Daniel Persson)
1178 . Fixed bug #68893 (Stackoverflow in datefmt_create). (Anatol)
1179 . Fixed bug #66289 (Locale::lookup incorrectly returns en or en_US if locale
1180 is empty). (Anatol)
1181 . Fixed bug #70484 (selectordinal doesn't work with named parameters).
1182 (Anatol)
1183 . Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative
1184 offset). (Stas)
1185
1186- ODBC:
1187 . Fixed bug #63171 (Script hangs after max_execution_time). (Remi)
1188
1189- Opcache:
1190 . Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER).
1191 (Laruence)
1192
1193- PDO:
1194 . Fixed bug #52098 (Own PDOStatement implementation ignore __call()).
1195 (Daniel kalaspuffar, Julien)
1196 . Fixed bug #71447 (Quotes inside comments not properly handled). (Matteo)
1197
1198- PDO_DBlib:
1199 . Fixed bug #71943 (dblib_handle_quoter needs to allocate an extra byte).
1200 (Adam Baratz)
1201 . Add DBLIB-specific attributes for controlling timeouts. (Adam Baratz)
1202
1203- PDO_pgsql:
1204 . Fixed bug #62498 (pdo_pgsql inefficient when getColumnMeta() is used).
1205 (Joseph Bylund)
1206
1207- Postgres:
1208 . Fixed bug #71820 (pg_fetch_object binds parameters before call
1209 constructor). (Anatol)
1210 . Fixed bug #71998 (Function pg_insert does not insert when column
1211 type = inet). (Anatol)
1212
1213- SOAP:
1214 . Fixed bug #71986 (Nested foreach assign-by-reference creates broken
1215 variables). (Laruence)
1216
1217- SPL:
1218 . Fixed bug #71838 (Deserializing serialized SPLObjectStorage-Object can't
1219 access properties in PHP). (Nikita)
1220 . Fixed bug #71735 (Double-free in SplDoublyLinkedList::offsetSet). (Stas)
1221 . Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails
1222 offsetExists()). (Nikita)
1223 . Fixed bug #52339 (SPL autoloader breaks class_exists()). (Nikita)
1224
1225- Standard:
1226 . Fixed bug #71995 (Returning the same var twice from __sleep() produces
1227 broken serialized data). (Laruence)
1228 . Fixed bug #71940 (Unserialize crushes on restore object reference).
1229 (Laruence)
1230 . Fixed bug #71969 (str_replace returns an incorrect resulting array after
1231 a foreach by reference). (Laruence)
1232 . Fixed bug #71891 (header_register_callback() and
1233 register_shutdown_function()). (Laruence)
1234 . Fixed bug #71884 (Null pointer deref (segfault) in
1235 stream_context_get_default). (Laruence)
1236 . Fixed bug #71840 (Unserialize accepts wrongly data). (Ryat, Laruence)
1237 . Fixed bug #71837 (Wrong arrays behaviour). (Laruence)
1238 . Fixed bug #71827 (substr_replace bug, string length). (krakjoe)
1239 . Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or
1240 _REENTRANT is not defined). (Nikita)
1241 . Fixed bug #72116 (array_fill optimization breaks implementation). (Bob)
1242
1243- XML:
1244 . Fixed bug #72099 (xml_parse_into_struct segmentation fault). (Stas)
1245
1246- Zip:
1247 . Fixed bug #71923 (integer overflow in ZipArchive::getFrom*).
1248 (CVE-2016-3078) (Stas)
1249
125031 Mar 2016 PHP 7.0.5
1251
1252- Core:
1253 . Huge pages disabled by default. (Rasmus)
1254 . Added ability to enable huge pages in Zend Memory Manager through
1255 the environment variable USE_ZEND_ALLOC_HUGE_PAGES=1. (Dmitry)
1256 . Fixed bug #71756 (Call-by-reference widens scope to uninvolved functions
1257 when used in switch). (Laruence)
1258 . Fixed bug #71729 (Possible crash in zend_bin_strtod, zend_oct_strtod,
1259 zend_hex_strtod). (Laruence)
1260 . Fixed bug #71695 (Global variables are reserved before execution).
1261 (Laruence)
1262 . Fixed bug #71629 (Out-of-bounds access in php_url_decode in context
1263 php_stream_url_wrap_rfc2397). (mt at debian dot org)
1264 . Fixed bug #71622 (Strings used in pass-as-reference cannot be used to
1265 invoke C::$callable()). (Bob)
1266 . Fixed bug #71596 (Segmentation fault on ZTS with date function
1267 (setlocale)). (Anatol)
1268 . Fixed bug #71535 (Integer overflow in zend_mm_alloc_heap()). (Dmitry)
1269 . Fixed bug #71470 (Leaked 1 hashtable iterators). (Nikita)
1270 . Fixed bug #71575 (ISO C does not allow extra ���;��� outside of a function).
1271 (asgrim)
1272 . Fixed bug #71724 (yield from does not count EOLs). (Nikita)
1273 . Fixed bug #71767 (ReflectionMethod::getDocComment returns the wrong
1274 comment). (Grigorii Sokolik)
1275 . Fixed bug #71806 (php_strip_whitespace() fails on some numerical values).
1276 (Nikita)
1277 . Fixed bug #71624 (`php -R` (PHP_MODE_PROCESS_STDIN) is broken).
1278 (Sean DuBois)
1279
1280- CLI Server:
1281 . Fixed bug #69953 (Support MKCALENDAR request method). (Christoph)
1282
1283- Curl:
1284 . Fixed bug #71694 (Support constant CURLM_ADDED_ALREADY). (mpyw)
1285
1286- Date:
1287 . Fixed bug #71635 (DatePeriod::getEndDate segfault). (Thomas Punt)
1288
1289- Fileinfo:
1290 . Fixed bug #71527 (Buffer over-write in finfo_open with malformed magic
1291 file). (CVE-2015-8865) (Anatol)
1292
1293- libxml:
1294 . Fixed bug #71536 (Access Violation crashes php-cgi.exe). (Anatol)
1295
1296- mbstring:
1297 . Fixed bug #71906 (AddressSanitizer: negative-size-param (-1) in
1298 mbfl_strcut). (CVE-2016-4073) (Stas)
1299
1300- ODBC:
1301 . Fixed bug #47803, #69526 (Executing prepared statements is succesfull only
1302 for the first two statements). (einavitamar at gmail dot com, Anatol)
1303
1304- PCRE:
1305 . Fixed bug #71659 (segmentation fault in pcre running twig tests).
1306 (nish dot aravamudan at canonical dot com)
1307
1308- PDO_DBlib:
1309 . Fixed bug #54648 (PDO::MSSQL forces format of datetime fields).
1310 (steven dot lambeth at gmx dot de, Anatol)
1311
1312- Phar:
1313 . Fixed bug #71625 (Crash in php7.dll with bad phar filename). (Anatol)
1314 . Fixed bug #71317 (PharData fails to open specific file). (Jos Elstgeest)
1315 . Fixed bug #71860 (Invalid memory write in phar on filename with \0 in
1316 name). (CVE-2016-4072) (Stas)
1317
1318- phpdbg:
1319 . Fixed crash when advancing (except step) inside an internal function. (Bob)
1320
1321- Session:
1322 . Fixed bug #71683 (Null pointer dereference in zend_hash_str_find_bucket).
1323 (Yasuo)
1324
1325- SNMP:
1326 . Fixed bug #71704 (php_snmp_error() Format String Vulnerability).
1327 (CVE-2016-4071) (andrew at jmpesp dot org)
1328
1329- SPL:
1330 . Fixed bug #71617 (private properties lost when unserializing ArrayObject).
1331 (Nikita)
1332
1333- Standard:
1334 . Fixed bug #71660 (array_column behaves incorrectly after foreach by
1335 reference). (Laruence)
1336 . Fixed bug #71798 (Integer Overflow in php_raw_url_encode). (CVE-2016-4070)
1337 (taoguangchen at icloud dot com, Stas)
1338
1339- Zip:
1340 . Update bundled libzip to 1.1.2. (Remi, Anatol)
1341
134203 Mar 2016 PHP 7.0.4
1343
1344- Core:
1345 . Fixed bug (Low probability segfault in zend_arena). (Laruence)
1346 . Fixed bug #71441 (Typehinted Generator with return in try/finally crashes).
1347 (Bob)
1348 . Fixed bug #71442 (forward_static_call crash). (Laruence)
1349 . Fixed bug #71443 (Segfault using built-in webserver with intl using
1350 symfony). (Laruence)
1351 . Fixed bug #71449 (An integer overflow bug in php_implode()). (Stas)
1352 . Fixed bug #71450 (An integer overflow bug in php_str_to_str_ex()). (Stas)
1353 . Fixed bug #71474 (Crash because of VM stack corruption on Magento2).
