forked from php/php-src
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NEWS
6970 lines (6620 loc) · 357 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2012, PHP 5.4.1 RC1
- CLI Server:
. Implemented FR #60850 (Built in web server does not set
$_SERVER['SCRIPT_FILENAME'] when using router). (Laruence)
. "Connection: close" instead of "Connection: closed" (Gustavo)
- Core:
. Fixed bug #61374 (html_entity_decode tries to decode code points that don't
exist in ISO-8859-1). (Gustavo)
. Fixed bug #61273 (call_user_func_array with more than 16333 arguments
leaks / crashes). (Laruence)
. Fixed bug #61225 (Incorrect lexing of 0b00*+<NUM>). (Pierrick)
. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
. Fixed bug #61106 (Segfault when using header_register_callback). (Nikita
Popov)
. Fixed bug #61087 (Memory leak in parse_ini_file when specifying
invalid scanner mode). (Nikic, Laruence)
. Fixed bug #61072 (Memory leak when restoring an exception handler).
(Nikic, Laruence)
. Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
(Laruence)
. Fixed bug #61052 (Missing error check in trait 'insteadof' clause). (Stefan)
. Fixed bug #61011 (Crash when an exception is thrown by __autoload
accessing a static property). (Laruence)
. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
vars). (Laruence)
. Fixed bug #60978 (exit code incorrect). (Laruence)
. Fixed bug #60911 (Confusing error message when extending traits). (Stefan)
. Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
. Fixed bug #60717 (Order of traits in use statement can cause a fatal
error). (Stefan)
. Fixed bug #60573 (type hinting with "self" keyword causes weird errors).
(Laruence)
. Fixed bug #60569 (Nullbyte truncates Exception $message). (Ilia)
. Fixed bug #52719 (array_walk_recursive crashes if third param of the
function is by reference). (Nikita Popov)
- Ibase
. Fixed bug #60947 (Segmentation fault while executing ibase_db_info).
(Ilia)
- Installation
. Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)
- mbstring:
. MFH mb_ereg_replace_callback() for security enhancements. (Rui)
- mysqli
. Fixed bug #61003 (mysql_stat() require a valid connection). (Johannes).
- mysqlnd
. Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled).
(Johannes)
- Readline:
. Fixed bug #61088 (Memory leak in readline_callback_handler_install).
(Nikic, Laruence)
- Session
. Fixed bug #60634 (Segmentation fault when trying to die() in
SessionHandler::write()). (Ilia)
- SOAP
. Fixed bug #60887 (SoapClient ignores user_agent option and sends no
User-Agent header). (carloschilazo at gmail dot com)
. Fixed bug #60842, #51775 (Chunked response parsing error when
chunksize length line is > 10 bytes). (Ilia)
- PDO
. Fixed bug #61292 (Segfault while calling a method on an overloaded PDO
object). (Laruence)
- PDO_mysql
. Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't
always work). (Johannes)
. Fixed bug #61194 (PDO should export compression flag with myslqnd).
(Johannes)
- PDO_odbc
. Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO). (Ilia)
- Phar
. Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL
bytes). (Nikita Popov)
- Reflection:
. Fixed bug #60968 (Late static binding doesn't work with
ReflectionMethod::invokeArgs()). (Laruence)
- SPL:
. Fixed bug #61347 (inconsistent isset behavior of Arrayobject). (Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
. Make max_file_uploads ini directive settable outside of php.ini (Rasmus)
. Fixed bug #61409 (Bad formatting on phpinfo()). (Jakub Vrana)
. Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia)
. Fixed bug #60106 (stream_socket_server silently truncates long unix socket
paths). (Ilia)
- XMLRPC:
. Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary
variable). (Nikita Popov)
. Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita
Popov)
- Zlib:
. Fixed bug #61306 (initialization of global inappropriate for ZTS). (Gustavo)
. Fixed bug #61287 (A particular string fails to decompress). (Mike)
. Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov)
01 Mar 2012, PHP 5.4.0
- Installation:
. autoconf 2.59+ is now supported (and required) for generating the
configure script with ./buildconf. Autoconf 2.60+ is desirable
otherwise the configure help order may be incorrect. (Rasmus, Chris Jones)
- Removed legacy features:
. break/continue $var syntax. (Dmitry)
. Safe mode and all related php.ini options. (Kalle)
. register_globals and register_long_arrays php.ini options. (Kalle)
. import_request_variables(). (Kalle)
. allow_call_time_pass_reference. (Pierrick)
. define_syslog_variables php.ini option and its associated function. (Kalle)
. highlight.bg php.ini option. (Kalle)
. safe_mode, safe_mode_gid, safe_mode_include_dir,
safe_mode_exec_dir, safe_mode_allowed_env_vars and
safe_mode_protected_env_vars php.ini options.
. zend.ze1_compatibility_mode php.ini option.
. Session bug compatibility mode (session.bug_compat_42 and
session.bug_compat_warn php.ini options). (Kalle)
. session_is_registered(), session_register() and session_unregister()
functions. (Kalle)
. y2k_compliance php.ini option. (Kalle)
. magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase
php.ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept
but always return false, set_magic_quotes_runtime raises an
E_CORE_ERROR. (Pierrick, Pierre)
. Removed support for putenv("TZ=..") for setting the timezone. (Derick)
. Removed the timezone guessing algorithm in case the timezone isn't set with
date.timezone or date_default_timezone_set(). Instead of a guessed
timezone, "UTC" is now used instead. (Derick)
- Moved extensions to PECL:
. ext/sqlite. (Note: the ext/sqlite3 and ext/pdo_sqlite extensions are
not affected) (Johannes)
- General improvements:
. Added short array syntax support ([1,2,3]), see UPGRADING guide for full
details. (rsky0711 at gmail . com, sebastian.deutsch at 9elements . com,
Pierre)
. Added binary number format (0b001010). (Jonah dot Harris at gmail dot com)
. Added support for Class::{expr}() syntax (Pierrick)
. Added multibyte support by default. Previously PHP had to be compiled
with --enable-zend-multibyte. Now it can be enabled or disabled through
the zend.multibyte directive in php.ini. (Dmitry)
. Removed compile time dependency from ext/mbstring (Dmitry)
. Added support for Traits. (Stefan, with fixes by Dmitry and Laruence)
. Added closure $this support back. (Stas)
. Added array dereferencing support. (Felipe)
. Added callable typehint. (Hannes)
. Added indirect method call through array. FR #47160. (Felipe)
. Added DTrace support. (David Soria Parra)
. Added class member access on instantiation (e.g. (new foo)->bar()) support.
