forked from php/php-src
-
Notifications
You must be signed in to change notification settings - Fork 0
/
NEWS
7613 lines (7146 loc) · 380 KB
/
NEWS
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
?? ??? 2012, PHP 5.4.9
?? ??? 2012, PHP 5.4.8
- CLI server:
. Implemented FR #63242 (Default error page in PHP built-in web server uses
outdated html/css). ([email protected])
. Changed response to unknown HTTP method to 501 according to RFC.
(Niklas Lindgren).
. Support HTTP PATCH method. Patch by Niklas Lindgren, GitHub PR #190.
(Lars)
- Core:
. Fixed bug #63219 (Segfault when aliasing trait method when autoloader
throws excpetion). (Laruence)
. Added optional second argument for assert() to specify custom message. Patch
by Lonny Kapelushnik ([email protected]). (Lars)
. Support building PHP with the native client toolchain. (Stuart Langley)
. Added --offline option for tests. (Remi)
. Fixed bug #63162 (parse_url does not match password component). (husman)
. Fixed bug #63111 (is_callable() lies for abstract static method). (Dmitry)
. Fixed bug #63093 (Segfault while load extension failed in zts-build).
(Laruence)
. Fixed bug #62976 (Notice: could not be converted to int when comparing
some builtin classes). (Laruence)
. Fixed bug #62955 (Only one directive is loaded from "Per Directory Values"
Windows registry). (aserbulov at parallels dot com)
. Fixed bug #62907 (Double free when use traits). (Dmitry)
. Fixed bug #61767 (Shutdown functions not called in certain error
situation). (Dmitry)
. Fixed bug #60909 (custom error handler throwing Exception + fatal error
= no shutdown function). (Dmitry)
. Fixed bug #60723 (error_log error time has changed to UTC ignoring default
timezone). (Laruence)
- cURL:
. Fixed bug #62085 (file_get_contents a remote file by Curl wrapper will
cause cpu Soaring). (Pierrick)
- Date:
. Fixed bug #62896 ("DateTime->modify('+0 days')" modifies DateTime object)
(Lonny Kapelushnik)
. Fixed bug #62561 (DateTime add 'P1D' adds 25 hours). (Lonny Kapelushnik)
- DOM:
. Fixed bug #63015 (Incorrect arginfo for DOMErrorHandler). (Rob)
- FPM:
. Fixed bug #62954 (startup problems fpm / php-fpm). (fat)
. Fixed bug #62886 (PHP-FPM may segfault/hang on startup). (fat)
. Fixed bug #63085 (Systemd integration and daemonize). (remi, fat)
. Fixed bug #62947 (Unneccesary warnings on FPM). (fat)
. Fixed bug #62887 (Only /status?plain&full gives "last request cpu"). (fat)
. Fixed bug #62216 (Add PID to php-fpm init.d script). (fat)
- OpenSSL:
. Implemented FR #61421 (OpenSSL signature verification missing RMD160,
SHA224, SHA256, SHA384, SHA512). (Mark Jones)
- PDO:
. Fixed bug #63235 (buffer overflow in use of SQLGetDiagRec).
(Martin Osvald, Remi)
- SOAP
. Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice).
(Dmitry)
- SPL:
. Bug #62987 (Assigning to ArrayObject[null][something] overrides all
undefined variables). (Laruence)
- mbstring:
. Allow passing null as a default value to mb_substr() and mb_strcut(). Patch
by Alexander Moskaliov via GitHub PR #133. (Lars)
- Filter extension:
. Bug #49510: Boolean validation fails with FILTER_NULL_ON_FAILURE with empty
string or false. (Lars)
- Sockets
. Fixed bug #63000 (MCAST_JOIN_GROUP on OSX is broken, merge of PR 185 by
Igor Wiedler). (Lars)
13 Sep 2012, PHP 5.4.7
- Core:
. Fixed bug (segfault while build with zts and GOTO vm-kind). (Laruence)
. Fixed bug #62844 (parse_url() does not recognize //). (Andrew Faulds).
. Fixed bug #62829 (stdint.h included on platform where HAVE_STDINT_H is not
set). (Felipe)
. Fixed bug #62763 (register_shutdown_function and extending class).
(Laruence)
. Fixed bug #62725 (Calling exit() in a shutdown function does not return
the exit value). (Laruence)
. Fixed bug #62744 (dangling pointers made by zend_disable_class). (Laruence)
. Fixed bug #62716 (munmap() is called with the incorrect length).
. Fixed bug #62358 (Segfault when using traits a lot). (Laruence)
. Fixed bug #62328 (implementing __toString and a cast to string fails)
(Laruence)
. Fixed bug #51363 (Fatal error raised by var_export() not caught by error
handler). (Lonny Kapelushnik)
. Fixed bug #40459 (Stat and Dir stream wrapper methods do not call
constructor). (Stas)
- CURL:
. Fixed bug #62912 (CURLINFO_PRIMARY_* AND CURLINFO_LOCAL_* not exposed).
(Pierrick)
. Fixed bug #62839 (curl_copy_handle segfault with CURLOPT_FILE). (Pierrick)
- Intl:
. Fixed Spoofchecker not being registered on ICU 49.1. (Gustavo)
. Fix bug #62933 (ext/intl compilation error on icu 3.4.1). (Gustavo)
. Fix bug #62915 (defective cloning in several intl classes). (Gustavo)
- Installation:
. Fixed bug #62460 (php binaries installed as binary.dSYM). (Reeze Xia)
- PCRE:
. Fixed bug #55856 (preg_replace should fail on trailing garbage).