1354 (Dmitry)
1355 . Fixed bug #71485 (Return typehint on internal func causes Fatal error
1356 when it throws exception). (Laruence)
1357 . Fixed bug #71529 (Variable references on array elements don't work when
1358 using count). (Nikita)
1359 . Fixed bug #71601 (finally block not executed after yield from). (Bob)
1360 . Fixed bug #71637 (Multiple Heap Overflow due to integer overflows in
1361 xml/filter_url/addcslashes). (CVE-2016-4344, CVE-2016-4345, CVE-2016-4346)
1362 (Stas)
1363
1364- CLI server:
1365 . Fixed bug #71559 (Built-in HTTP server, we can download file in web by bug).
1366 (Johannes, Anatol)
1367
1368- CURL:
1369 . Fixed bug #71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes
1370 while curl_multi_exec). (Laruence)
1371 . Fixed memory leak in curl_getinfo(). (Leigh)
1372
1373- Date:
1374 . Fixed bug #71525 (Calls to date_modify will mutate timelib_rel_time,
1375 causing date_date_set issues). (Sean DuBois)
1376
1377- Fileinfo:
1378 . Fixed bug #71434 (finfo throws notice for specific python file). (Laruence)
1379
1380- FPM:
1381 . Fixed bug #62172 (FPM not working with Apache httpd 2.4 balancer/fcgi
1382 setup). (Matt Haught, Remi)
1383 . Fixed bug #71269 (php-fpm dumped core). (Micka��l)
1384
1385- Opcache:
1386 . Fixed bug #71584 (Possible use-after-free of ZCG(cwd) in Zend Opcache).
1387 (Yussuf Khalil)
1388
1389- PCRE:
1390 . Fixed bug #71537 (PCRE segfault from Opcache). (Laruence)
1391
1392- phpdbg:
1393 . Fixed inherited functions from unspecified files being included in
1394 phpdbg_get_executable(). (Bob)
1395
1396- SOAP:
1397 . Fixed bug #71610 (Type Confusion Vulnerability - SOAP /
1398 make_http_soap_request()). (CVE-2016-3185) (Stas)
1399
1400- Standard:
1401 . Fixed bug #71603 (compact() maintains references in php7). (Laruence)
1402 . Fixed bug #70720 (strip_tags improper php code parsing). (Julien)
1403
1404- XMLRPC:
1405 . Fixed bug #71501 (xmlrpc_encode_request ignores encoding option). (Hieu Le)
1406
1407- Zip:
1408 . Fixed bug #71561 (NULL pointer dereference in Zip::ExtractTo). (Laruence)
1409
141004 Feb 2016 PHP 7.0.3
1411
1412- Core:
1413 . Added support for new HTTP 451 code. (Julien)
1414 . Fixed bug #71039 (exec functions ignore length but look for NULL
1415 termination). (Anatol)
1416 . Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
1417 . Fixed bug #71201 (round() segfault on 64-bit builds). (Anatol)
1418 . Fixed bug #71221 (Null pointer deref (segfault) in get_defined_vars via
1419 ob_start). (hugh at allthethings dot co dot nz)
1420 . Fixed bug #71248 (Wrong interface is enforced). (Dmitry)
1421 . Fixed bug #71273 (A wrong ext directory setup in php.ini leads to crash).
1422 (Anatol)
1423 . Fixed Bug #71275 (Bad method called on cloning an object having a trait).
1424 (Bob)
1425 . Fixed bug #71297 (Memory leak with consecutive yield from). (Bob)
1426 . Fixed bug #71300 (Segfault in zend_fetch_string_offset). (Laruence)
1427 . Fixed bug #71314 (var_export(INF) prints INF.0). (Andrea)
1428 . Fixed bug #71323 (Output of stream_get_meta_data can be falsified by its
1429 input). (Leo Gaspard)
1430 . Fixed bug #71336 (Wrong is_ref on properties as exposed via
1431 get_object_vars()). (Laruence)
1432 . Fixed bug #71459 (Integer overflow in iptcembed()). (Stas)
1433
1434- Apache2handler:
1435 . Fix >2G Content-Length headers in apache2handler. (Adam Harvey)
1436
1437- CURL:
1438 . Fixed bug #71227 (Can't compile php_curl statically). (Anatol)
1439 . Fixed bug #71225 (curl_setopt() fails to set CURLOPT_POSTFIELDS with
1440 reference to CURLFile). (Laruence)
1441
1442- GD:
1443 . Improved fix for bug #70976. (Remi)
1444
1445- Interbase:
1446 . Fixed Bug #71305 (Crash when optional resource is omitted).
1447 (Laruence, Anatol)
1448
1449- LDAP:
1450 . Fixed bug #71249 (ldap_mod_replace/ldap_mod_add store value as string
1451 "Array"). (Laruence)
1452
1453- mbstring:
1454 . Fixed bug #71397 (mb_send_mail segmentation fault). (Andrea, Yasuo)
1455
1456- OpenSSL:
1457 . Fixed bug #71475 (openssl_seal() uninitialized memory usage). (Stas)
1458
1459- PCRE:
1460 . Upgraded pcrelib to 8.38. (CVE-2015-8383, CVE-2015-8386, CVE-2015-8387,
1461 CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394)
1462
1463- Phar:
1464 . Fixed bug #71354 (Heap corruption in tar/zip/phar parser). (CVE-2016-4342)
1465 (Stas)
1466 . Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()).
1467 (CVE-2016-4343) (Stas)
1468 . Fixed bug #71391 (NULL Pointer Dereference in phar_tar_setupmetadata()).
1469 (Stas)
1470 . Fixed bug #71488 (Stack overflow when decompressing tar archives).
1471 (CVE-2016-2554) (Stas)
1472
1473- SOAP:
1474 . Fixed bug #70979 (crash with bad soap request). (Anatol)
1475
1476- SPL:
1477 . Fixed bug #71204 (segfault if clean spl_autoload_funcs while autoloading).
1478 (Laruence)
1479 . Fixed bug #71202 (Autoload function registered by another not activated
1480 immediately). (Laruence)
1481 . Fixed bug #71311 (Use-after-free vulnerability in SPL(ArrayObject,
1482 unserialize)). (Sean Heelan)
1483 . Fixed bug #71313 (Use-after-free vulnerability in SPL(SplObjectStorage,
1484 unserialize)). (Sean Heelan)
1485
1486- Standard:
1487 . Fixed bug #71287 (Error message contains hexadecimal instead of decimal
1488 number). (Laruence)
1489 . Fixed bug #71264 (file_put_contents() returns unexpected value when
1490 filesystem runs full). (Laruence)
1491 . Fixed bug #71245 (file_get_contents() ignores "header" context option if
1492 it's a reference). (Laruence)
1493 . Fixed bug #71220 (Null pointer deref (segfault) in compact via ob_start).
1494 (hugh at allthethings dot co dot nz)
1495 . Fixed bug #71190 (substr_replace converts integers in original $search
1496 array to strings). (Laruence)
1497 . Fixed bug #71188 (str_replace converts integers in original $search array
1498 to strings). (Laruence)
1499 . Fixed bug #71132, #71197 (range() segfaults). (Thomas Punt)
1500
1501- WDDX:
1502 . Fixed bug #71335 (Type Confusion in WDDX Packet Deserialization). (Stas)
1503
150407 Jan 2016 PHP 7.0.2
1505
1506- Core:
1507 . Fixed bug #71165 (-DGC_BENCH=1 doesn't work on PHP7).
1508 (y dot uchiyama dot 1015 at gmail dot com)
1509 . Fixed bug #71163 (Segmentation Fault: cleanup_unfinished_calls). (Laruence)
1510 . Fixed bug #71109 (ZEND_MOD_CONFLICTS("xdebug") doesn't work). (Laruence)
1511 . Fixed bug #71092 (Segmentation fault with return type hinting). (Laruence)
1512 . Fixed bug memleak in header_register_callback. (Laruence)
1513 . Fixed bug #71067 (Local object in class method stays in memory for each
1514 call). (Laruence)
1515 . Fixed bug #66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky)
1516 . Fixed bug #70781 (Extension tests fail on dynamic ext dependency).
1517 (Francois Laupretre)
1518 . Fixed bug #71089 (No check to duplicate zend_extension). (Remi)
1519 . Fixed bug #71086 (Invalid numeric literal parse error within
1520 highlight_string() function). (Nikita)
1521 . Fixed bug #71154 (Incorrect HT iterator invalidation causes iterator reuse).
1522 (Nikita)
1523 . Fixed bug #52355 (Negating zero does not produce negative zero). (Andrea)
1524 . Fixed bug #66179 (var_export() exports float as integer). (Andrea)
1525 . Fixed bug #70804 (Unary add on negative zero produces positive zero).
1526 (Andrea)
1527
1528- CURL:
1529 . Fixed bug #71144 (Sementation fault when using cURL with ZTS).