(Felipe)
. <?= is now always available regardless of the short_open_tag setting. (Rasmus)
. Implemented Zend Signal Handling (configurable option --enable-zend-signals,
off by default). (Lucas Nealan, Arnaud Le Blanc, Brian Shire, Ilia)
. Improved output layer, see README.NEW-OUTPUT-API for internals. (Mike)
. Improved UNIX build system to allow building multiple PHP binary SAPIs and
one SAPI module the same time. FR #53271, FR #52419. (Jani)
. Implemented closure rebinding as parameter to bindTo. (Gustavo Lopes)
. Improved the warning message of incompatible arguments. (Laruence)
. Improved ternary operator performance when returning arrays. (Arnaud, Dmitry)
. Changed error handlers to only generate docref links when the docref_root
php.ini setting is not empty. (Derick)
. Changed silent conversion of array to string to produce a notice. (Patrick)
. Changed default encoding from ISO-8859-1 to UTF-8 when not specified in
htmlspecialchars and htmlentities. (Rasmus)
. Changed casting of null/''/false into an Object when adding a property
from E_STRICT into a warning. (Scott)
. Changed E_ALL to include E_STRICT. (Stas)
. Disabled Windows CRT warning by default, can be enabled again using the
php.ini directive windows_show_crt_warnings. (Pierre)
. Fixed bug #55378: Binary number literal returns float number though its
value is small enough. (Derick)
- Improved Zend Engine memory usage: (Dmitry)
. Improved parse error messages. (Felipe)
. Replaced zend_function.pass_rest_by_reference by
ZEND_ACC_PASS_REST_BY_REFERENCE in zend_function.fn_flags.
. Replaced zend_function.return_reference by ZEND_ACC_RETURN_REFERENCE
in zend_function.fn_flags.
. Removed zend_arg_info.required_num_args as it was only needed for internal
functions. Now the first arg_info for internal functions (which has special
meaning) is represented by the zend_internal_function_info structure.
. Moved zend_op_array.size, size_var, size_literal, current_brk_cont,
backpatch_count into CG(context) as they are used only during compilation.
. Moved zend_op_array.start_op into EG(start_op) as it's used only for
'interactive' execution of a single top-level op-array.
. Replaced zend_op_array.done_pass_two by ZEND_ACC_DONE_PASS_TWO in
zend_op_array.fn_flags.
. op_array.vars array is trimmed (reallocated) during pass_two.
. Replaced zend_class_entry.constants_updated by ZEND_ACC_CONSTANTS_UPDATED
in zend_class_entry.ce_flags.
. Reduced the size of zend_class_entry by sharing the same memory space
by different information for internal and user classes.
See zend_class_entry.info union.
. Reduced size of temp_variable.
- Improved Zend Engine - performance tweaks and optimizations: (Dmitry)
. Inlined most probable code-paths for arithmetic operations directly into
executor.
. Eliminated unnecessary iterations during request startup/shutdown.
. Changed $GLOBALS into a JIT autoglobal, so it's initialized only if used.
(this may affect opcode caches!)
. Improved performance of @ (silence) operator.
. Simplified string offset reading. Given $str="abc" then $str[1][0] is now
a legal construct.
. Added caches to eliminate repeatable run-time bindings of functions,
classes, constants, methods and properties.
. Added concept of interned strings. All strings constants known at compile
time are allocated in a single copy and never changed.
. ZEND_RECV now always has IS_CV as its result.
. ZEND_CATCH now has to be used only with constant class names.
. ZEND_FETCH_DIM_? may fetch array and dimension operands in different order.
. Simplified ZEND_FETCH_*_R operations. They can't be used with the
EXT_TYPE_UNUSED flag any more. This is a very rare and useless case.
ZEND_FREE might be required after them instead.
. Split ZEND_RETURN into two new instructions ZEND_RETURN and
ZEND_RETURN_BY_REF.
. Optimized access to global constants using values with pre-calculated
hash_values from the literals table.
. Optimized access to static properties using executor specialization.
A constant class name may be used as a direct operand of ZEND_FETCH_*
instruction without previous ZEND_FETCH_CLASS.
. zend_stack and zend_ptr_stack allocation is delayed until actual usage.
- Other improvements to Zend Engine:
. Added an optimization which saves memory and emalloc/efree calls for empty
HashTables. (Stas, Dmitry)
. Added ability to reset user opcode handlers (Yoram).
. Changed the structure of op_array.opcodes. The constant values are moved from
opcode operands into a separate literal table. (Dmitry)
. Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.
(Dmitry)
- Improved core functions:
. Enforce an extended class' __construct arguments to match the
abstract constructor in the base class.
. Disallow reusing superglobal names as parameter names.
. Added optional argument to debug_backtrace() and debug_print_backtrace()
to limit the amount of stack frames returned. (Sebastian, Patrick)
. Added hex2bin() function. (Scott)
. number_format() no longer truncates multibyte decimal points and thousand
separators to the first byte. FR #53457. (Adam)
. Added support for object references in recursive serialize() calls.