(reg dot php at alf dot nu)
- PDO:
. Fixed bug #62685 (Wrong return datatype in PDO::inTransaction()). (Laruence)
- Reflection:
. Fixed bug #62892 (ReflectionClass::getTraitAliases crashes on importing
trait methods as private). (Felipe)
. Fixed bug #62715 (ReflectionParameter::isDefaultValueAvailable() wrong
result). (Laruence)
- Session:
. Fixed bug (segfault due to retval is not initialized). (Laruence)
. Fixed bug (segfault due to PS(mod_user_implemented) not be reseted
when close handler call exit). (Laruence)
- SOAP
. Fixed bug #50997 (SOAP Error when trying to submit 2nd Element of a choice).
(Dmitry)
- SPL:
. Fixed bug #62904 (Crash when cloning an object which inherits SplFixedArray)
(Laruence)
. Implemented FR #62840 (Add sort flag to ArrayObject::ksort). (Laruence)
- Standard:
. Fixed bug #62836 (Seg fault or broken object references on unserialize()).
(Laruence)
- FPM:
. Merged PR 121 by minitux to add support for slow request counting on PHP
FPM status page. (Lars)
16 Aug 2012, PHP 5.4.6
- CLI Server:
. Implemented FR #62700 (have the console output 'Listening on
http://localhost:8000'). ([email protected])
- Core:
. Fixed bug #62661 (Interactive php-cli crashes if include() is used in
auto_prepend_file). (Laruence)
. Fixed bug #62653: (unset($array[$float]) causes a crash). (Nikita Popov,
Laruence)
. Fixed bug #62565 (Crashes due non-initialized internal properties_table).
(Felipe)
. Fixed bug #60194 (--with-zend-multibyte and --enable-debug reports LEAK
with run-test.php). (Laruence)
- CURL:
. Fixed bug #62499 (curl_setopt($ch, CURLOPT_COOKIEFILE, "") returns false).
([email protected], Laruence)
- DateTime:
. Fixed Bug #62500 (Segfault in DateInterval class when extended). (Laruence)
- Fileinfo:
. Fixed bug #61964 (finfo_open with directory causes invalid free).
- Intl:
. Fixed bug #62564 (Extending MessageFormatter and adding property causes
crash). (Felipe)
- MySQLnd:
. Fixed bug #62594 (segfault in mysqlnd_res_meta::set_mode). (Laruence)
- readline:
. Fixed bug #62612 (readline extension compilation fails with
sapi/cli/cli.h: No such file). (Johannes)
- Reflection:
. Implemented FR #61602 (Allow access to name of constant used as default
value). ([email protected])
- SimpleXML:
. Implemented FR #55218 Get namespaces from current node. (Lonny)
- SPL:
. Fixed bug #62616 (ArrayIterator::count() from IteratorIterator instance
gives Segmentation fault). (Laruence, Gustavo)
. Fixed bug #61527 (ArrayIterator gives misleading notice on next() when
moved to the end). ([email protected])
- Streams:
. Fixed bug #62597 (segfault in php_stream_wrapper_log_error with ZTS build).
(Laruence)
- Zlib:
. Fixed bug #55544 (ob_gzhandler always conflicts with
zlib.output_compression). (Laruence)
19 Jul 2012, PHP 5.4.5
- Core:
. Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed
Salt). (Anthony Ferrara)
. Fixed bug #62432 (ReflectionMethod random corrupt memory on high
concurrent). (Johannes)
. Fixed bug #62373 (serialize() generates wrong reference to the object).
(Moriyoshi)
. Fixed bug #62357 (compile failure: (S) Arguments missing for built-in
function __memcmp). (Laruence)
. Fixed bug #61998 (Using traits with method aliases appears to result in
crash during execution). (Dmitry)
. Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that
includes a semi-colon). (Pierrick)
. Fixed potential overflow in _php_stream_scandir (CVE-2012-2688).
(Jason Powell, Stas)
- EXIF:
. Fixed information leak in ext exif (discovered by Martin Noga,
Matthew "j00ru" Jurczyk, Gynvael Coldwind)
- FPM:
. Fixed bug #62205 (php-fpm segfaults (null passed to strstr)). (fat)
. Fixed bug #62160 (Add process.priority to set nice(2) priorities). (fat)
. Fixed bug #62153 (when using unix sockets, multiples FPM instances
. Fixed bug #62033 (php-fpm exits with status 0 on some failures to start).
(fat)
. Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm). (fat)
. Fixed bug #61835 (php-fpm is not allowed to run as root). (fat)
. Fixed bug #61295 (php-fpm should not fail with commented 'user'
. Fixed bug #61218 (FPM drops connection while receiving some binary values
in FastCGI requests). (fat)
. Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat)
for non-root start). (fat)
. Fixed bug #61026 (FPM pools can listen on the same address). (fat)
can be launched without errors). (fat)
- Iconv:
. Fix bug #55042 (Erealloc in iconv.c unsafe). (Stas)
- Intl:
. Fixed bug #62083 (grapheme_extract() memory leaks). (Gustavo)
. ResourceBundle constructor now accepts NULL for the first two arguments.