1530 (Michael Maroszek, Laruence)
1531
1532- DBA:
1533 . Fixed key leak with invalid resource. (Laruence)
1534
1535- Filter:
1536 . Fixed bug #71063 (filter_input(INPUT_ENV, ..) does not work). (Reeze Xia)
1537
1538- FPM:
1539 . Fixed bug #70755 (fpm_log.c memory leak and buffer overflow). (Stas)
1540
1541- FTP:
1542 . Implemented FR #55651 (Option to ignore the returned FTP PASV address).
1543 (abrender at elitehosts dot com)
1544
1545- GD:
1546 . Fixed bug #70976 (Memory Read via gdImageRotateInterpolated Array Index
1547 Out of Bounds). (CVE-2016-1903) (emmanuel dot law at gmail dot com)
1548
1549- Mbstring:
1550 . Fixed bug #71066 (mb_send_mail: Program terminated with signal SIGSEGV,
1551 Segmentation fault). (Laruence)
1552
1553- Opcache:
1554 . Fixed bug #71127 (Define in auto_prepend_file is overwrite). (Laruence)
1555
1556- PCRE:
1557 . Fixed bug #71178 (preg_replace with arrays creates [0] in replace array
1558 if not already set). (Laruence)
1559
1560- Readline:
1561 . Fixed bug #71094 (readline_completion_function corrupts static array on
1562 second TAB). (Nikita)
1563
1564- Session:
1565 . Fixed bug #71122 (Session GC may not remove obsolete session data). (Yasuo)
1566
1567- SPL:
1568 . Fixed bug #71077 (ReflectionMethod for ArrayObject constructor returns
1569 wrong number of parameters). (Laruence)
1570 . Fixed bug #71153 (Performance Degradation in ArrayIterator with large
1571 arrays). (Nikita)
1572
1573- Standard:
1574 . Fixed bug #71270 (Heap BufferOver Flow in escapeshell functions).
1575 (CVE-2016-1904) (emmanuel dot law at gmail dot com)
1576
1577- WDDX:
1578 . Fixed bug #70661 (Use After Free Vulnerability in WDDX Packet
1579 Deserialization). (taoguangchen at icloud dot com)
1580 . Fixed bug #70741 (Session WDDX Packet Deserialization Type Confusion
1581 Vulnerability). (taoguangchen at icloud dot com)
1582
1583- XMLRPC:
1584 . Fixed bug #70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker).
1585 (Julien)
1586
158717 Dec 2015, PHP 7.0.1
1588
1589- Core:
1590 . Fixed bug #71105 (Format String Vulnerability in Class Name Error Message).
1591 (CVE-2015-8617) (andrew at jmpesp dot org)
1592 . Fixed bug #70831 (Compile fails on system with 160 CPUs). (Daniel Axtens)
1593 . Fixed bug #71006 (symbol referencing errors on Sparc/Solaris). (Dmitry)
1594 . Fixed bug #70997 (When using parentClass:: instead of parent::, static
1595 context changed). (Dmitry)
1596 . Fixed bug #70970 (Segfault when combining error handler with output
1597 buffering). (Laruence)
1598 . Fixed bug #70967 (Weird error handling for __toString when Error is
1599 thrown). (Laruence)
1600 . Fixed bug #70958 (Invalid opcode while using ::class as trait method
1601 paramater default value). (Laruence)
1602 . Fixed bug #70944 (try{ } finally{} can create infinite chains of
1603 exceptions). (Laruence)
1604 . Fixed bug #70931 (Two errors messages are in conflict). (dams, Laruence)
1605 . Fixed bug #70904 (yield from incorrectly marks valid generator as
1606 finished). (Bob)
1607 . Fixed bug #70899 (buildconf failure in extensions). (Bob, Reeze)
1608 . Fixed bug #61751 (SAPI build problem on AIX: Undefined symbol:
1609 php_register_internal_extensions). (Lior Kaplan)
1610 . Fixed \int (or generally every scalar type name with leading backslash)
1611 to not be accepted as type name. (Bob)
1612 . Fixed exception not being thrown immediately into a generator yielding
1613 from an array. (Bob)
1614 . Fixed bug #70987 (static::class within Closure::call() causes segfault).
1615 (Andrea)
1616 . Fixed bug #71013 (Incorrect exception handler with yield from). (Bob)
1617 . Fixed double free in error condition of format printer. (Bob)
1618
1619- CLI server:
1620 . Fixed bug #71005 (Segfault in php_cli_server_dispatch_router()). (Adam)
1621
1622- Intl:
1623 . Fixed bug #71020 (Use after free in Collator::sortWithSortKeys).
1624 (CVE-2015-8616) (emmanuel dot law at gmail dot com, Laruence)
1625
1626- Mysqlnd:
1627 . Fixed bug #68077 (LOAD DATA LOCAL INFILE / open_basedir restriction).
1628 (Laruence)
1629 . Fixed bug #68344 (MySQLi does not provide way to disable peer certificate
1630 validation) by introducing MYSQLI_CLIENT_SSL_DONT_VERIFY_SERVER_CERT
1631 connection flag. (Andrey)
1632
1633- OCI8:
1634 . Fixed LOB implementation size_t/zend_long mismatch reported by gcov.
1635 (Senthil)
1636
1637- Opcache:
1638 . Fixed bug #71024 (Unable to use PHP 7.0 x64 side-by-side with PHP 5.6 x32
1639 on the same server). (Anatol)
1640 . Fixed bug #70991 (zend_file_cache.c:710: error: array type has incomplete
1641 element type). (Laruence)
1642 . Fixed bug #70977 (Segmentation fault with opcache.huge_code_pages=1).
1643 (Laruence)
1644
1645- PDO_Firebird:
1646 . Fixed bug #60052 (Integer returned as a 64bit integer on X64_86). (Mariuz)
1647
1648- Phpdbg:
1649 . Fixed stderr being written to stdout. (Bob)
1650
1651- Reflection:
1652 . Fixed bug #71018 (ReflectionProperty::setValue() behavior changed).
1653 (Laruence)
1654 . Fixed bug #70982 (setStaticPropertyValue behaviors inconsistently with
1655 5.6). (Laruence)
1656
1657- Soap:
1658 . Fixed bug #70993 (Array key references break argument processing).
1659 (Laruence)
1660
1661- SPL:
1662 . Fixed bug #71028 (Undefined index with ArrayIterator). (Laruence)
1663
1664- SQLite3:
1665 . Fixed bug #71049 (SQLite3Stmt::execute() releases bound parameter instead
1666 of internal buffer). (Laruence)
1667
1668- Standard:
1669 . Fixed bug #70999 (php_random_bytes: called object is not a function).
1670 (Scott)
1671 . Fixed bug #70960 (ReflectionFunction for array_unique returns wrong number
1672 of parameters). (Laruence)
1673
1674- Streams/Socket:
1675 . Add IPV6_V6ONLY constant / make it usable in stream contexts. (Bob)
1676
167703 Dec 2015, PHP 7.0.0
1678
1679- Core:
1680 . Fixed bug #70947 (INI parser segfault with INI_SCANNER_TYPED). (Laruence)
1681 . Fixed bug #70914 (zend_throw_or_error() format string vulnerability).
1682 (Taoguang Chen)
1683 . Fixed bug #70912 (Null ptr dereference instantiating class with invalid
1684 array property). (Laruence)
1685 . Fixed bug #70895, #70898 (null ptr deref and segfault with crafted calable).
1686 (Anatol, Laruence)
1687 . Fixed bug #70249 (Segmentation fault while running PHPUnit tests on
1688 phpBB 3.2-dev). (Laruence)
1689 . Fixed bug #70805 (Segmentation faults whilst running Drupal 8 test suite).
1690 (Dmitry, Laruence)
1691 . Fixed bug #70842 (Persistent Stream Segmentation Fault). (Caleb Champlin)
1692 . Fixed bug #70862 (Several functions do not check return code of
1693 php_stream_copy_to_mem()). (Anatol)
1694 . Fixed bug #70863 (Incorect logic to increment_function for proxy objects).
1695 (Anatol)
1696 . Fixed bug #70323 (Regression in zend_fetch_debug_backtrace() can cause
1697 segfaults). (Aharvey, Laruence)
1698 . Fixed bug #70873 (Regression on private static properties access).
1699 (Laruence)
1700 . Fixed bug #70748 (Segfault in ini_lex () at Zend/zend_ini_scanner.l).
1701 (Laruence)
1702 . Fixed bug #70689 (Exception handler does not work as expected). (Laruence)
1703 . Fixed bug #70430 (Stack buffer overflow in zend_language_parser()). (Nikita)
1704 . Fixed bug #70782 (null ptr deref and segfault (zend_get_class_fetch_type)).
1705 (Nikita)
1706 . Fixed bug #70785 (Infinite loop due to exception during identical
1707 comparison). (Laruence)
1708 . Fixed bug #70630 (Closure::call/bind() crash with ReflectionFunction->
1709 getClosure()). (Dmitry, Bob)
1710 . Fixed bug #70662 (Duplicate array key via undefined index error handler).
