diff options
| author | Anatol Belski <ab@php.net> | 2016-08-17 17:58:20 +0200 | 
|---|---|---|
| committer | Anatol Belski <ab@php.net> | 2016-08-17 17:58:20 +0200 | 
| commit | da12ca9c1ed03084e6803f5e81e46f2e0a80460a (patch) | |
| tree | 541efe605481c9166dbafd3c0cf6c42eae31654c /NEWS | |
| parent | d6f62b7d6eeda77dc83565e994c44bf8bba7e147 (diff) | |
| download | php-git-php-7.0.10.tar.gz | |
sync NEWS with entries and release datephp-7.0.10PHP-7.0.10
Diffstat (limited to 'NEWS')
| -rw-r--r-- | NEWS | 31 | 
1 files changed, 29 insertions, 2 deletions
| @@ -1,6 +1,6 @@  PHP                                                                        NEWS  ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -04 Aug 2016 PHP 7.0.10RC1 +18 Aug 2016 PHP 7.0.10  - Core:    . Fixed bug #72629 (Caught exception assignment to variables ignores @@ -22,7 +22,16 @@ PHP                                                                        NEWS      (Yuji Uchiyama)    . Fixed potential segfault in object storage freeing in shutdown sequence.      (Bob) +  . Fixed bug #72663 (Create an Unexpected Object and Don't Invoke +      __wakeup() in Deserialization). (Stas) +  . Fixed bug #72681 (PHP Session Data Injection Vulnerability). (Stas)    . Fixed bug #72683 (getmxrr broken). (Anatol) +  . Fixed bug #72742 (memory allocator fails to realloc small block to large +    one). (Stas) + +- Bz2: +  . Fixed bug #72837 (integer overflow in bzdecompress caused heap +    corruption). (Stas)  - Calendar:    . Fixed bug #67976 (cal_days_month() fails for final month of the French @@ -37,12 +46,14 @@ PHP                                                                        NEWS    . Fixed bug #71709 (curl_setopt segfault with empty CURLOPT_HTTPHEADER).      (Pierrick)    . Fixed bug #71929 (CURLINFO_CERTINFO data parsing error). (Pierrick) +  . Fixed bug #72674 (Heap overflow in curl_escape). (Stas)  - DOM:    . Fixed bug #66502 (DOM document dangling reference). (Sean Heelan, cmb)  - EXIF:    . Fixed bug #72735 (Samsung picture thumb not read (zero size)). (Kalle, Remi) +  . Fixed bug #72627 (Memory Leakage In exif_process_IFD_in_TIFF). (Stas)  - Filter:    . Fixed bug #71745 (FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8 @@ -60,6 +71,8 @@ PHP                                                                        NEWS      blendingmode). (cmb)    . Fixed bug #66555 (Always false condition in ext/gd/libgd/gdkanji.c). (cmb)    . Fixed bug #68712 (suspicious if-else statements). (cmb) +  . Fixed bug #72697 (select_colors write out-of-bounds). (Stas) +  . Fixed bug #72730 (imagegammacorrect allows arbitrary write access). (Stas)  - Intl:    . Fixed bug #72639 (Segfault when instantiating class that extends @@ -77,6 +90,9 @@ PHP                                                                        NEWS    . Fixed bug #72710 (`mb_ereg` causes buffer overflow on regexp compile error).      (ju1ius) +- Mcrypt: +  . Fixed bug #72782 (Heap Overflow due to integer overflows). (Stas) +  - Opcache:    . Fixed bug #72590 (Opcache restart with kill_all_lockers does not work).      (Keyur) @@ -95,6 +111,10 @@ PHP                                                                        NEWS    . Fixed bug #72588 (Using global var doesn't work while accessing SimpleXML      element). (Laruence) +- SNMP: +  . Fixed bug #72708 (php_snmp_parse_oid integer overflow in memory +    allocation). (djodjo at gmail dot com) +  - SPL:    . Fixed bug #55701 (GlobIterator throws LogicException). (Valentin VĂLCIU)    . Fixed bug #72646 (SplFileObject::getCsvControl does not return the escape @@ -126,6 +146,8 @@ PHP                                                                        NEWS    . Fixed bug #54431 (opendir() does not work with ftps:// wrapper). (vhuk)    . Fixed bug #72667 (opendir() with ftp:// attempts to open data stream for      non-existent directories). (vhuk) +  . Fixed bug #72771 (ftps:// wrapper is vulnerable to protocol downgrade +    attack). (Stas)  - XMLRPC:    . Fixed bug #72647 (xmlrpc_encode() unexpected output after referencing @@ -135,7 +157,12 @@ PHP                                                                        NEWS    . Fixed bug #72564 (boolean always deserialized as "true") (Remi)    . Fixed bug #72142 (WDDX Packet Injection Vulnerability in      wddx_serialize_value()). (Taoguang Chen) - +  . Fixed bug #72749 (wddx_deserialize allows illegal memory access) (Stas) +  . Fixed bug #72750 (wddx_deserialize null dereference). (Stas) +  . Fixed bug #72790 (wddx_deserialize null dereference with invalid xml). +    (Stas) +  . Fixed bug #72799 (wddx_deserialize null dereference in +    php_wddx_pop_element). (Stas)  - Zip:    . Fixed bug #72660 (NULL Pointer dereference in zend_virtual_cwd). | 