FR #36424. (Mike)
. Added support for SORT_NATURAL and SORT_FLAG_CASE in array
sort functions (sort, rsort, ksort, krsort, asort, arsort and
array_multisort). FR#55158 (Arpad)
. Added stream metadata API support and stream_metadata() stream class
handler. (Stas)
. User wrappers can now define a stream_truncate() method that responds
to truncation, e.g. through ftruncate(). FR #53888. (Gustavo)
. Improved unserialize() performance.
(galaxy dot mipt at gmail dot com, Kalle)
. Changed array_combine() to return empty array instead of FALSE when both
parameter arrays are empty. FR #34857. ([email protected])
. Fixed bug #61095 (Incorect lexing of 0x00*+<NUM>). (Etienne)
. Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
$double=false). (Gustavo)
. Fixed bug #60895 (Possible invalid handler usage in windows random
functions). (Pierre)
. Fixed bug #60879 (unserialize() Does not invoke __wakeup() on object).
(Pierre, Steve)
. Fixed bug #60825 (Segfault when running symfony 2 tests).
(Dmitry, Laruence)
. Fixed bug #60627 (httpd.worker segfault on startup with php_value).
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
. Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
(Laruence)
. Fixed bug #60558 (Invalid read and writes). (Laruence)
. Fixed bug #60444 (Segmentation fault with include & class extending).
(Laruence, Dmitry).
. Fixed bug #60362 (non-existent sub-sub keys should not have values).
(Laruence, alan_k, Stas)
. Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
(php at mickweiss dot com)
. Fixed bug #60321 (ob_get_status(true) no longer returns an array when
buffer is empty). (Pierrick)
. Fixed bug #60282 (Segfault when using ob_gzhandler() with open buffers).
(Laruence)
. Fixed bug #60240 (invalid read/writes when unserializing specially crafted
strings). (Mike)
. Fixed bug #60227 (header() cannot detect the multi-line header with
CR(0x0D)). (rui)
. Fixed bug #60174 (Notice when array in method prototype error).
(Laruence)
. Fixed bug #60169 (Conjunction of ternary and list crashes PHP).
(Laruence)
. Fixed bug #60038 (SIGALRM cause segfault in php_error_cb). (Laruence)
(klightspeed at netspace dot net dot au)
. Fixed bug #55871 (Interruption in substr_replace()). (Stas)
. Fixed bug #55801 (Behavior of unserialize has changed). (Mike)
. Fixed bug #55758 (Digest Authenticate missed in 5.4) . (Laruence)
. Fixed bug #55748 (multiple NULL Pointer Dereference with zend_strndup())
(CVE-2011-4153). (Stas)
. Fixed bug #55124 (recursive mkdir fails with current (dot) directory in path).
(Pierre)
. Fixed bug #55084 (Function registered by header_register_callback is
called only once per process). (Hannes)
. Implement FR #54514 (Get php binary path during script execution).
(Laruence)
. Fixed bug #52211 (iconv() returns part of string on error). (Felipe)
. Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry)
- Improved generic SAPI support:
. Added $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision.
(Patrick)
. Added header_register_callback() which is invoked immediately
prior to the sending of headers and after default headers have
been added. (Scott)
. Added http_response_code() function. FR #52555. (Paul Dragoonis, Kalle)
. Fixed bug #55500 (Corrupted $_FILES indices lead to security concern).
(CVE-2012-1172). (Stas)
. Fixed bug #54374 (Insufficient validating of upload name leading to
corrupted $_FILES indices). (CVE-2012-1172). (Stas, lekensteyn at gmail dot com)
- Improved CLI SAPI:
. Added built-in web server that is intended for testing purpose.
(Moriyoshi, Laruence, and fixes by Pierre, Derick, Arpad,
chobieee at gmail dot com)
. Added command line option --rz <name> which shows information of the
named Zend extension. (Johannes)
. Interactive readline shell improvements: (Johannes)
. Added "cli.pager" php.ini setting to set a pager for output.
. Added "cli.prompt" php.ini setting to configure the shell prompt.
. Added shortcut #inisetting=value to change php.ini settings at run-time.
. Changed shell not to terminate on fatal errors.
. Interactive shell works with shared readline extension. FR #53878.
- Improved CGI/FastCGI SAPI: (Dmitry)
. Added apache compatible functions: apache_child_terminate(),
getallheaders(), apache_request_headers() and apache_response_headers()
. Improved performance of FastCGI request parsing.
. Fixed reinitialization of SAPI callbacks after php_module_startup().
(Dmitry)
- Improved PHP-FPM SAPI:
. Removed EXPERIMENTAL flag. (fat)
. Fixed bug #60659 (FPM does not clear auth_user on request accept).
(bonbons at linux-vserver dot org)
- Improved Litespeed SAPI:
. Fixed bug #55769 (Make Fails with "Missing Separator" error). (Adam)
- Improved Date extension:
. Added the + modifier to parseFromFormat to allow trailing text in the
string to parse without throwing an error. (Stas, Derick)
- Improved DBA extension:
. Added Tokyo Cabinet abstract DB support. (Michael Maclean)
. Added Berkeley DB 5 support. (Johannes, Chris Jones)
- Improved DOM extension:
. Added the ability to pass options to loadHTML (Chregu, fxmulder at gmail dot com)
- Improved filesystem functions:
. scandir() now accepts SCANDIR_SORT_NONE as a possible sorting_order value.
FR #53407. (Adam)
- Improved HASH extension:
. Added Jenkins's one-at-a-time hash support. (Martin Jansen)
. Added FNV-1 hash support. (Michael Maclean)
. Made Adler32 algorithm faster. FR #53213. (zavasek at yandex dot ru)
. Removed Salsa10/Salsa20, which are actually stream ciphers (Mike)
. Fixed bug #60221 (Tiger hash output byte order) (Mike)
- Improved intl extension:
. Added Spoofchecker class, allows checking for visibly confusable characters and
other security issues. (Scott)
. Added Transliterator class, allowing transliteration of strings.