1711 (Nikita)
1712 . Fixed bug #70681 (Segfault when binding $this of internal instance method
1713 to null). (Nikita)
1714 . Fixed bug #70685 (Segfault for getClosure() internal method rebind with
1715 invalid $this). (Nikita)
1716 . Added zend_internal_function.reserved[] fields. (Dmitry)
1717 . Fixed bug #70557 (Memleak on return type verifying failed). (Laruence)
1718 . Fixed bug #70555 (fun_get_arg() on unsetted vars return UNKNOW). (Laruence)
1719 . Fixed bug #70548 (Redundant information printed in case of uncaught engine
1720 exception). (Laruence)
1721 . Fixed bug #70547 (unsetting function variables corrupts backtrace).
1722 (Laruence)
1723 . Fixed bug #70528 (assert() with instanceof adds apostrophes around class
1724 name). (Laruence)
1725 . Fixed bug #70481 (Memory leak in auto_global_copy_ctor() in ZTS build).
1726 (Laruence)
1727 . Fixed bug #70431 (Memory leak in php_ini.c). (Senthil, Laruence)
1728 . Fixed bug #70478 (**= does no longer work). (Bob)
1729 . Fixed bug #70398 (SIGSEGV, Segmentation fault zend_ast_destroy_ex).
1730 (Dmitry, Bob, Laruence)
1731 . Fixed bug #70332 (Wrong behavior while returning reference on object).
1732 (Laruence, Dmitry)
1733 . Fixed bug #70300 (Syntactical inconsistency with new group use syntax).
1734 (marcio dot web2 at gmail dot com)
1735 . Fixed bug #70321 (Magic getter breaks reference to array property).
1736 (Laruence)
1737 . Fixed bug #70187 (Notice: unserialize(): Unexpected end of serialized
1738 data). (Dmitry)
1739 . Fixed bug #70145 (From field incorrectly parsed from headers). (Anatol)
1740 . Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10 when
1741 building extensions). (Adam)
1742 . Fixed bug causing exception traces with anon classes to be truncated. (Bob)
1743 . Fixed bug #70397 (Segmentation fault when using Closure::call and yield).
1744 (Bob)
1745 . Fixed bug #70299 (Memleak while assigning object offsetGet result).
1746 (Laruence)
1747 . Fixed bug #70288 (Apache crash related to ZEND_SEND_REF). (Laruence)
1748 . Fixed bug #70262 (Accessing array crashes PHP 7.0beta3).
1749 (Laruence, Dmitry)
1750 . Fixed bug #70258 (Segfault if do_resize fails to allocated memory).
1751 (Laruence)
1752 . Fixed bug #70253 (segfault at _efree () in zend_alloc.c:1389). (Laruence)
1753 . Fixed bug #70240 (Segfault when doing unset($var());). (Laruence)
1754 . Fixed bug #70223 (Incrementing value returned by magic getter). (Laruence)
1755 . Fixed bug #70215 (Segfault when __invoke is static). (Bob)
1756 . Fixed bug #70207 (Finally is broken with opcache). (Laruence, Dmitry)
1757 . Fixed bug #70173 (ZVAL_COPY_VALUE_EX broken for 32bit Solaris Sparc).
1758 (Laruence, cmb)
1759 . Fixed bug #69487 (SAPI may truncate POST data). (cmb)
1760 . Fixed bug #70198 (Checking liveness does not work as expected).
1761 (Shafreeck Sea, Anatol Belski)
1762 . Fixed bug #70241,#70293 (Skipped assertions affect Generator returns). (Bob)
1763 . Fixed bug #70239 (Creating a huge array doesn't result in exhausted,
1764 but segfault). (Laruence, Anatol)
1765 . Fixed "finally" issues. (Nikita, Dmitry)
1766 . Fixed bug #70098 (Real memory usage doesn't decrease). (Dmitry)
1767 . Fixed bug #70159 (__CLASS__ is lost in closures). (Julien)
1768 . Fixed bug #70156 (Segfault in zend_find_alias_name). (Laruence)
1769 . Fixed bug #70124 (null ptr deref / seg fault in ZEND_HANDLE_EXCEPTION).
1770 (Laruence)
1771 . Fixed bug #70117 (Unexpected return type error). (Laruence)
1772 . Fixed bug #70106 (Inheritance by anonymous class). (Bob)
1773 . Fixed bug #69674 (SIGSEGV array.c:953). (cmb)
1774 . Fixed bug #70164 (__COMPILER_HALT_OFFSET__ under namespace is not defined).
1775 (Bob)
1776 . Fixed bug #70108 (sometimes empty $_SERVER['QUERY_STRING']). (Anatol)
1777 . Fixed bug #70179 ($this refcount issue). (Bob)
1778 . Fixed bug #69896 ('asm' operand has impossible constraints). (Anatol)
1779 . Fixed bug #70183 (null pointer deref (segfault) in zend_eval_const_expr).
1780 (Hugh Davenport)
1781 . Fixed bug #70182 (Segfault in ZEND_ASSIGN_DIV_SPEC_CV_UNUSED_HANDLER).
1782 (Hugh Davenport)
1783 . Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive
1784 method calls). (Stas)
1785 . Fixed bug #69892 (Different arrays compare indentical due to integer key
1786 truncation). (Nikita)
1787 . Fixed bug #70121 (unserialize() could lead to unexpected methods execution
1788 / NULL pointer deref). (Stas)
1789 . Fixed bug #70089 (segfault at ZEND_FETCH_DIM_W_SPEC_VAR_CONST_HANDLER ()).
1790 (Laruence)
1791 . Fixed bug #70057 (Build failure on 32-bit Mac OS X 10.6.8: recursive
1792 inlining). (Laruence)
1793 . Fixed bug #70012 (Exception lost with nested finally block). (Laruence)
1794 . Fixed bug #69996 (Changing the property of a cloned object affects the
1795 original). (Dmitry, Laruence)
1796 . Fixed bug #70083 (Use after free with assign by ref to overloaded objects).
1797 (Bob)
1798 . Fixed bug #70006 (cli - function with default arg = STDOUT crash output).
1799 (Laruence)
1800 . Fixed bug #69521 (Segfault in gc_collect_cycles()).
1801 (arjen at react dot com, Laruence)
1802 . Improved zend_string API. (Francois Laupretre)
1803 . Fixed bug #69955 (Segfault when trying to combine [] and assign-op on
1804 ArrayAccess object). (Laruence)
1805 . Fixed bug #69957 (Different ways of handling div/mod/intdiv). (Bob)
1806 . Fixed bug #69900 (Too long timeout on pipes). (Anatol)
1807 . Fixed bug #69872 (uninitialised value in strtr with array). (Laruence)
1808 . Fixed bug #69868 (Invalid read of size 1 in zend_compile_short_circuiting).
1809 (Laruence)
1810 . Fixed bug #69849 (Broken output of apache_request_headers). (Kalle)
1811 . Fixed bug #69840 (iconv_substr() doesn't work with UTF-16BE). (Kalle)
1812 . Fixed bug #69823 (PHP 7.0.0alpha1 segmentation fault when exactly 33
1813 extensions are loaded). (Laruence)
1814 . Fixed bug #69805 (null ptr deref and seg fault in zend_resolve_class_name).
1815 (Laruence)
1816 . Fixed bug #69802 (Reflection on Closure::__invoke borks type hint class
1817 name). (Dmitry)
1818 . Fixed bug #69761 (Serialization of anonymous classes should be prevented).
1819 (Laruence)
1820 . Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation
1821 fault). (Christoph M. Becker)
1822 . Fixed bug #69781 (phpinfo() reports Professional Editions of Windows
1823 7/8/8.1/10 as "Business"). (Christian Wenz)
1824 . Fixed bug #69835 (phpinfo() does not report many Windows SKUs).
1825 (Christian Wenz)
1826 . Fixed bug #69889 (Null coalesce operator doesn't work for string offsets).
1827 (Nikita)
1828 . Fixed bug #69891 (Unexpected array comparison result). (Nikita)
1829 . Fixed bug #69892 (Different arrays compare indentical due to integer key
1830 truncation). (Nikita)
1831 . Fixed bug #69893 (Strict comparison between integer and empty string keys
1832 crashes). (Nikita)
1833 . Fixed bug #69767 (Default parameter value with wrong type segfaults).
1834 (cmb, Laruence)
1835 . Fixed bug #69756 (Fatal error: Nesting level too deep - recursive dependency
1836 ? with ===). (Dmitry, Laruence)
1837 . Fixed bug #69758 (Item added to array not being removed by array_pop/shift
1838 ). (Laruence)
1839 . Fixed bug #68475 (Add support for $callable() sytnax with 'Class::method').