(Gustavo)
. Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called
twice). (Gustavo)
. Fixed bug #62070 (Collator::getSortKey() returns garbage). (Gustavo)
. Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks
pattern). (Gustavo)
. Fixed bug #60785 (memory leak in IntlDateFormatter constructor). (Gustavo)
- JSON:
. Fixed bug #61359 (json_encode() calls too many reallocs). (Stas)
- libxml:
. Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM
SAPI). (Gustavo)
- Phar:
. Fixed bug #62227 (Invalid phar stream path causes crash). (Felipe)
- Readline:
. Fixed bug #62186 (readline fails to compile - void function should not
return a value). (Johannes)
- Reflection:
. Fixed bug #62384 (Attempting to invoke a Closure more than once causes
segfault). (Felipe)
. Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks
with constant). (Laruence)
- Sockets:
. Fixed bug #62025 (__ss_family was changed on AIX 5.3). (Felipe)
- SPL:
. Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to
dot files). (Laruence)
. Fixed bug #62262 (RecursiveArrayIterator does not implement Countable).
(Nikita Popov)
- XML Writer:
. Fixed bug #62064 (memory leak in the XML Writer module).
(jean-pierre dot lozi at lip6 dot fr)
- Zip:
. Upgraded libzip to 0.10.1 (Anatoliy)
14 Jun 2012, PHP 5.4.4
- COM:
. Fixed bug #62146 com_dotnet cannot be built shared. (Johannes)
- CLI Server:
. Implemented FR #61977 (Need CLI web-server support for files with .htm &
svg extensions). (Sixd, Laruence)
. Improved performance while sending error page, this also fixed
bug #61785 (Memory leak when access a non-exists file without router).
(Laruence)
. Fixed bug #61546 (functions related to current script failed when chdir()
in cli sapi). (Laruence, [email protected])
- Core:
. Fixed missing bound check in iptcparse(). (chris at chiappa.net)
. Fixed CVE-2012-2143. (Solar Designer)
. Fixed bug #62097 (fix for for bug #54547). (Gustavo)
. Fixed bug #62005 (unexpected behavior when incrementally assigning to a
member of a null object). (Laruence)
. Fixed bug #61978 (Object recursion not detected for classes that implement
JsonSerializable). (Felipe)
. Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy)
. Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config).
(Laruence)
. Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy)
. Fixed bug #61782 (__clone/__destruct do not match other methods when checking
access controls). (Stas)
. Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo)
. Fixed bug #61761 ('Overriding' a private static method with a different
signature causes crash). (Laruence)
. Fixed bug #61730 (Segfault from array_walk modifying an array passed by
reference). (Laruence)
. Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown
phase). (Laruence)
. Fixed bug #61713 (Logic error in charset detection for htmlentities).
(Anatoliy)
. Fixed bug #61660 (bin2hex(hex2bin($data)) != $data). (Nikita Popov)
. Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables
(without apache2)). (Laruence)
. Fixed bug #61605 (header_remove() does not remove all headers). (Laruence)
. Fixed bug #54547 (wrong equality of string numbers). (Gustavo)
. Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename
set to null). (Anatoliy)
. Changed php://fd to be available only for CLI.
- CURL:
. Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
(Laruence)
- Fileinfo
. Fixed bug #61812 (Uninitialised value used in libmagic).
(Laruence, Gustavo)
. Fixed bug #61566 failure caused by the posix lseek and read versions
under windows in cdf_read(). (Anatoliy)
. Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a
directory descriptor under windows. (Anatoliy)
- Intl
. Fixed bug #62082 (Memory corruption in internal function
get_icu_disp_value_src_php()). (Gustavo)
- Libxml:
. Fixed bug #61617 (Libxml tests failed(ht is already destroyed)).
(Laruence)
- PDO:
. Fixed bug #61755 (A parsing bug in the prepared statements can lead to
access violations). (Johannes)
- Phar:
. Fixed bug #61065 (Secunia SA44335, CVE-2012-2386). (Rasmus)
- Pgsql:
. Added pg_escape_identifier/pg_escape_literal. (Yasuo Ohgaki)
- Streams:
. Fixed bug #61961 (file_get_contents leaks when access empty file with
maxlen set). (Reeze)
- Zlib:
. Fixed bug #61820 (using ob_gzhandler will complain about headers already
sent when no compression). (Mike)
. Fixed bug #61443 (can't change zlib.output_compression on the fly). (Mike)
. Fixed bug #60761 (zlib.output_compression fails on refresh). (Mike)
08 May 2012, PHP 5.4.3
- CGI
. Re-Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823.
(Stas)
. Fix bug #61807 - Buffer Overflow in apache_request_headers.
(nyt-php at countercultured dot net).
03 May 2012, PHP 5.4.2
- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus)
26 Apr 2012, PHP 5.4.1
- CLI Server:
. Fixed bug #61461 (missing checks around malloc() calls). (Ilia)
. Implemented FR #60850 (Built in web server does not set
$_SERVER['SCRIPT_FILENAME'] when using router). (Laruence)
. "Connection: close" instead of "Connection: closed" (Gustavo)
- Core:
. Fixed crash in ZTS using same class in many threads. (Johannes)
. Fixed bug #61374 (html_entity_decode tries to decode code points that don't
exist in ISO-8859-1). (Gustavo)
. Fixed bug #61273 (call_user_func_array with more than 16333 arguments
leaks / crashes). (Laruence)
. Fixed bug #61225 (Incorrect lexing of 0b00*+<NUM>). (Pierrick)
. Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
. Fixed bug #61106 (Segfault when using header_register_callback). (Nikita
Popov)
. Fixed bug #61087 (Memory leak in parse_ini_file when specifying
invalid scanner mode). (Nikic, Laruence)
. Fixed bug #61072 (Memory leak when restoring an exception handler).