(Gustavo)
. Added support for UTS #46. (Gustavo)
. Fixed build on Fedora 15 / Ubuntu 11. (Hannes)
. Fixed bug #55562 (grapheme_substr() returns false on big length). (Stas)
- Improved JSON extension:
. Added new json_encode() option JSON_UNESCAPED_UNICODE. FR #53946.
(Alexander, Gwynne)
. Added JsonSerializable interface. (Sara)
. Added JSON_BIGINT_AS_STRING, extended json_decode() sig with $options.
(Sara)
. Added support for JSON_NUMERIC_CHECK option in json_encode() that converts
numeric strings to integers. (Ilia)
. Added new json_encode() option JSON_UNESCAPED_SLASHES. FR #49366. (Adam)
. Added new json_encode() option JSON_PRETTY_PRINT. FR #44331. (Adam)
- Improved LDAP extension:
. Added paged results support. FR #42060. ([email protected],
- Improved mbstring extension:
. Added Shift_JIS/UTF-8 Emoji (pictograms) support. (Rui)
. Added JIS X0213:2004 (Shift_JIS-2004, EUC-JP-2004, ISO-2022-JP-2004)
support. (Rui)
. Ill-formed UTF-8 check for security enhancements. (Rui)
. Added MacJapanese (Shift_JIS) and gb18030 encoding support. (Rui)
. Added encode/decode in hex format to mb_[en|de]code_numericentity(). (Rui)
. Added user JIS X0213:2004 (Shift_JIS-2004, EUC-JP-2004, ISO-2022-JP-2004)
support. (Rui)
. Added the user defined area for CP936 and CP950 (Rui).
. Fixed bug #60306 (Characters lost while converting from cp936 to utf8).
(Laruence)
- Improved MySQL extensions:
. MySQL: Deprecated mysql_list_dbs(). FR #50667. (Andrey)
. mysqlnd: Added named pipes support. FR #48082. (Andrey)
. MySQLi: Added iterator support in MySQLi. mysqli_result implements
Traversable. (Andrey, Johannes)
. PDO_mysql: Removed support for linking with MySQL client libraries older
than 4.1. (Johannes)
. ext/mysql, mysqli and pdo_mysql now use mysqlnd by default. (Johannes)
. Fixed bug #55473 (mysql_pconnect leaks file descriptors on reconnect).
(Andrey, Laruence)
. Fixed bug #55653 (PS crash with libmysql when binding same variable as
param and out). (Laruence)
- Improved OpenSSL extension:
. Added AES support. FR #48632. (yonas dot y at gmail dot com, Pierre)
. Added no padding option to openssl_encrypt()/openssl_decrypt(). (Scott)
. Use php's implementation for Windows Crypto API in
openssl_random_pseudo_bytes. (Pierre)
. On error in openssl_random_pseudo_bytes() made sure we set strong result
to false. (Scott)
. Fixed possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389. (Scott)
. Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).
(me at ktamura dot com, Scott)
- Improved PDO:
. Fixed PDO objects binary incompatibility. (Dmitry)
- PDO DBlib driver:
. Added nextRowset support.
. Fixed bug #50755 (PDO DBLIB Fails with OOM).
- Improved PostgreSQL extension:
. Added support for "extra" parameter for PGNotify().
(r dot i dot k at free dot fr, Ilia)
- Improved PCRE extension:
. Changed third parameter of preg_match_all() to optional. FR #53238. (Adam)
- Improved Readline extension:
. Fixed bug #54450 (Enable callback support when built against libedit).
(fedora at famillecollet dot com, Hannes)
- Improved Reflection extension:
. Added ReflectionClass::newInstanceWithoutConstructor() to create a new
instance of a class without invoking its constructor. FR #55490.
(Sebastian)
. Added ReflectionExtension::isTemporary() and
ReflectionExtension::isPersistent() methods. (Johannes)
. Added ReflectionZendExtension class. (Johannes)
. Added ReflectionClass::isCloneable(). (Felipe)
- Improved Session extension:
. Expose session status via new function, session_status (FR #52982) (Arpad)
. Added support for object-oriented session handlers. (Arpad)
. Added support for storing upload progress feedback in session data. (Arnaud)
. Changed session.entropy_file to default to /dev/urandom or /dev/arandom if
either is present at compile time. (Rasmus)
. Fixed bug #60860 (session.save_handler=user without defined function core
dumps). (Felipe)
. Implement FR #60551 (session_set_save_handler should support a core's
session handler interface). (Arpad)
. Fixed bug #60640 (invalid return values). (Arpad)
- Improved SNMP extension (Boris Lytochkin):
. Added OO API. FR #53594 (php-snmp rewrite).
. Sanitized return values of existing functions. Now it returns FALSE on
failure.
. Allow ~infinite OIDs in GET/GETNEXT/SET queries. Autochunk them to max_oids
upon request.
. Introducing unit tests for extension with ~full coverage.