1840 (Julien, Aaron Piotrowski)
1841 . Fixed bug #69485 (Double free on zend_list_dtor). (Laruence)
1842 . Fixed bug #69427 (Segfault on magic method __call of private method in
1843 superclass). (Laruence)
1844 . Improved __call() and __callStatic() magic method handling. Now they are
1845 called in a stackless way using ZEND_CALL_TRAMPOLINE opcode, without
1846 additional stack frame. (Laruence, Dmitry)
1847 . Optimized strings concatenation. (Dmitry, Laruence)
1848 . Fixed weird operators behavior. Division by zero now emits warning and
1849 returns +/-INF, modulo by zero and intdid() throws an exception, shifts
1850 by negative offset throw exceptions. Compile-time evaluation of division
1851 by zero is disabled. (Dmitry, Andrea, Nikita)
1852 . Fixed bug #69371 (Hash table collision leads to inaccessible array keys).
1853 (Laruence)
1854 . Fixed bug #68933 (Invalid read of size 8 in zend_std_read_property).
1855 (Laruence, arjen at react dot com)
1856 . Fixed bug #68252 (segfault in Zend/zend_hash.c in function
1857 _zend_hash_del_el). (Laruence)
1858 . Fixed bug #65598 (Closure executed via static autoload incorrectly marked as
1859 static). (Nikita)
1860 . Fixed bug #66811 (Cannot access static::class in lambda, writen outside of a
1861 class). (Nikita)
1862 . Fixed bug #69568 (call a private function in closure failed). (Nikita)
1863 . Added PHP_INT_MIN constant. (Andrea)
1864 . Added Closure::call() method. (Andrea)
1865 . Fixed bug #67959 (Segfault when calling phpversion('spl')). (Florian)
1866 . Implemented the RFC `Catchable "Call to a member function bar() on a
1867 non-object"`. (Timm)
1868 . Added options parameter for unserialize allowing to specify acceptable
1869 classes (https://wiki.php.net/rfc/secure_unserialize). (Stas)
1870 . Fixed bug #63734 (Garbage collector can free zvals that are still
1871 referenced). (Dmitry)
1872 . Removed ZEND_ACC_FINAL_CLASS, promoting ZEND_ACC_FINAL as final class
1873 modifier. (Guilherme Blanco)
1874 . is_long() & is_integer() is now an alias of is_int(). (Kalle)
1875 . Implemented FR #55467 (phpinfo: PHP Variables with $ and single quotes). (Kalle)
1876 . Added ?? operator. (Andrea)
1877 . Added <=> operator. (Andrea)
1878 . Added \u{xxxxx} Unicode Codepoint Escape Syntax. (Andrea)
1879 . Fixed oversight where define() did not support arrays yet const syntax did.
1880 (Andrea, Dmitry)
1881 . Use "integer" and "float" instead of "long" and "double" in ZPP, type hint
1882 and conversion error messages. (Andrea)
1883 . Implemented FR #55428 (E_RECOVERABLE_ERROR when output buffering in output
1884 buffering handler). (Kalle)
1885 . Removed scoped calls of non-static methods from an incompatible $this
1886 context. (Nikita)
1887 . Removed support for #-style comments in ini files. (Nikita)
1888 . Removed support for assigning the result of new by reference. (Nikita)
1889 . Invalid octal literals in source code now produce compile errors, fixes
1890 PHPSadness #31. (Andrea)
1891 . Removed dl() function on fpm-fcgi. (Nikita)
1892 . Removed support for hexadecimal numeric strings. (Nikita)
1893 . Removed obsolete extensions and SAPIs. See the full list in UPGRADING. (Anatol)
1894 . Added NULL byte protection to exec, system and passthru. (Yasuo)
1895 . Added error_clear_last() function. (Reeze Xia)
1896 . Fixed bug #68797 (Number 2.2250738585072012e-308 converted incorrectly).
1897 (Anatol)
1898 . Improved zend_qsort(using hybrid sorting algo) for better performance,
1899 and also renamed zend_qsort to zend_sort. (Laruence)
1900 . Added stable sorting algo zend_insert_sort. (Laruence)
1901 . Improved zend_memnchr(using sunday algo) for better performance. (Laruence)
1902 . Implemented the RFC `Scalar Type Decalarations v0.5`. (Anthony)
1903 . Implemented the RFC `Group Use Declarations`. (Marcio)
1904 . Implemented the RFC `Continue Output Buffering`. (Mike)
1905 . Implemented the RFC `Constructor behaviour of internal classes`. (Dan, Dmitry)
1906 . Implemented the RFC `Fix "foreach" behavior`. (Dmitry)
1907 . Implemented the RFC `Generator Delegation`. (Bob)
1908 . Implemented the RFC `Anonymous Class Support`. (Joe, Nikita, Dmitry)
1909 . Implemented the RFC `Context Sensitive Lexer`. (Marcio Almada)
1910 . Fixed bug #69511 (Off-by-one buffer overflow in php_sys_readlink).
1911 (Jan Starke, Anatol)
1912
1913- CLI server:
1914 . Fixed bug #68291 (404 on urls with '+'). (cmb)
1915 . Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE).
1916 (wusuopu, cmb)
1917 . Fixed bug #70264 (CLI server directory traversal). (cmb)
1918 . Fixed bug #69655 (php -S changes MKCALENDAR request method to MKCOL). (cmb)
1919 . Fixed bug #64878 (304 responses return Content-Type header). (cmb)
1920 . Refactor MIME type handling to use a hash table instead of linear search.
1921 (Adam)
1922 . Update the MIME type list from the one shipped by Apache HTTPD. (Adam)
1923 . Added support for SEARCH WebDav method. (Mats Lindh)
1924
1925- COM:
1926 . Fixed bug #69939 (Casting object to bool returns false). (Kalle)
1927
1928- Curl:
1929 . Fixed bug #70330 (Segmentation Fault with multiple "curl_copy_handle").
1930 (Laruence)
1931 . Fixed bug #70163 (curl_setopt_array() type confusion). (Laruence)
1932 . Fixed bug #70065 (curl_getinfo() returns corrupted values). (Anatol)
1933 . Fixed bug #69831 (Segmentation fault in curl_getinfo). (im dot denisenko at
1934 yahoo dot com)
1935 . Fixed bug #68937 (Segfault in curl_multi_exec). (Laruence)
1936 . Removed support for unsafe file uploads. (Nikita)
1937
1938- Date:
1939 . Fixed bug #70245 (strtotime does not emit warning when 2nd parameter is
1940 object or string). (cmb)
1941 . Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to
1942 be optional). (cmb)
1943 . Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte).
1944 (cmb)
1945 . Fixed day_of_week function as it could sometimes return negative values
1946 internally. (Derick)
1947 . Removed $is_dst parameter from mktime() and gmmktime(). (Nikita)
1948 . Removed date.timezone warning
1949 (https://wiki.php.net/rfc/date.timezone_warning_removal). (Bob)
1950 . Added "v" DateTime format modifier to get the 3-digit version of fraction
1951 of seconds. (Mariano Iglesias)
1952 . Implemented FR #69089 (Added DateTime::RFC3339_EXTENDED to output in
1953 RFC3339 Extended format which includes fraction of seconds). (Mariano
1954 Iglesias)
1955
1956- DBA:
1957 . Fixed bug #62490 (dba_delete returns true on missing item (inifile)). (Mike)
1958 . Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)
1959
1960- DOM:
1961 . Fixed bug #70558 ("Couldn't fetch" error in
1962 DOMDocument::registerNodeClass()). (Laruence)
1963 . Fixed bug #70001 (Assigning to DOMNode::textContent does additional entity
1964 encoding). (cmb)
1965 . Fixed bug #69846 (Segmenation fault (access violation) when iterating over
1966 DOMNodeList). (Anatol Belski)
1967 . Made DOMNode::textContent writeable. (Tjerk)
1968
1969- EXIF:
1970 . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte
1971 value of 32 bytes). (Stas)
1972
1973- Fileinfo:
1974 . Fixed bug #66242 (libmagic: don't assume char is signed). (ArdB)
1975
1976- Filter:
1977 . New FILTER_VALIDATE_DOMAIN and better RFC conformance for FILTER_VALIDATE_URL. (Kevin Dunglas)
1978 . Fixed bug #67167 (Wrong return value from FILTER_VALIDATE_BOOLEAN,
1979 FILTER_NULL_ON_FAILURE). (levim)
1980
1981- FPM:
1982 . Fixed bug #70538 ("php-fpm -i" crashes). (rainer dot jung at
1983 kippdata dot de)
1984 . Fixed bug #70279 (HTTP Authorization Header is sometimes passed to newer
1985 reqeusts). (Laruence)
1986 . Fixed bug #68945 (Unknown admin values segfault pools). (Laruence)
1987 . Fixed bug #65933 (Cannot specify config lines longer than 1024 bytes). (Chris Wright)
1988 . Implemented FR #67106 (Split main fpm config). (Elan Ruusam��e, Remi)
1989
1990- FTP:
1991 . Fixed bug #69082 (FTPS support on Windows). (Anatol)
1992
1993- GD:
1994 . Fixed bug #53156 (imagerectangle problem with point ordering). (cmb)
1995 . Fixed bug #66387 (Stack overflow with imagefilltoborder). (CVE-2015-8874)
1996 (cmb)
1997 . Fixed bug #70102 (imagecreatefromwebm() shifts colors). (cmb)
1998 . Fixed bug #66590 (imagewebp() doesn't pad to even length). (cmb)
1999 . Fixed bug #66882 (imagerotate by -90 degrees truncates image by 1px). (cmb)
2000 . Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory). (cmb)
2001 . Fixed bug #69024 (imagescale segfault with palette based image). (cmb)
2002 . Fixed bug #53154 (Zero-height rectangle has whiskers). (cmb)
2003 . Fixed bug #67447 (imagecrop() add a black line when cropping). (cmb)
2004 . Fixed bug #68714 (copy 'n paste error). (cmb)
2005 . Fixed bug #66339 (PHP segfaults in imagexbm). (cmb)
2006 . Fixed bug #70047 (gd_info() doesn't report WebP support). (cmb)
2007 . Replace libvpx with libwebp for bundled libgd. (cmb, Anatol)
2008 . Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)
2009 . Made fontFetch's path parser thread-safe. (Sara)
2010 . Removed T1Lib support. (Kalle)
2011
2012- GMP:
86- GMP:
2013 . Fixed bug #70284 (Use after free vulnerability in unserialize() with GMP).