(Nikic, Laruence)
. Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
(Laruence)
. Fixed bug #61052 (Missing error check in trait 'insteadof' clause). (Stefan)
. Fixed bug #61011 (Crash when an exception is thrown by __autoload
accessing a static property). (Laruence)
. Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical
vars). (Laruence)
. Fixed bug #60978 (exit code incorrect). (Laruence)
. Fixed bug #60911 (Confusing error message when extending traits). (Stefan)
. Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
. Fixed bug #60717 (Order of traits in use statement can cause a fatal
error). (Stefan)
. Fixed bug #60573 (type hinting with "self" keyword causes weird errors).
(Laruence)
. Fixed bug #60569 (Nullbyte truncates Exception $message). (Ilia)
. Fixed bug #52719 (array_walk_recursive crashes if third param of the
function is by reference). (Nikita Popov)
. Improve performance of set_exception_handler while doing reset (Laruence)
- fileinfo:
. Fix fileinfo test problems. (Anatoliy Belsky)
- FPM
. Fixed bug #61430 (Transposed memset() params in sapi/fpm/fpm/fpm_shm.c).
(michaelhood at gmail dot com, Ilia)
- Ibase
. Fixed bug #60947 (Segmentation fault while executing ibase_db_info).
(Ilia)
- Installation
. Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)
- Intl:
. Fixed bug #61487 (Incorrent bounds checking in grapheme_strpos).
(Stas)
- mbstring:
. MFH mb_ereg_replace_callback() for security enhancements. (Rui)
- mysqli
. Fixed bug #61003 (mysql_stat() require a valid connection). (Johannes).
- mysqlnd
. Fixed bug #61704 (Crash apache, phpinfo() threading issue). (Johannes)
. Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled).
(Johannes)
- PDO
. Fixed bug #61292 (Segfault while calling a method on an overloaded PDO
object). (Laruence)
- PDO_mysql
. Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't
always work). (Johannes)
. Fixed bug #61194 (PDO should export compression flag with myslqnd).
(Johannes)
- PDO_odbc
. Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO). (Ilia)
- Phar
. Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL
bytes). (Nikita Popov)
- Readline:
. Fixed bug #61088 (Memory leak in readline_callback_handler_install).
(Nikic, Laruence)
- Reflection:
. Implemented FR #61602 (Allow access to the name of constant
used as function/method parameter's default value). ([email protected])
. Fixed bug #60968 (Late static binding doesn't work with
ReflectionMethod::invokeArgs()). (Laruence)
- Session
. Fixed bug #60634 (Segmentation fault when trying to die() in
SessionHandler::write()). (Ilia)
- SOAP
. Fixed bug #61423 (gzip compression fails). (Ilia)
. Fixed bug #60887 (SoapClient ignores user_agent option and sends no
User-Agent header). (carloschilazo at gmail dot com)
. Fixed bug #60842, #51775 (Chunked response parsing error when
chunksize length line is > 10 bytes). (Ilia)
. Fixed bug #49853 (Soap Client stream context header option ignored).
(Dmitry)
- SPL:
. Fixed bug #61453 (SplObjectStorage does not identify objects correctly).
(Gustavo)
. Fixed bug #61347 (inconsistent isset behavior of Arrayobject). (Laruence)
- Standard:
. Fixed memory leak in substr_replace. (Pierrick)
. Make max_file_uploads ini directive settable outside of php.ini (Rasmus)
. Fixed bug #61409 (Bad formatting on phpinfo()). (Jakub Vrana)
. Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia)
. Fixed bug #60106 (stream_socket_server silently truncates long unix socket
paths). (Ilia)
- XMLRPC:
. Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary
variable). (Nikita Popov)
. Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita
Popov)
- Zlib:
. Fixed bug #61306 (initialization of global inappropriate for ZTS). (Gustavo)
. Fixed bug #61287 (A particular string fails to decompress). (Mike)
. Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov)
01 Mar 2012, PHP 5.4.0
- Installation:
. autoconf 2.59+ is now supported (and required) for generating the
configure script with ./buildconf. Autoconf 2.60+ is desirable
otherwise the configure help order may be incorrect. (Rasmus, Chris Jones)
- Removed legacy features:
. break/continue $var syntax. (Dmitry)
. Safe mode and all related php.ini options. (Kalle)
. register_globals and register_long_arrays php.ini options. (Kalle)
. import_request_variables(). (Kalle)
. allow_call_time_pass_reference. (Pierrick)
. define_syslog_variables php.ini option and its associated function. (Kalle)
. highlight.bg php.ini option. (Kalle)
. safe_mode, safe_mode_gid, safe_mode_include_dir,
safe_mode_exec_dir, safe_mode_allowed_env_vars and
safe_mode_protected_env_vars php.ini options.
. zend.ze1_compatibility_mode php.ini option.