. IPv6 support. (FR #42918)
. Way of representing OID value can now be changed when SNMP_VALUE_OBJECT
is used for value output mode. Use or'ed SNMP_VALUE_LIBRARY(default if
not specified) or SNMP_VALUE_PLAIN. (FR #54502)
. Fixed bug #60749 (SNMP module should not strip non-standard SNMP port
from hostname). (Boris Lytochkin)
. Fixed bug #60585 (php build fails with USE flag snmp when IPv6 support
is disabled). (Boris Lytochkin)
. Fixed bug #53862 (snmp_set_oid_output_format does not allow returning to default)
. Fixed bug #46065 (snmp_set_quick_print() persists between requests)
. Fixed bug #45893 (Snmp buffer limited to 2048 char)
. Fixed bug #44193 (snmp v3 noAuthNoPriv doesn't work)
- Improved SOAP extension:
. Added new SoapClient option "keep_alive". FR #60329. (Pierrick)
. Fixed basic HTTP authentication for WSDL sub requests. (Dmitry)
- Improved SPL extension:
. Added RegexIterator::getRegex() method. (Joshua Thijssen)
. Added SplObjectStorage::getHash() hook. (Etienne)
. Added CallbackFilterIterator and RecursiveCallbackFilterIterator. (Arnaud)
. Added missing class_uses(..) as pointed out by #55266 (Stefan)
. Immediately reject wrong usages of directories under Spl(Temp)FileObject
and friends. (Etienne, Pierre)
. FilesystemIterator, GlobIterator and (Recursive)DirectoryIterator now use
the default stream context. (Hannes)
. Fixed bug #60201 (SplFileObject::setCsvControl does not expose third
argument via Reflection). (Peter)
. Fixed bug #55287 (spl_classes() not includes CallbackFilter classes)
(sasezaki at gmail dot com, salathe)
- Improved Sysvshm extension:
. Fixed bug #55750 (memory copy issue in sysvshm extension).
(Ilia, jeffhuang9999 at gmail dot com)
- Improved Tidy extension:
. Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference).
(Maksymilian Arciemowicz, Felipe)
- Improved Tokenizer extension:
. Fixed bug #54089 (token_get_all with regards to __halt_compiler is
not binary safe). (Nikita Popov)
- Improved XSL extension:
. Added XsltProcessor::setSecurityPrefs($options) and getSecurityPrefs() to
define forbidden operations within XSLT stylesheets, default is not to
enable write operations from XSLT. Bug #54446 (Chregu, Nicolas Gregoire)
. XSL doesn't stop transformation anymore, if a PHP function can't be called
(Christian)
- Improved ZLIB extension:
. Re-implemented non-file related functionality. (Mike)
. Fixed bug #55544 (ob_gzhandler always conflicts with zlib.output_compression).
(Mike)
02 Feb 2012, PHP 5.3.10
- Core:
. Fixed arbitrary remote code execution vulnerability reported by Stefan
Esser, CVE-2012-0830. (Stas, Dmitry)
10 Jan 2012, PHP 5.3.9
- Core:
. Added max_input_vars directive to prevent attacks based on hash collisions
(CVE-2011-4885) (Dmitry).
. Fixed bug #60205 (possible integer overflow in content_length). (Laruence)
. Fixed bug #60139 (Anonymous functions create cycles not detected by the
GC). (Dmitry)
. Fixed bug #60138 (GC crash with referenced array in RecursiveArrayIterator)
(Dmitry).
. Fixed bug #60120 (proc_open's streams may hang with stdin/out/err when
the data exceeds or is equal to 2048 bytes). (Pierre, Pascal Borreli)
. Fixed bug #60099 (__halt_compiler() works in braced namespaces). (Felipe)
. Fixed bug #60019 (Function time_nanosleep() is undefined on OS X). (Ilia)
. Fixed bug #55874 (GCC does not provide __sync_fetch_and_add on some archs).
(klightspeed at netspace dot net dot au)
. Fixed bug #55798 (serialize followed by unserialize with numeric object
prop. gives integer prop). (Gustavo)
. Fixed bug #55749 (TOCTOU issue in getenv() on Windows builds). (Pierre)
. Fixed bug #55707 (undefined reference to `__sync_fetch_and_add_4' on Linux
parisc). (Felipe)
. Fixed bug #55674 (fgetcsv & str_getcsv skip empty fields in some
tab-separated records). (Laruence)
. Fixed bug #55649 (Undefined function Bug()). (Laruence)
. Fixed bug #55622 (memory corruption in parse_ini_string). (Pierre)
. Fixed bug #55576 (Cannot conditionally move uploaded file without race
condition). (Gustavo)
. Fixed bug #55510: $_FILES 'name' missing first character after upload.
(Arpad)
. Fixed bug #55509 (segfault on x86_64 using more than 2G memory). (Laruence)
. Fixed bug #55504 (Content-Type header is not parsed correctly on
HTTP POST request). (Hannes)
. Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to
is_a and is_subclass_of). (alan_k)
. Fixed bug #52461 (Incomplete doctype and missing xmlns).
(virsacer at web dot de, Pierre)
. Fixed bug #55366 (keys lost when using substr_replace an array). (Arpad)
. Fixed bug #55273 (base64_decode() with strict rejects whitespace after
pad). (Ilia)
. Fixed bug #52624 (tempnam() by-pass open_basedir with nonnexistent
directory). (Felipe)
. Fixed bug #50982 (incorrect assumption of PAGE_SIZE size). (Dmitry)
. Fixed invalid free in call_user_method() function. (Felipe)
. Fixed bug #43200 (Interface implementation / inheritence not possible in
abstract classes). (Felipe)
- BCmath:
. Fixed bug #60377 (bcscale related crashes on 64bits platforms). (shm)
- Calendar:
. Fixed bug #55797 (Integer overflow in SdnToGregorian leads to segfault (in
optimized builds). (Gustavo)
- cURL:
. Fixed bug #60439 (curl_copy_handle segfault when used with
CURLOPT_PROGRESSFUNCTION). (Pierrick)
. Fixed bug #54798 (Segfault when CURLOPT_STDERR file pointer is closed
before calling curl_exec). (Hannes)
. Fixed issues were curl_copy_handle() would sometimes lose copied
preferences. (Hannes)
- DateTime:
. Fixed bug #60373 (Startup errors with log_errors on cause segfault).
(Derick)
. Fixed bug #60236 (TLA timezone dates are not converted properly from
timestamp). (Derick)
. Fixed bug #55253 (DateTime::add() and sub() result -1 hour on objects with
time zone type 2). (Derick)
. Fixed bug #54851 (DateTime::createFromFormat() doesn't interpret "D").