2014 (stas)
87 . Fixed bug #70896 (gmp_fact() silently ignores non-integer input). (Sara)
2015
2016- hash:
88
89- hash:
2017 . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee
2018 at naver dot com)
90 . Fixed bug #73961 (environmental build dependency in hash sha3 source).
91 (krakjoe)
92 . Changed HashContext from resource to object. (Rouven We��ling, Sara)
2019
93
2020- IMAP:
2021 . Fixed bug #70158 (Building with static imap fails). (cmb)
2022 . Fixed bug #69998 (curl multi leaking memory). (Pierrick)
94- Mbstring:
95 . Implemented request #66024 (mb_chr() and mb_ord()). (Masakielastic, Yasuo)
96 . Implemented request #65081 (mb_scrub()). (Masakielastic, Yasuo)
97 . Implemented request #69086 (enhancement for mb_convert_encoding() that
98 handles multibyte replacement char nicely). (Masakielastic, Yasuo)
99 . Added array input support to mb_convert_encoding(). (Yasuo)
100 . Added array input support to mb_check_encoding(). (Yasuo)
101 . Fixed bug #69079 (enhancement for mb_substitute_character). (masakielastic)
2023
102
2024- Intl:
2025 . Fixed bug #70453 (IntlChar::foldCase() incorrect arguments and missing
2026 constants). (cmb)
2027 . Fixed bug #70454 (IntlChar::forDigit second parameter should be optional).
2028 (cmb, colinodell)
2029 . Removed deprecated aliases datefmt_set_timezone_id() and
2030 IntlDateFormatter::setTimeZoneID(). (Nikita)
2031
2032- JSON:
2033 . Fixed bug #62010 (json_decode produces invalid byte-sequences).
2034 (Jakub Zelenka)
2035 . Fixed bug #68546 (json_decode() Fatal error: Cannot access property
2036 started with '\0'). (Jakub Zelenka)
2037 . Replace non-free JSON parser with a parser from Jsond extension, fixes #63520
2038 (JSON extension includes a problematic license statement). (Jakub Zelenka)
2039 . Fixed bug #68938 (json_decode() decodes empty string without error).
2040 (jeremy at bat-country dot us)
2041
2042- LDAP:
2043 . Fixed bug #47222 (Implement LDAP_OPT_DIAGNOSTIC_MESSAGE). (Andreas Heigl)
2044
2045- LiteSpeed:
2046 . Updated LiteSpeed SAPI code from V5.5 to V6.6. (George Wang)
2047
2048- libxml:
2049 . Fixed handling of big lines in error messages with libxml >= 2.9.0.
2050 (Christoph M. Becker)
2051
2052- Mcrypt:
103- Mcrypt:
2053 . Fixed bug #70625 (mcrypt_encrypt() won't return data when no IV was
2054 specified under RC4). (Nikita)
2055 . Fixed bug #69833 (mcrypt fd caching not working). (Anatol)
2056 . Fixed possible read after end of buffer and use after free. (Dmitry)
2057 . Removed mcrypt_generic_end() alias. (Nikita)
2058 . Removed mcrypt_ecb(), mcrypt_cbc(), mcrypt_cfb(), mcrypt_ofb(). (Nikita)
104 . The deprecated mcrypt extension has been moved to PECL. (leigh)
2059
105
2060- Mysqli:
2061 . Fixed bug #32490 (constructor of mysqli has wrong name). (cmb)
106- MySQLi:
107 . Fixed bug #73949 (leak in mysqli_fetch_object). (krakjoe)
2062
108
2063- Mysqlnd:
2064 . Fixed bug #70949 (SQL Result Sets With NULL Can Cause Fatal Memory Errors).
2065 (Laruence)
2066 . Fixed bug #70384 (mysqli_real_query():Unknown type 245 sent by the server).
2067 (Andrey)
2068 . Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when connecting to
2069 a server). (Sergei Turchanov)
2070 . Fixed bug #70572 segfault in mysqlnd_connect. (Andrey, Remi)
2071 . Fixed Bug #69796 (mysqli_stmt::fetch doesn't assign null values to
2072 bound variables). (Laruence)
109- mysqlnd:
110 . Fixed bug #73800 (sporadic segfault with MYSQLI_OPT_INT_AND_FLOAT_NATIVE).
111 (vanviegen)
2073
112
2074- OCI8:
2075 . Fixed memory leak with LOBs. (Senthil)
2076 . Fixed bug #68298 (OCI int overflow) (Senthil).
2077 . Corrected oci8 hash destructors to prevent segfaults, and a few other fixes.
2078 (Cameron Porter)
2079
2080- ODBC:
2081 . Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined
2082 columns). (CVE-2015-8879) (cmb)
2083
2084- Opcache:
2085 . Fixed bug #70656 (require() statement broken after opcache_reset() or a
2086 few hours of use). (Laruence)
2087 . Fixed bug #70843 (Segmentation fault on MacOSX with
2088 opcache.file_cache_only=1). (Laruence)
2089 . Fixed bug #70724 (Undefined Symbols from opcache.so on Mac OS X 10.10).
2090 (Laruence)
2091 . Fixed compatibility with Windows 10 (see also bug #70652). (Anatol)
2092 . Attmpt to fix "Unable to reattach to base address" problem. (Matt Ficken)
2093 . Fixed bug #70423 (Warning Internal error: wrong size calculation). (Anatol)
2094 . Fixed bug #70237 (Empty while and do-while segmentation fault with opcode
2095 on CLI enabled). (Dmitry, Laruence)
2096 . Fixed bug #70111 (Segfault when a function uses both an explicit return
2097 type and an explicit cast). (Laruence)
2098 . Fixed bug #70058 (Build fails when building for i386). (Laruence)
2099 . Fixed bug #70022 (Crash with opcache using opcache.file_cache_only=1).
2100 (Anatol)
2101 . Removed opcache.load_comments configuration directive. Now doc comments
2102 loading costs nothing and always enabled. (Dmitry)
2103 . Fixed bug #69838 (Wrong size calculation for function table). (Anatol)
2104 . Fixed bug #69688 (segfault with eval and opcache fast shutdown).
2105 (Laruence)
2106 . Added experimental (disabled by default) file based opcode cache.
2107 (Dmitry, Laruence, Anatol)
2108 . Fixed bug with try blocks being removed when extended_info opcode
2109 generation is turned on. (Laruence)
2110 . Fixed bug #68644 (strlen incorrect : mbstring + func_overload=2 +UTF-8
2111 + Opcache). (Laruence)
2112
2113- OpenSSL:
113- OpenSSL:
2114 . Require at least OpenSSL version 0.9.8. (Jakub Zelenka)
2115 . Fixed bug #68312 (Lookup for openssl.cnf causes a message box). (Anatol)
2116 . Fixed bug #55259 (openssl extension does not get the DH parameters from
2117 DH key resource). (Jakub Zelenka)
2118 . Fixed bug #70395 (Missing ARG_INFO for openssl_seal()). (cmb)
2119 . Fixed bug #60632 (openssl_seal fails with AES). (Jakub Zelenka)
2120 . Implemented FR #70438 (Add IV parameter for openssl_seal and openssl_open)
2121 (Jakub Zelenka)
2122 . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically
2123 secure). (CVE-2015-8867) (Stas)
2124 . Fixed bug #69882 (OpenSSL error "key values mismatch" after
2125 openssl_pkcs12_read with extra cert). (Tomasz Sawicki)
2126 . Added "alpn_protocols" SSL context option allowing encrypted client/server
2127 streams to negotiate alternative protocols using the ALPN TLS extension when
2128 built against OpenSSL 1.0.2 or newer. Negotiated protocol information is
2129 accessible through stream_get_meta_data() output.