. Session bug compatibility mode (session.bug_compat_42 and
session.bug_compat_warn php.ini options). (Kalle)
. session_is_registered(), session_register() and session_unregister()
functions. (Kalle)
. y2k_compliance php.ini option. (Kalle)
. magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase
php.ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept
but always return false, set_magic_quotes_runtime raises an
E_CORE_ERROR. (Pierrick, Pierre)
. Removed support for putenv("TZ=..") for setting the timezone. (Derick)
. Removed the timezone guessing algorithm in case the timezone isn't set with
date.timezone or date_default_timezone_set(). Instead of a guessed
timezone, "UTC" is now used instead. (Derick)
- Moved extensions to PECL:
. ext/sqlite. (Note: the ext/sqlite3 and ext/pdo_sqlite extensions are
not affected) (Johannes)
- General improvements:
. Added short array syntax support ([1,2,3]), see UPGRADING guide for full
details. (rsky0711 at gmail . com, sebastian.deutsch at 9elements . com,
Pierre)
. Added binary number format (0b001010). (Jonah dot Harris at gmail dot com)
. Added support for Class::{expr}() syntax (Pierrick)
. Added multibyte support by default. Previously PHP had to be compiled
with --enable-zend-multibyte. Now it can be enabled or disabled through
the zend.multibyte directive in php.ini. (Dmitry)
. Removed compile time dependency from ext/mbstring (Dmitry)
. Added support for Traits. (Stefan, with fixes by Dmitry and Laruence)
. Added closure $this support back. (Stas)
. Added array dereferencing support. (Felipe)
. Added callable typehint. (Hannes)
. Added indirect method call through array. FR #47160. (Felipe)
. Added DTrace support. (David Soria Parra)
. Added class member access on instantiation (e.g. (new foo)->bar()) support.
(Felipe)
. <?= is now always available regardless of the short_open_tag setting. (Rasmus)
. Implemented Zend Signal Handling (configurable option --enable-zend-signals,
off by default). (Lucas Nealan, Arnaud Le Blanc, Brian Shire, Ilia)
. Improved output layer, see README.NEW-OUTPUT-API for internals. (Mike)
. Improved UNIX build system to allow building multiple PHP binary SAPIs and
one SAPI module the same time. FR #53271, FR #52419. (Jani)
. Implemented closure rebinding as parameter to bindTo. (Gustavo Lopes)
. Improved the warning message of incompatible arguments. (Laruence)
. Improved ternary operator performance when returning arrays. (Arnaud, Dmitry)
. Changed error handlers to only generate docref links when the docref_root
php.ini setting is not empty. (Derick)
. Changed silent conversion of array to string to produce a notice. (Patrick)
. Changed default encoding from ISO-8859-1 to UTF-8 when not specified in
htmlspecialchars and htmlentities. (Rasmus)
. Changed casting of null/''/false into an Object when adding a property
from E_STRICT into a warning. (Scott)
. Changed E_ALL to include E_STRICT. (Stas)
. Disabled Windows CRT warning by default, can be enabled again using the
php.ini directive windows_show_crt_warnings. (Pierre)
. Fixed bug #55378: Binary number literal returns float number though its
value is small enough. (Derick)
- Improved Zend Engine memory usage: (Dmitry)
. Improved parse error messages. (Felipe)
. Replaced zend_function.pass_rest_by_reference by
ZEND_ACC_PASS_REST_BY_REFERENCE in zend_function.fn_flags.
. Replaced zend_function.return_reference by ZEND_ACC_RETURN_REFERENCE
in zend_function.fn_flags.
. Removed zend_arg_info.required_num_args as it was only needed for internal
functions. Now the first arg_info for internal functions (which has special
meaning) is represented by the zend_internal_function_info structure.
. Moved zend_op_array.size, size_var, size_literal, current_brk_cont,
backpatch_count into CG(context) as they are used only during compilation.
. Moved zend_op_array.start_op into EG(start_op) as it's used only for
'interactive' execution of a single top-level op-array.
. Replaced zend_op_array.done_pass_two by ZEND_ACC_DONE_PASS_TWO in
zend_op_array.fn_flags.
. op_array.vars array is trimmed (reallocated) during pass_two.
. Replaced zend_class_entry.constants_updated by ZEND_ACC_CONSTANTS_UPDATED
in zend_class_entry.ce_flags.
. Reduced the size of zend_class_entry by sharing the same memory space
by different information for internal and user classes.
See zend_class_entry.info union.
. Reduced size of temp_variable.
- Improved Zend Engine - performance tweaks and optimizations: (Dmitry)
. Inlined most probable code-paths for arithmetic operations directly into
executor.
. Eliminated unnecessary iterations during request startup/shutdown.
. Changed $GLOBALS into a JIT autoglobal, so it's initialized only if used.
(this may affect opcode caches!)
. Improved performance of @ (silence) operator.
. Simplified string offset reading. Given $str="abc" then $str[1][0] is now
a legal construct.
. Added caches to eliminate repeatable run-time bindings of functions,
classes, constants, methods and properties.
. Added concept of interned strings. All strings constants known at compile
time are allocated in a single copy and never changed.
. ZEND_RECV now always has IS_CV as its result.
. ZEND_CATCH now has to be used only with constant class names.
. ZEND_FETCH_DIM_? may fetch array and dimension operands in different order.
. Simplified ZEND_FETCH_*_R operations. They can't be used with the
EXT_TYPE_UNUSED flag any more. This is a very rare and useless case.
ZEND_FREE might be required after them instead.
. Split ZEND_RETURN into two new instructions ZEND_RETURN and
ZEND_RETURN_BY_REF.
. Optimized access to global constants using values with pre-calculated
hash_values from the literals table.
. Optimized access to static properties using executor specialization.
A constant class name may be used as a direct operand of ZEND_FETCH_*
instruction without previous ZEND_FETCH_CLASS.
. zend_stack and zend_ptr_stack allocation is delayed until actual usage.