(Derick)
. Fixed bug #53502 (strtotime with timezone memory leak). (Derick)
. Fixed bug #52062 (large timestamps with DateTime::getTimestamp and
DateTime::setTimestamp). (Derick)
. Fixed bug #51994 (date_parse_from_format is parsing invalid date using 'yz'
format). (Derick)
. Fixed bug #52113 (Seg fault while creating (by unserialization)
DatePeriod). (Derick)
. Fixed bug #48476 (cloning extended DateTime class without calling
parent::__constr crashed PHP). (Hannes)
- EXIF:
. Fixed bug #60150 (Integer overflow during the parsing of invalid exif
header). (CVE-2011-4566) (Stas, flolechaud at gmail dot com)
- Fileinfo:
. Fixed bug #60094 (C++ comment fails in c89). (Laruence)
. Fixed possible memory leak in finfo_open(). (Felipe)
. Fixed memory leak when calling the Finfo constructor twice. (Felipe)
- Filter:
. Fixed Bug #55478 (FILTER_VALIDATE_EMAIL fails with internationalized
domain name addresses containing >1 -). (Ilia)
- FTP:
. Fixed bug #60183 (out of sync ftp responses). (bram at ebskamp dot me,
rasmus)
- Gd:
. Fixed bug #60160 (imagefill() doesn't work correctly
for small images). (Florian)
- Intl:
. Fixed bug #60192 (SegFault when Collator not constructed
properly). (Florian)
. Fixed memory leak in several Intl locale functions. (Felipe)
- Json:
. Fixed bug #55543 (json_encode() with JSON_NUMERIC_CHECK fails on objects
with numeric string properties). (Ilia, dchurch at sciencelogic dot com)
- Mbstring:
. Fixed possible crash in mb_ereg_search_init() using empty pattern. (Felipe)
- MS SQL:
. Fixed bug #60267 (Compile failure with freetds 0.91). (Felipe)
- MySQL:
. Fixed bug #55550 (mysql.trace_mode miscounts result sets). (Johannes)
- MySQLi extension:
. Fixed bug #55859 (mysqli->stat property access gives error). (Andrey)
. Fixed bug #55582 (mysqli_num_rows() returns always 0 for unbuffered, when
mysqlnd is used). (Andrey)
. Fixed bug #55703 (PHP crash when calling mysqli_fetch_fields).
(eran at zend dot com, Laruence)
- mysqlnd
. Fixed bug #55609 (mysqlnd cannot be built shared). (Johannes)
. Fixed bug #55067 (MySQL doesn't support compression - wrong config option).
(Andrey)
- NSAPI SAPI:
. Don't set $_SERVER['HTTPS'] on unsecure connection (bug #55403). (Uwe
Schindler)
- OpenSSL:
. Fixed bug #60279 (Fixed NULL pointer dereference in
stream_socket_enable_crypto, case when ssl_handle of session_stream is not
initialized.) (shm)
. Fix segfault with older versions of OpenSSL. (Scott)
- Oracle Database extension (OCI8):
. Fixed bug #59985 (show normal warning text for OCI_NO_DATA).
(Chris Jones)
. Increased maximum Oracle error message buffer length for new 11.2.0.3 size.
(Chris Jones)
. Improve internal initalization failure error messages. (Chris Jones)
- PDO
. Fixed bug #55776 (PDORow to session bug). (Johannes)
- PDO Firebird:
. Fixed bug #48877 ("bindValue" and "bindParam" do not work for PDO Firebird).
(Mariuz)
. Fixed bug #47415 (PDO_Firebird segfaults when passing lowercased column name to bindColumn).
. Fixed bug #53280 (PDO_Firebird segfaults if query column count less than param count).
(Mariuz)
- PDO MySQL driver:
. Fixed bug #60155 (pdo_mysql.default_socket ignored). (Johannes)
. Fixed bug #55870 (PDO ignores all SSL parameters when used with mysql
native driver). (Pierre)
. Fixed bug #54158 (MYSQLND+PDO MySQL requires #define
MYSQL_OPT_LOCAL_INFILE). (Andrey)
- PDO OCI driver:
. Fixed bug #55768 (PDO_OCI can't resume Oracle session after it's been
killed). (mikhail dot v dot gavrilov at gmail dot com, Chris Jones, Tony)
- Phar:
. Fixed bug #60261 (NULL pointer dereference in phar). (Felipe)
. Fixed bug #60164 (Stubs of a specific length break phar_open_from_fp
scanning for __HALT_COMPILER). (Ralph Schindler)
. Fixed bug #53872 (internal corruption of phar). (Hannes)
. Fixed bug #52013 (Unable to decompress files in a compressed phar). (Hannes)
- PHP-FPM SAPI:
. Dropped restriction of not setting the same value multiple times, the last
one holds. (giovanni at giacobbi dot net, fat)
. Added .phar to default authorized extensions. (fat)
. Fixed bug #60659 (FPM does not clear auth_user on request accept).
(bonbons at linux-vserver dot org)
. Fixed bug #60629 (memory corruption when web server closed the fcgi fd).
(fat)
. Enhance error log when the primary script can't be open. FR #60199. (fat)
. Fixed bug #60179 (php_flag and php_value does not work properly). (fat)
. Fixed bug #55577 (status.html does not install). (fat)
. Fixed bug #55533 (The -d parameter doesn't work). (fat)
. Fixed bug #55526 (Heartbeat causes a lot of unnecessary events). (fat)
. Fixed bug #55486 (status show BIG processes number). (fat)
. Enhanced security by limiting access to user defined extensions.
FR #55181. (fat)
. Added process.max to control the number of process FPM can fork. FR #55166.