2130 . Removed "CN_match" and "SNI_server_name" SSL context options. Use automatic
2131 detection or the "peer_name" option instead. (Nikita)
114 . Fixed bug #71519 (add serial hex to return value array). (xrobau)
2132
115
2133- Pcntl:
2134 . Fixed bug #70386 (Can't compile on NetBSD because of missing WCONTINUED
2135 and WIFCONTINUED). (Matteo)
2136 . Fixed bug #60509 (pcntl_signal doesn't decrease ref-count of old handler
2137 when setting SIG_DFL). (Julien)
2138 . Implemented FR #68505 (Added wifcontinued and wcontinued). (xilon-jul)
2139 . Added rusage support to pcntl_wait() and pcntl_waitpid(). (Anton Stepanenko,
2140 Tony)
2141
2142- PCRE:
116- PCRE:
2143 . Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string
2144 match). (cmb)
2145 . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions).
2146 (Anatol Belski)
2147 . Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string
2148 match). (cmb)
2149 . Fixed bug #53823 (preg_replace: * qualifier on unicode replace garbles the
2150 string). (cmb)
2151 . Fixed bug #69864 (Segfault in preg_replace_callback). (cmb, ab)
117 . Fixed bug #61780 (Inconsistent PCRE captures in match results). (cmb)
2152
2153- PDO:
118
119- PDO:
2154 . Fixed bug #70861 (Segmentation fault in pdo_parse_params() during Drupal 8
2155 test suite). (Anatol)
2156 . Fixed bug #70389 (PDO constructor changes unrelated variables). (Laruence)
2157 . Fixed bug #70272 (Segfault in pdo_mysql). (Laruence)
2158 . Fixed bug #70221 (persistent sqlite connection + custom function
2159 segfaults). (Laruence)
2160 . Removed support for the /e (PREG_REPLACE_EVAL) modifier. (Nikita)
2161 . Fixed bug #59450 (./configure fails with "Cannot find php_pdo_driver.h").
2162 (maxime dot besson at smile dot fr)
120 . Add "Sent SQL" to debug dump for emulated prepares. (Adam Baratz)
121 . Add parameter types for national character set strings. (Adam Baratz)
2163
2164- PDO_DBlib:
122
123- PDO_DBlib:
2165 . Fixed bug #69757 (Segmentation fault on nextRowset).
2166 (miracle at rpz dot name)
124 . Fixed bug #73234 (Emulated statements let value dictate parameter type).
125 (Adam Baratz)
126 . Fixed bug #73396 (bigint columns are returned as strings). (Adam Baratz)
127 . Expose DB-Library version as \PDO::DBLIB_ATTR_VERSION attribute on \PDO
128 instance. (Adam Baratz)
129 . Add test coverage for bug #72969. (Jeff Farr)
2167
130
2168- PDO_mysql:
2169 . Fixed bug #68424 (Add new PDO mysql connection attr to control multi
2170 statements option). (peter dot wolanin at acquia dot com)
2171
2172- PDO_OCI:
131- PDO_OCI:
2173 . Fixed bug #70308 (PDO::ATTR_PREFETCH is ignored). (Chris Jones)
132 . Fixed bug #54379 (PDO_OCI: UTF-8 output gets truncated). (gureedo / Oracle)
2174
133
2175- PDO_pgsql:
2176 . Fixed bug #69752 (PDOStatement::execute() leaks memory with DML
2177 Statements when closeCuror() is u). (Philip Hofstetter)
2178 . Removed PGSQL_ATTR_DISABLE_NATIVE_PREPARED_STATEMENT attribute in favor of
2179 ATTR_EMULATE_PREPARES). (Nikita)
134- PDO_PgSQL:
135 . Fixed bug #73959 (lastInsertId fails to throw an exception for wrong
136 sequence name). (andrewnester)
2180
137
2181- Phar:
2182 . Fixed bug #69720 (Null pointer dereference in phar_get_fp_offset()). (Stas)
2183 . FIxed bug #70433 (Uninitialized pointer in phar_make_dirstream when zip
2184 entry filename is "/"). (Stas)
2185 . Improved fix for bug #69441. (Anatol Belski)
2186 . Fixed bug #70019 (Files extracted from archive may be placed outside of
2187 destination directory). (Anatol Belski)
138- PDO_Sqlite
139 . Switch to sqlite3_prepare_v2() and sqlite3_close_v2() functions (rasmus)
2188
140
2189- Phpdbg:
2190 . Fixed bug #70614 (incorrect exit code in -rr mode with Exceptions). (Bob)
2191 . Fixed bug #70532 (phpdbg must respect set_exception_handler). (Bob)
2192 . Fixed bug #70531 (Run and quit mode (-qrr) should not fallback to
2193 interactive mode). (Bob)
2194 . Fixed bug #70533 (Help overview (-h) does not rpint anything under Windows).
2195 (Anatol)
2196 . Fixed bug #70449 (PHP won't compile on 10.4 and 10.5 because of missing
2197 constants). (Bob)
2198 . Fixed bug #70214 (FASYNC not defined, needs sys/file.h include). (Bob)
2199 . Fixed bug #70138 (Segfault when displaying memory leaks). (Bob)
141- PHPDBG
142 . Added extended_value to opcode dump output. (Sara)
2200
143
2201- Reflection:
2202 . Fixed bug #70650 (Wrong docblock assignment). (Marcio)
2203 . Fixed bug #70674 (ReflectionFunction::getClosure() leaks memory when used
2204 for internal functions). (Dmitry, Bob)
2205 . Fixed bug causing bogus traces for ReflectionGenerator::getTrace(). (Bob)
2206 . Fixed inheritance chain of Reflector interface. (Tjerk)
2207 . Added ReflectionGenerator class. (Bob)
2208 . Added reflection support for return types and type declarations. (Sara,
2209 Matteo)
144- posix:
145 . Fixed bug #71219 (configure script incorrectly checks for ttyname_r). (atoh)
2210
2211- Session:
146
147- Session:
2212 . Fixed bug #70876 (Segmentation fault when regenerating session id with
2213 strict mode). (Laruence)
2214 . Fixed bug #70529 (Session read causes "String is not zero-terminated" error).
2215 (Yasuo)
2216 . Fixed bug #70013 (Reference to $_SESSION is lost after a call to
2217 session_regenerate_id()). (Yasuo)
2218 . Fixed bug #69952 (Data integrity issues accessing superglobals by
2219 reference). (Bob)
2220 . Fixed bug #67694 (Regression in session_regenerate_id()). (Tjerk)
2221 . Fixed bug #68941 (mod_files.sh is a bash-script). (bugzilla at ii.nl, Yasuo)
148 . Fixed bug #73461 (Prohibit session save handler recursion). (Yasuo)
149 . PR #2233 Removed register_globals related code and "!" can be used as $_SESSION key name. (Yasuo)
150 . Improved bug #73100 fix. 'user' save handler can only be set by session_set_save_handler()
151 . Fixed bug #69582 (session not readable by root in CLI). (EvgeniySpinov)
2222
2223- SOAP:
152
153- SOAP:
2224 . Fixed bug #70940 (Segfault in soap / type_to_string). (Remi)
2225 . Fixed bug #70900 (SoapClient systematic out of memory error). (Dmitry)
2226 . Fixed bug #70875 (Segmentation fault if wsdl has no targetNamespace
2227 attribute). (Matteo)
2228 . Fixed bug #70715 (Segmentation fault inside soap client). (Laruence)
2229 . Fixed bug #70709 (SOAP Client generates Segfault). (Laruence)
2230 . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE).
2231 (Stas)
2232 . Fixed bug #70081 (SoapClient info leak / null pointer dereference via
2233 multiple type confusions). (Stas)
2234 . Fixed bug #70079 (Segmentation fault after more than 100 SoapClient
2235 calls). (Laruence)
2236 . Fixed bug #70032 (make_http_soap_request calls
2237 zend_hash_get_current_key_ex(,,,NULL). (Laruence)
2238 . Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes). (Laruence)
154 . Fixed bug #69137 (Peer verification fails when using a proxy with SoapClient)
155 (Keith Smiley)
2239
156
2240- SPL:
2241 . Fixed bug #70959 (ArrayObject unserialize does not restore protected
2242 fields). (Laruence)
2243 . Fixed bug #70853 (SplFixedArray throws exception when using ref variable
2244 as index). (Laruence)
2245 . Fixed bug #70868 (PCRE JIT and pattern reuse segfault). (Laruence)
2246 . Fixed bug #70730 (Incorrect ArrayObject serialization if unset is called
2247 in serialize()). (Laruence)
2248 . Fixed bug #70573 (Cloning SplPriorityQueue leads to memory leaks). (Dmitry)
2249 . Fixed bug #70303 (Incorrect constructor reflection for ArrayObject). (cmb)
2250 . Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject
2251 items). (sean.heelan)
2252 . Fixed bug #70166 (Use After Free Vulnerability in unserialize() with
2253 SPLArrayObject). (taoguangchen at icloud dot com)
2254 . Fixed bug #70168 (Use After Free Vulnerability in unserialize() with
2255 SplObjectStorage). (taoguangchen at icloud dot com)
2256 . Fixed bug #70169 (Use After Free Vulnerability in unserialize() with
2257 SplDoublyLinkedList). (taoguangchen at icloud dot com)
2258 . Fixed bug #70053 (MutlitpleIterator array-keys incompatible change in
2259 PHP 7). (Tjerk)
2260 . Fixed bug #69970 (Use-after-free vulnerability in
2261 spl_recursive_it_move_forward_ex()). (Laruence)
2262 . Fixed bug #69845 (ArrayObject with ARRAY_AS_PROPS broken). (Dmitry)
2263 . Changed ArrayIterator implementation using zend_hash_iterator_... API.