- Other improvements to Zend Engine:
. Added an optimization which saves memory and emalloc/efree calls for empty
HashTables. (Stas, Dmitry)
. Added ability to reset user opcode handlers (Yoram).
. Changed the structure of op_array.opcodes. The constant values are moved from
opcode operands into a separate literal table. (Dmitry)
. Fixed (disabled) inline-caching for ZEND_OVERLOADED_FUNCTION methods.
(Dmitry)
- Improved core functions:
. Enforce an extended class' __construct arguments to match the
abstract constructor in the base class.
. Disallow reusing superglobal names as parameter names.
. Added optional argument to debug_backtrace() and debug_print_backtrace()
to limit the amount of stack frames returned. (Sebastian, Patrick)
. Added hex2bin() function. (Scott)
. number_format() no longer truncates multibyte decimal points and thousand
separators to the first byte. FR #53457. (Adam)
. Added support for object references in recursive serialize() calls.
FR #36424. (Mike)
. Added support for SORT_NATURAL and SORT_FLAG_CASE in array
sort functions (sort, rsort, ksort, krsort, asort, arsort and
array_multisort). FR#55158 (Arpad)
. Added stream metadata API support and stream_metadata() stream class
handler. (Stas)
. User wrappers can now define a stream_truncate() method that responds
to truncation, e.g. through ftruncate(). FR #53888. (Gustavo)
. Improved unserialize() performance.
(galaxy dot mipt at gmail dot com, Kalle)
. Changed array_combine() to return empty array instead of FALSE when both
parameter arrays are empty. FR #34857. ([email protected])
. Fixed bug #61095 (Incorect lexing of 0x00*+<NUM>). (Etienne)
. Fixed bug #60965 (Buffer overflow on htmlspecialchars/entities with
$double=false). (Gustavo)
. Fixed bug #60895 (Possible invalid handler usage in windows random
functions). (Pierre)
. Fixed bug #60879 (unserialize() Does not invoke __wakeup() on object).
(Pierre, Steve)
. Fixed bug #60825 (Segfault when running symfony 2 tests).
(Dmitry, Laruence)
. Fixed bug #60627 (httpd.worker segfault on startup with php_value).
. Fixed bug #60613 (Segmentation fault with $cls->{expr}() syntax). (Dmitry)
. Fixed bug #60611 (Segmentation fault with Cls::{expr}() syntax). (Laruence)
(Laruence)
. Fixed bug #60558 (Invalid read and writes). (Laruence)
. Fixed bug #60444 (Segmentation fault with include & class extending).
(Laruence, Dmitry).
. Fixed bug #60362 (non-existent sub-sub keys should not have values).
(Laruence, alan_k, Stas)
. Fixed bug #60350 (No string escape code for ESC (ascii 27), normally \e).
(php at mickweiss dot com)
. Fixed bug #60321 (ob_get_status(true) no longer returns an array when
buffer is empty). (Pierrick)
. Fixed bug #60282 (Segfault when using ob_gzhandler() with open buffers).
(Laruence)
. Fixed bug #60240 (invalid read/writes when unserializing specially crafted
strings). (Mike)
. Fixed bug #60227 (header() cannot detect the multi-line header with
CR(0x0D)). (rui)
. Fixed bug #60174 (Notice when array in method prototype error).
(Laruence)
. Fixed bug #60169 (Conjunction of ternary and list crashes PHP).
(Laruence)
. Fixed bug #60038 (SIGALRM cause segfault in php_error_cb). (Laruence)
(klightspeed at netspace dot net dot au)
. Fixed bug #55871 (Interruption in substr_replace()). (Stas)
. Fixed bug #55801 (Behavior of unserialize has changed). (Mike)
. Fixed bug #55758 (Digest Authenticate missed in 5.4) . (Laruence)
. Fixed bug #55748 (multiple NULL Pointer Dereference with zend_strndup())
(CVE-2011-4153). (Stas)
. Fixed bug #55124 (recursive mkdir fails with current (dot) directory in path).
(Pierre)
. Fixed bug #55084 (Function registered by header_register_callback is
called only once per process). (Hannes)
. Implement FR #54514 (Get php binary path during script execution).
(Laruence)
. Fixed bug #52211 (iconv() returns part of string on error). (Felipe)
. Fixed bug #51860 (Include fails with toplevel symlink to /). (Dmitry)
- Improved generic SAPI support:
. Added $_SERVER['REQUEST_TIME_FLOAT'] to include microsecond precision.
(Patrick)
. Added header_register_callback() which is invoked immediately
prior to the sending of headers and after default headers have
been added. (Scott)
. Added http_response_code() function. FR #52555. (Paul Dragoonis, Kalle)
. Fixed bug #55500 (Corrupted $_FILES indices lead to security concern).
(CVE-2012-1172). (Stas)
. Fixed bug #54374 (Insufficient validating of upload name leading to
corrupted $_FILES indices). (CVE-2012-1172). (Stas, lekensteyn at gmail dot com)
- Improved CLI SAPI:
. Added built-in web server that is intended for testing purpose.
(Moriyoshi, Laruence, and fixes by Pierre, Derick, Arpad,
chobieee at gmail dot com)
. Added command line option --rz <name> which shows information of the
named Zend extension. (Johannes)
. Interactive readline shell improvements: (Johannes)
. Added "cli.pager" php.ini setting to set a pager for output.
. Added "cli.prompt" php.ini setting to configure the shell prompt.
. Added shortcut #inisetting=value to change php.ini settings at run-time.
. Changed shell not to terminate on fatal errors.