(fat)
. Implemented FR #54577 (Enhanced status page with full status and details
about each processes. Also provide a web page (status.html) for
real-time FPM status. (fat)
. Lowered default value for Process Manager. FR #54098. (fat)
. Implemented FR #52569 (Add the "ondemand" process-manager
to allow zero children). (fat)
. Added partial syslog support (on error_log only). FR #52052. (fat)
- Postgres:
. Fixed bug #60244 (pg_fetch_* functions do not validate that row param
is >0). (Ilia)
- Reflection:
. Fixed bug #60367 (Reflection and Late Static Binding). (Laruence)
- Session:
. Fixed bug #55267 (session_regenerate_id fails after header sent). (Hannes)
- SimpleXML:
. Reverted the SimpleXML->query() behaviour to returning empty arrays
instead of false when no nodes are found as it was since 5.3.3
(bug #48601). (chregu, rrichards)
- SOAP
. Fixed bug #54911 (Access to a undefined member in inherit SoapClient may
cause Segmentation Fault). (Dmitry)
. Fixed bug #48216 (PHP Fatal error: SOAP-ERROR: Parsing WSDL:
Extra content at the end of the doc, when server uses chunked transfer
encoding with spaces after chunk size). (Dmitry)
. Fixed bug #44686 (SOAP-ERROR: Parsing WSDL with references). (Dmitry)
- Sockets:
. Fixed bug #60048 (sa_len a #define on IRIX). (china at thewrittenword dot
com)
- SPL:
. Fixed bug #60082 (Crash in ArrayObject() when using recursive references).
(Tony)
. Fixed bug #55807 (Wrong value for splFileObject::SKIP_EMPTY).
(jgotti at modedemploi dot fr, Hannes)
. Fixed bug #54304 (RegexIterator::accept() doesn't work with scalar values).
(Hannes)
- Streams:
. Fixed bug #60455 (stream_get_line misbehaves if EOF is not detected together
with the last read). (Gustavo)
- Tidy:
. Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference).
(Maksymilian Arciemowicz, Felipe)
- XSL:
. Added xsl.security_prefs ini option to define forbidden operations within
XSLT stylesheets, default is not to enable write operations. This option
won't be in 5.4, since there's a new method. Fixes Bug #54446. (Chregu,
Nicolas Gregoire)
23 Aug 2011, PHP 5.3.8
- Core:
. Fixed bug #55439 (crypt() returns only the salt for MD5). (Stas)
- OpenSSL:
. Reverted a change in timeout handling restoring PHP 5.3.6 behavior,
as the new behavior caused mysqlnd SSL connections to hang (#55283).
(Pierre, Andrey, Johannes)
18 Aug 2011, PHP 5.3.7
- Upgraded bundled SQLite to version 3.7.7.1. (Scott)
- Upgraded bundled PCRE to version 8.12. (Scott)
- Zend Engine:
. Fixed bug #55156 (ReflectionClass::getDocComment() returns comment even
though the class has none). (Felipe)
. Fixed bug #55007 (compiler fail after previous fail). (Felipe)
. Fixed bug #54910 (Crash when calling call_user_func with unknown function
name). (Dmitry)
. Fixed bug #54804 (__halt_compiler and imported namespaces).
(Pierrick, Felipe)
. Fixed bug #54624 (class_alias and type hint). (Felipe)
. Fixed bug #54585 (track_errors causes segfault). (Dmitry)
. Fixed bug #54423 (classes from dl()'ed extensions are not destroyed).
(Tony, Dmitry)
. Fixed bug #54372 (Crash accessing global object itself returned from its
__get() handle). (Dmitry)
. Fixed bug #54367 (Use of closure causes problem in ArrayAccess). (Dmitry)
. Fixed bug #54358 (Closure, use and reference). (Dmitry)
. Fixed bug #54262 (Crash when assigning value to a dimension in a non-array).
(Dmitry)
. Fixed bug #54039 (use() of static variables in lambda functions can break
staticness). (Dmitry)
- Core
. Updated crypt_blowfish to 1.2. ((CVE-2011-2483) (Solar Designer)
. Removed warning when argument of is_a() or is_subclass_of() is not
a known class. (Stas)
. Fixed crash in error_log(). (Felipe) Reported by Mateusz Kocielski.
. Added PHP_MANDIR constant telling where the manpages were installed into,
and an --man-dir argument to php-config. (Hannes)
. Fixed a crash inside dtor for error handling. (Ilia)
. Fixed buffer overflow on overlog salt in crypt(). (Clément LECIGNE, Stas)
. Implemented FR #54459 (Range function accuracy). (Adam)
. Fixed bug #55399 (parse_url() incorrectly treats ':' as a valid path).
(Ilia)
. Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off).
(Dmitry)
. Fixed bug #55295 [NEW]: popen_ex on windows, fixed possible heap overflow
(Pierre)
. Fixed bug #55258 (Windows Version Detecting Error).
( xiaomao5 at live dot com, Pierre)
. Fixed bug #55187 (readlink returns weird characters when false result).
(Pierre)
. Fixed bug #55082 (var_export() doesn't escape properties properly).
(Gustavo)
. Fixed bug #55014 (Compile failure due to improper use of ctime_r()). (Ilia)
. Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload
filename). (Felipe) Reported by Krzysztof Kotowicz. (CVE-2011-2202)
. Fixed bug #54935 php_win_err can lead to crash. (Pierre)
. Fixed bug #54924 (assert.* is not being reset upon request shutdown). (Ilia)
. Fixed bug #54895 (Fix compiling with older gcc version without need for
membar_producer macro). (mhei at heimpold dot de)
. Fixed bug #54866 (incorrect accounting for realpath_cache_size).
(Dustin Ward)
. Fixed bug #54723 (getimagesize() doesn't check the full ico signature).