2264 Allowed modification of iterated ArrayObject using the same behavior
2265 as proposed in `Fix "foreach" behavior`. Removed "Array was modified
2266 outside object and internal position is no longer valid" hack. (Dmitry)
2267 . Implemented FR #67886 (SplPriorityQueue/SplHeap doesn't expose extractFlags
2268 nor curruption state). (Julien)
2269 . Fixed bug #66405 (RecursiveDirectoryIterator::CURRENT_AS_PATHNAME
2270 breaks the RecursiveIterator). (Paul Garvin)
2271
2272- SQLite3:
157- SQLite3:
2273 . Fixed bug #70571 (Memory leak in sqlite3_do_callback). (Adam)
2274 . Fixed bug #69972 (Use-after-free vulnerability in
2275 sqlite3SafetyCheckSickOrOk()). (Laruence)
2276 . Fixed bug #69897 (segfault when manually constructing SQLite3Result).
2277 (Kalle)
2278 . Fixed bug #68260 (SQLite3Result::fetchArray declares wrong
2279 required_num_args). (Julien)
158 . Update to Sqlite 3.16.2. (cmb)
2280
2281- Standard:
159
160- Standard:
2282 . Fixed count on symbol tables. (Laruence)
2283 . Fixed bug #70963 (Unserialize shows UNKNOWN in result). (Laruence)
2284 . Fixed bug #70910 (extract() breaks variable references). (Laruence)
2285 . Fixed bug #70808 (array_merge_recursive corrupts memory of unset items).
2286 (Laruence)
2287 . Fixed bug #70667 (strtr() causes invalid writes and a crashes). (Dmitry)
2288 . Fixed bug #70668 (array_keys() doesn't respect references when $strict is
2289 true). (Bob, Dmitry)
2290 . Implemented the RFC `Random Functions Throwing Exceptions in PHP 7`.
2291 (Sammy Kaye Powers, Anthony)
2292 . Fixed bug #70487 (pack('x') produces an error). (Nikita)
2293 . Fixed bug #70342 (changing configuration with ignore_user_abort(true) isn't
2294 working). (Laruence)
2295 . Fixed bug #70295 (Segmentation fault with setrawcookie). (Bob)
2296 . Fixed bug #67131 (setcookie() conditional for empty values not met). (cmb)
2297 . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with
2298 SplObjectStorage). (taoguangchen at icloud dot com)
2299 . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with
2300 SplDoublyLinkedList). (taoguangchen at icloud dot com)
2301 . Fixed bug #70250 (extract() turns array elements to references).
2302 (Laruence)
2303 . Fixed bug #70211 (php 7 ZEND_HASH_IF_FULL_DO_RESIZE use after free).
2304 (Laruence)
2305 . Fixed bug #70208 (Assert breaking access on objects). (Bob)
2306 . Fixed bug #70140 (str_ireplace/php_string_tolower - Arbitrary Code
2307 Execution). (CVE-2015-6527) (Laruence)
2308 . Implemented FR #70112 (Allow "dirname" to go up various times). (Remi)
2309 . Fixed bug #36365 (scandir duplicates file name at every 65535th file). (cmb)
2310 . Fixed bug #70096 (Repeated iptcembed() adds superfluous FF bytes). (cmb)
2311 . Fixed bug #70018 (exec does not strip all whitespace). (Laruence)
2312 . Fixed bug #69983 (get_browser fails with user agent of null).
2313 (Kalle, cmb, Laruence)
2314 . Fixed bug #69976 (Unable to parse "all" urls with colon char). (cmb)
2315 . Fixed bug #69768 (escapeshell*() doesn't cater to !). (cmb)
2316 . Fixed bug #62922 (Truncating entire string should result in string).
2317 (Nikita)
2318 . Fixed bug #69723 (Passing parameters by reference and array_column).
2319 (Laruence)
2320 . Fixed bug #69523 (Cookie name cannot be empty). (Christoph M. Becker)
2321 . Fixed bug #69325 (php_copy_file_ex does not pass the argument).
2322 (imbolk at gmail dot com)
2323 . Fixed bug #69299 (Regression in array_filter's $flag argument in PHP 7).
2324 (Laruence)
2325 . Removed call_user_method() and call_user_method_array() functions. (Kalle)
2326 . Fixed user session handlers (See rfc:session.user.return-value). (Sara)
2327 . Added intdiv() function. (Andrea)
2328 . Improved precision of log() function for base 2 and 10. (Marc Bennewitz)
2329 . Remove string category support in setlocale(). (Nikita)
2330 . Remove set_magic_quotes_runtime() and its alias magic_quotes_runtime().
2331 (Nikita)
2332 . Fixed bug #65272 (flock() out parameter not set correctly in windows).
2333 (Daniel Lowrey)
2334 . Added preg_replace_callback_array function. (Wei Dai)
2335 . Deprecated salt option to password_hash. (Anthony)
2336 . Fixed bug #69686 (password_verify reports back error on PHP7 will null
2337 string). (Anthony)
2338 . Added Windows support for getrusage(). (Kalle)
2339 . Removed hardcoded limit on number of pipes in proc_open(). (Tony)
161 . Add subject to mail log. (tomsommer)
162 . Fixed bug #31875 (get_defined_functions additional param to exclude
163 disabled functions). (willianveiga)
164 . Fixed bug #69442 (closing of fd incorrect when PTS enabled). (jaytaph)
165 . Fixed bug #72974 (imap is undefined service on AIX). (matthieu.sarter)
166 . Fixed bug #72979 (money_format stores wrong length AIX). (matthieu.sarter)
167 . Fixed bug #74300 (unserialize accepts two plus/minus signs for float number exponent part).
168 (xKerman)
2340
169
2341- Streams:
2342 . Fixed bug #70361 (HTTP stream wrapper doesn't close keep-alive connections).
2343 (Niklas Keller)
2344 . Fixed bug #68532 (convert.base64-encode omits padding bytes).
2345 (blaesius at krumedia dot de)
2346 . Removed set_socket_blocking() in favor of its alias stream_set_blocking().
2347 (Nikita)
170- XML:
171 . Moved utf8_encode() and utf8_decode() to the Standard extension. (Andrea)
172 . Fixed bug #72135 (malformed XML causes fault) (edgarsandi)
2348
173
2349- Tokenizer:
2350 . Fixed bug #69430 (token_get_all has new irrecoverable errors). (Nikita)
174- XMLRPC:
175 . Use Zend MM for allocation in bundled libxmlrpc (Joe)
2351
176
2352- XMLReader:
2353 . Fixed bug #70309 (XmlReader read generates extra output). (Anatol)
177- ZIP:
178 . Add support for encrypted archives. (Remi)
179 . Fixed Bug #73803 (Reflection of ZipArchive does not show public properties). (Remi)
2354
180
2355- XMLRPC
2356 . Fixed bug #70526 (xmlrpc_set_type returns false on success). (Laruence)
2357
2358- XSL:
2359 . Fixed bug #70678 (PHP7 returns true when false is expected). (Felipe)
2360 . Fixed bug #70535 (XSLT: free(): invalid pointer). (Laruence)
2361 . Fixed bug #69782 (NULL pointer dereference). (Stas)
2362 . Fixed bug #64776 (The XSLT extension is not thread safe). (Mike)
2363 . Removed xsl.security_prefs ini option. (Nikita)
2364
2365- Zlib:
2366 . Added deflate_init(), deflate_add(), inflate_init(), inflate_add()
2367 functions allowing incremental/streaming compression/decompression.
2368 (Daniel Lowrey & Bob Weinand)
2369
2370- Zip:
2371 . Fixed bug #70322 (ZipArchive::close() doesn't indicate errors).
2372 (CVE-2014-9767) (cmb)
2373 . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when
2374 creating directories). (neal at fb dot com)
2375 . Added ZipArchive::setCompressionName and ZipArchive::setCompressionIndex
2376 methods. (Remi, Cedric Delmas)
2377 . Update bundled libzip to 1.0.1. (Remi, Anatol)
2378 . Fixed bug #67161 (ZipArchive::getStream() returns NULL for certain file).
2379 (Christoph M. Becker)
2380
181<<< NOTE: Insert NEWS from last stable release here prior to actual release! >>>