. Interactive shell works with shared readline extension. FR #53878.
- Improved CGI/FastCGI SAPI: (Dmitry)
. Added apache compatible functions: apache_child_terminate(),
getallheaders(), apache_request_headers() and apache_response_headers()
. Improved performance of FastCGI request parsing.
. Fixed reinitialization of SAPI callbacks after php_module_startup().
(Dmitry)
- Improved PHP-FPM SAPI:
. Removed EXPERIMENTAL flag. (fat)
. Fixed bug #60659 (FPM does not clear auth_user on request accept).
(bonbons at linux-vserver dot org)
- Improved Litespeed SAPI:
. Fixed bug #55769 (Make Fails with "Missing Separator" error). (Adam)
- Improved Date extension:
. Added the + modifier to parseFromFormat to allow trailing text in the
string to parse without throwing an error. (Stas, Derick)
- Improved DBA extension:
. Added Tokyo Cabinet abstract DB support. (Michael Maclean)
. Added Berkeley DB 5 support. (Johannes, Chris Jones)
- Improved DOM extension:
. Added the ability to pass options to loadHTML (Chregu, fxmulder at gmail dot com)
- Improved filesystem functions:
. scandir() now accepts SCANDIR_SORT_NONE as a possible sorting_order value.
FR #53407. (Adam)
- Improved HASH extension:
. Added Jenkins's one-at-a-time hash support. (Martin Jansen)
. Added FNV-1 hash support. (Michael Maclean)
. Made Adler32 algorithm faster. FR #53213. (zavasek at yandex dot ru)
. Removed Salsa10/Salsa20, which are actually stream ciphers (Mike)
. Fixed bug #60221 (Tiger hash output byte order) (Mike)
- Improved intl extension:
. Added Spoofchecker class, allows checking for visibly confusable characters and
other security issues. (Scott)
. Added Transliterator class, allowing transliteration of strings.
(Gustavo)
. Added support for UTS #46. (Gustavo)
. Fixed build on Fedora 15 / Ubuntu 11. (Hannes)
. Fixed bug #55562 (grapheme_substr() returns false on big length). (Stas)
- Improved JSON extension:
. Added new json_encode() option JSON_UNESCAPED_UNICODE. FR #53946.
(Alexander, Gwynne)
. Added JsonSerializable interface. (Sara)
. Added JSON_BIGINT_AS_STRING, extended json_decode() sig with $options.
(Sara)
. Added support for JSON_NUMERIC_CHECK option in json_encode() that converts
numeric strings to integers. (Ilia)
. Added new json_encode() option JSON_UNESCAPED_SLASHES. FR #49366. (Adam)
. Added new json_encode() option JSON_PRETTY_PRINT. FR #44331. (Adam)
- Improved LDAP extension:
. Added paged results support. FR #42060. ([email protected],
- Improved mbstring extension:
. Added Shift_JIS/UTF-8 Emoji (pictograms) support. (Rui)
. Added JIS X0213:2004 (Shift_JIS-2004, EUC-JP-2004, ISO-2022-JP-2004)
support. (Rui)
. Ill-formed UTF-8 check for security enhancements. (Rui)
. Added MacJapanese (Shift_JIS) and gb18030 encoding support. (Rui)
. Added encode/decode in hex format to mb_[en|de]code_numericentity(). (Rui)
. Added user JIS X0213:2004 (Shift_JIS-2004, EUC-JP-2004, ISO-2022-JP-2004)
support. (Rui)
. Added the user defined area for CP936 and CP950 (Rui).
. Fixed bug #60306 (Characters lost while converting from cp936 to utf8).
(Laruence)
- Improved MySQL extensions:
. MySQL: Deprecated mysql_list_dbs(). FR #50667. (Andrey)
. mysqlnd: Added named pipes support. FR #48082. (Andrey)
. MySQLi: Added iterator support in MySQLi. mysqli_result implements
Traversable. (Andrey, Johannes)
. PDO_mysql: Removed support for linking with MySQL client libraries older
than 4.1. (Johannes)
. ext/mysql, mysqli and pdo_mysql now use mysqlnd by default. (Johannes)
. Fixed bug #55473 (mysql_pconnect leaks file descriptors on reconnect).
(Andrey, Laruence)
. Fixed bug #55653 (PS crash with libmysql when binding same variable as
param and out). (Laruence)
- Improved OpenSSL extension:
. Added AES support. FR #48632. (yonas dot y at gmail dot com, Pierre)
. Added no padding option to openssl_encrypt()/openssl_decrypt(). (Scott)
. Use php's implementation for Windows Crypto API in
openssl_random_pseudo_bytes. (Pierre)
. On error in openssl_random_pseudo_bytes() made sure we set strong result
to false. (Scott)
. Fixed possible attack in SSL sockets with SSL 3.0 / TLS 1.0.
CVE-2011-3389. (Scott)
. Fixed bug #61124 (Crash when decoding an invalid base64 encoded string).
(me at ktamura dot com, Scott)
- Improved PDO:
. Fixed PDO objects binary incompatibility. (Dmitry)
- PDO DBlib driver:
. Added nextRowset support.
. Fixed bug #50755 (PDO DBLIB Fails with OOM).
- Improved PostgreSQL extension:
. Added support for "extra" parameter for PGNotify().
(r dot i dot k at free dot fr, Ilia)
- Improved PCRE extension:
. Changed third parameter of preg_match_all() to optional. FR #53238. (Adam)
- Improved Readline extension:
. Fixed bug #54450 (Enable callback support when built against libedit).