(Scott)
. Fixed bug #54721 (Different Hashes on Windows, BSD and Linux on wrong Salt
size). (Pierre, os at irj dot ru)
. Fixed bug #54580 (get_browser() segmentation fault when browscap ini
directive is set through php_admin_value). (Gustavo)
. Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption). (Dmitry)
. Fixed bug #54305 (Crash in gc_remove_zval_from_buffer). (Dmitry)
. Fixed bug #54238 (use-after-free in substr_replace()). (Stas)
(CVE-2011-1148)
. Fixed bug #54204 (Can't set a value with a PATH section in php.ini).
(Pierre)
. Fixed bug #54180 (parse_url() incorrectly parses path when ? in fragment).
(tomas dot brastavicius at quantum dot lt, Pierrick)
. Fixed bug #54137 (file_get_contents POST request sends additional line
break). (maurice-php at mertinkat dot net, Ilia)
. Fixed bug #53848 (fgetcsv() ignores spaces at beginnings of fields). (Ilia)
. Alternative fix for bug #52550, as applied to the round() function (signed
overflow), as the old fix impacted the algorithm for numbers with magnitude
smaller than 0. (Gustavo)
. Fixed bug #53727 (Inconsistent behavior of is_subclass_of with interfaces)
(Ralph Schindler, Dmitry)
. Fixed bug #52935 (call exit in user_error_handler cause stream relate
core). (Gustavo)
. Fixed bug #51997 (SEEK_CUR with 0 value, returns a warning). (Ilia)
. Fixed bug #50816 (Using class constants in array definition fails).
(Pierrick, Dmitry)
. Fixed bug #50363 (Invalid parsing in convert.quoted-printable-decode
filter). (slusarz at curecanti dot org)
. Fixed bug #48465 (sys_get_temp_dir() possibly inconsistent when using
TMPDIR on Windows). (Pierre)
- Apache2 Handler SAPI:
. Fixed bug #54529 (SAPI crashes on apache_config.c:197).
(hebergement at riastudio dot fr)
- CLI SAPI:
. Fixed bug #52496 (Zero exit code on option parsing failure). (Ilia)
- cURL extension:
. Added ini option curl.cainfo (support for custom cert db). (Pierre)
. Added CURLINFO_REDIRECT_URL support. (Daniel Stenberg, Pierre)
. Added support for CURLOPT_MAX_RECV_SPEED_LARGE and
CURLOPT_MAX_SEND_SPEED_LARGE. FR #51815. (Pierrick)
- DateTime extension:
. Fixed bug where the DateTime object got changed while using date_diff().
(Derick)
. Fixed bug #54340 (DateTime::add() method bug). (Adam)
. Fixed bug #54316 (DateTime::createFromFormat does not handle trailing '|'
correctly). (Adam)
. Fixed bug #54283 (new DatePeriod(NULL) causes crash). (Felipe)
. Fixed bug #51819 (Case discrepancy in timezone names cause Uncaught
exception and fatal error). (Hannes)
- DBA extension:
. Supress warning on non-existent file open with Berkeley DB 5.2. (Chris Jones)
. Fixed bug #54242 (dba_insert returns true if key already exists). (Felipe)
- Exif extesion:
. Fixed bug #54121 (error message format string typo). (Ilia)
- Fileinfo extension:
. Fixed bug #54934 (Unresolved symbol strtoull in HP-UX 11.11). (Felipe)
- Filter extension:
. Added 3rd parameter to filter_var_array() and filter_input_array()
functions that allows disabling addition of empty elements. (Ilia)
. Fixed bug #53037 (FILTER_FLAG_EMPTY_STRING_NULL is not implemented). (Ilia)
- Interbase extension:
. Fixed bug #54269 (Short exception message buffer causes crash). (Felipe)
- intl extension:
. Implemented FR #54561 (Expose ICU version info). (David Zuelke, Ilia)
. Implemented FR #54540 (Allow loading of arbitrary resource bundles when
fallback is disabled). (David Zuelke, Stas)
- Imap extension:
. Fixed bug #55313 (Number of retries not set when params specified).
(kevin at kevinlocke dot name)
- json extension:
. Fixed bug #54484 (Empty string in json_decode doesn't reset
json_last_error()). (Ilia)
- LDAP extension:
. Fixed bug #53339 (Fails to build when compilng with gcc 4.5 and DSO
libraries). (Clint Byrum, Raphael)
- libxml extension:
. Fixed bug #54601 (Removing the doctype node segfaults). (Hannes)
. Fixed bug #54440 (libxml extension ignores default context). (Gustavo)
- mbstring extension:
. Fixed bug #54494 (mb_substr() mishandles UTF-32LE and UCS-2LE). (Gustavo)
- MCrypt extension:
. Change E_ERROR to E_WARNING in mcrypt_create_iv when not enough data
has been fetched (Windows). (Pierre)
. Fixed bug #55169 (mcrypt_create_iv always fails to gather sufficient random
data on Windows). (Pierre)
- mysqlnd
. Fixed crash when using more than 28,000 bound parameters. Workaround is to
set mysqlnd.net_cmd_buffer_size to at least 9000. (Andrey)
. Fixed bug #54674 mysqlnd valid_sjis_(head|tail) is using invalid operator
and range). (nihen at megabbs dot com, Andrey)
- MySQLi extension:
. Fixed bug #55283 (SSL options set by mysqli_ssl_set ignored for MySQLi
persistent connections). (Andrey)
. Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries).
(Andrey)
- OpenSSL extension:
. openssl_encrypt()/openssl_decrypt() truncated keys of variable length
ciphers to the OpenSSL default for the algorithm. (Scott)
. On blocking SSL sockets respect the timeout option where possible.
(Scott)
. Fixed bug #54992 (Stream not closed and error not returned when SSL
CN_match fails). (Gustavo, laird_ngrps at dodo dot com dot au)
- Oracle Database extension (OCI8):
. Added oci_client_version() returning the runtime Oracle client library
version. (Chris Jones)
. PCRE extension:
. Increased the backtrack limit from 100000 to 1000000 (Rasmus)