(fedora at famillecollet dot com, Hannes)
- Improved Reflection extension:
. Added ReflectionClass::newInstanceWithoutConstructor() to create a new
instance of a class without invoking its constructor. FR #55490.
(Sebastian)
. Added ReflectionExtension::isTemporary() and
ReflectionExtension::isPersistent() methods. (Johannes)
. Added ReflectionZendExtension class. (Johannes)
. Added ReflectionClass::isCloneable(). (Felipe)
- Improved Session extension:
. Expose session status via new function, session_status (FR #52982) (Arpad)
. Added support for object-oriented session handlers. (Arpad)
. Added support for storing upload progress feedback in session data. (Arnaud)
. Changed session.entropy_file to default to /dev/urandom or /dev/arandom if
either is present at compile time. (Rasmus)
. Fixed bug #60860 (session.save_handler=user without defined function core
dumps). (Felipe)
. Implement FR #60551 (session_set_save_handler should support a core's
session handler interface). (Arpad)
. Fixed bug #60640 (invalid return values). (Arpad)
- Improved SNMP extension (Boris Lytochkin):
. Added OO API. FR #53594 (php-snmp rewrite).
. Sanitized return values of existing functions. Now it returns FALSE on
failure.
. Allow ~infinite OIDs in GET/GETNEXT/SET queries. Autochunk them to max_oids
upon request.
. Introducing unit tests for extension with ~full coverage.
. IPv6 support. (FR #42918)
. Way of representing OID value can now be changed when SNMP_VALUE_OBJECT
is used for value output mode. Use or'ed SNMP_VALUE_LIBRARY(default if
not specified) or SNMP_VALUE_PLAIN. (FR #54502)
. Fixed bug #60749 (SNMP module should not strip non-standard SNMP port
from hostname). (Boris Lytochkin)
. Fixed bug #60585 (php build fails with USE flag snmp when IPv6 support
is disabled). (Boris Lytochkin)
. Fixed bug #53862 (snmp_set_oid_output_format does not allow returning to default)
. Fixed bug #46065 (snmp_set_quick_print() persists between requests)
. Fixed bug #45893 (Snmp buffer limited to 2048 char)
. Fixed bug #44193 (snmp v3 noAuthNoPriv doesn't work)
- Improved SOAP extension:
. Added new SoapClient option "keep_alive". FR #60329. (Pierrick)
. Fixed basic HTTP authentication for WSDL sub requests. (Dmitry)
- Improved SPL extension:
. Added RegexIterator::getRegex() method. (Joshua Thijssen)
. Added SplObjectStorage::getHash() hook. (Etienne)
. Added CallbackFilterIterator and RecursiveCallbackFilterIterator. (Arnaud)
. Added missing class_uses(..) as pointed out by #55266 (Stefan)
. Immediately reject wrong usages of directories under Spl(Temp)FileObject
and friends. (Etienne, Pierre)
. FilesystemIterator, GlobIterator and (Recursive)DirectoryIterator now use
the default stream context. (Hannes)
. Fixed bug #60201 (SplFileObject::setCsvControl does not expose third
argument via Reflection). (Peter)
. Fixed bug #55287 (spl_classes() not includes CallbackFilter classes)
(sasezaki at gmail dot com, salathe)
- Improved Sysvshm extension:
. Fixed bug #55750 (memory copy issue in sysvshm extension).
(Ilia, jeffhuang9999 at gmail dot com)
- Improved Tidy extension:
. Fixed bug #54682 (Tidy::diagnose() NULL pointer dereference).
(Maksymilian Arciemowicz, Felipe)
- Improved Tokenizer extension:
. Fixed bug #54089 (token_get_all with regards to __halt_compiler is
not binary safe). (Nikita Popov)
- Improved XSL extension:
. Added XsltProcessor::setSecurityPrefs($options) and getSecurityPrefs() to
define forbidden operations within XSLT stylesheets, default is not to
enable write operations from XSLT. Bug #54446 (Chregu, Nicolas Gregoire)
. XSL doesn't stop transformation anymore, if a PHP function can't be called
(Christian)
- Improved ZLIB extension:
. Re-implemented non-file related functionality. (Mike)
. Fixed bug #55544 (ob_gzhandler always conflicts with zlib.output_compression).
(Mike)
14 Jun 2012, PHP 5.3.14
- CLI SAPI:
. Fixed bug #61546 (functions related to current script failed when chdir()
in cli sapi). (Laruence, [email protected])
- CURL:
. Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
(Laruence)
- COM:
. Fixed bug #62146 com_dotnet cannot be built shared. (Johannes)
- Core:
. Fixed CVE-2012-2143. (Solar Designer)
. Fixed missing bound check in iptcparse(). (chris at chiappa.net)
. Fixed bug #62373 (serialize() generates wrong reference to the object).
(Moriyoshi)
. Fixed bug #62005 (unexpected behavior when incrementally assigning to a
member of a null object). (Laruence)
. Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy)
. Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64). (Gustavo)
. Fixed bug #61730 (Segfault from array_walk modifying an array passed by
reference). (Laruence)
. Fixed bug #61713 (Logic error in charset detection for htmlentities).
(Anatoliy)
. Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename
set to null). (Anatoliy)
. Changed php://fd to be available only for CLI.
- Fileinfo:
. Fixed bug #61812 (Uninitialised value used in libmagic).
(Laruence, Gustavo)