2011年3月22日

[installer 2727] PHP 5.3.6

PHP 5.3.6 出ています。

いつものように複数のセキュリティホールの修正が含まれています。

http://www.php.net/archive/2011.php#id2011-03-17-1 より:
BEGIN-----------------------------------------------------
PHP 5.3.6 Released!
[17-Mar-2011]


The PHP development team would like to announce the immediate
availability of PHP 5.3.6. This release focuses on improving the
stability of the PHP 5.3.x branch with over 60 bug fixes, some of
which are security related.

Security Enhancements and Fixes in PHP 5.3.6:

* Enforce security in the fastcgi protocol parsing with fpm SAPI.
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini
setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty
archive). (CVE-2011-0421)

Key enhancements in PHP 5.3.6 include:

* Upgraded bundled Sqlite3 to version 3.7.4.
* Upgraded bundled PCRE to version 8.11.
* Added ability to connect to HTTPS sites through proxy with basic
authentication using stream_context/http/header/Proxy-Authorization.
* Added options to debug backtrace functions.
* Changed default value of ini directive serialize_precision from 100
to 17.
* Fixed Bug #53971 (isset() and empty() produce apparently spurious
runtime error).
* Fixed Bug #53958 (Closures can't 'use' shared variables by value and
by reference).
* Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir
with a trailing forward slash).
* Over 60 other bug fixes.

Windows users: please mind that we do no longer provide builds created
with Visual Studio C++ 6. It is impossible to maintain a high quality
and safe build of PHP for Windows using this unmaintained compiler.

For Apache SAPIs (php5_apache2_2.dll), be sure that you use a Visual
Studio C++ 9 version of Apache. We recommend the Apache builds as
provided by ApacheLounge. For any other SAPI (CLI, FastCGI via
mod_fcgi, FastCGI with IIS or other FastCGI capable server),
everything works as before. Third party extension providers must
rebuild their extensions to make them compatible and loadable with the
Visual Studio C++9 builds that we now provide.

All PHP users should note that the PHP 5.2 series is NOT supported
anymore. All users are strongly encouraged to upgrade to PHP 5.3.6.

For a full list of changes in PHP 5.3.6, see the ChangeLog. For source
downloads please visit our downloads page, Windows binaries can be
found on windows.php.net/download/.
END-------------------------------------------------------

☆ PHP 5.3.6
http://www.php.net/
http://www.php.net/downloads.php#v5
http://www.php.net/distributions/php-5.3.6.tar.gz
http://static.php.net/www.php.net/distributions/php-5.3.6.tar.gz

17 Mar 2011, PHP 5.3.6
- Upgraded bundled Sqlite3 to version 3.7.4. (Ilia)
- Upgraded bundled PCRE to version 8.11. (Ilia)

- Zend Engine:
. Indirect reference to $this fails to resolve if direct $this is never used
in method. (Scott)
. Added options to debug backtrace functions. (Stas)
. Fixed bug numerous crashes due to setlocale (crash on error, pcre, mysql
etc.) on Windows in thread safe mode. (Pierre)
. Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime
error). (Dmitry)
. Fixed Bug #53958 (Closures can't 'use' shared variables by value and by
reference). (Dmitry)
. Fixed Bug #53629 (memory leak inside highlight_string()). (Hannes, Ilia)
. Fixed Bug #51458 (Lack of error context with nested exceptions). (Stas)
. Fixed Bug #47143 (Throwing an exception in a destructor causes a fatal
error). (Stas)
. Fixed bug #43512 (same parameter name can be used multiple times in
method/function definition). (Felipe)

- Core:
. Added ability to connect to HTTPS sites through proxy with basic
authentication using stream_context/http/header/Proxy-Authorization (Dmitry)
. Changed default value of ini directive serialize_precision from 100 to 17.
(Gustavo)
. Fixed bug #54055 (buffer overrun with high values for precision ini
setting). (Gustavo)
. Fixed bug #53959 (reflection data for fgetcsv out-of-date). (Richard)
. Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a
trailing forward slash). (lekensteyn at gmail dot com, Pierre)
. Fixed bug #53682 (Fix compile on the VAX). (Rasmus, jklos)
. Fixed bug #48484 (array_product() always returns 0 for an empty array).
(Ilia)
. Fixed bug #48607 (fwrite() doesn't check reply from ftp server before
exiting). (Ilia)


- Calendar extension:
. Fixed bug #53574 (Integer overflow in SdnToJulian, sometimes leading to
segfault). (Gustavo)

- DOM extension:
. Implemented FR #39771 (Made DOMDocument::saveHTML accept an optional DOMNode
like DOMDocument::saveXML). (Gustavo)

- DateTime extension:
. Fixed a bug in DateTime->modify() where absolute date/time statements had
no effect. (Derick)
. Fixed bug #53729 (DatePeriod fails to initialize recurrences on 64bit
big-endian systems). (Derick, rein@xxxxx)
. Fixed bug #52808 (Segfault when specifying interval as two dates). (Stas)
. Fixed bug #52738 (Can't use new properties in class extended from
DateInterval). (Stas)
. Fixed bug #52290 (setDate, setISODate, setTime works wrong when DateTime
created from timestamp). (Stas)
. Fixed bug #52063 (DateTime constructor's second argument doesn't have a
null default value). (Gustavo, Stas)

- Exif extension:
. Fixed bug #54002 (crash on crafted tag, reported by Luca Carettoni).
(Pierre) (CVE-2011-0708)

- Filter extension:
. Fixed bug #53924 (FILTER_VALIDATE_URL doesn't validate port number).
(Ilia, Gustavo)
. Fixed bug #53150 (FILTER_FLAG_NO_RES_RANGE is missing some IP ranges).
(Ilia)
. Fixed bug #52209 (INPUT_ENV returns NULL for set variables (CLI)). (Ilia)
. Fixed bug #47435 (FILTER_FLAG_NO_RES_RANGE don't work with ipv6).
(Ilia, valli at icsurselva dot ch)

- Fileinfo extension:
. Fixed bug #54016 (finfo_file() Cannot determine filetype in archives).
(Hannes)

- Gettext
. Fixed bug #53837 (_() crashes on Windows when no LANG or LANGUAGE
environment variable are set). (Pierre)

- IMAP extension:
. Implemented FR #53812 (get MIME headers of the part of the email). (Stas)
. Fixed bug #53377 (imap_mime_header_decode() doesn't ignore \t during long
MIME header unfolding). (Adam)

- Intl extension:
. Fixed bug #53612 (Segmentation fault when using cloned several intl
objects). (Gustavo)
. Fixed bug #53512 (NumberFormatter::setSymbol crash on bogus $attr values).
(Felipe)
. Implemented clone functionality for number, date & message formatters.
(Stas).

- JSON extension:
. Fixed bug #53963 (Ensure error_code is always set during some failed
decodings). (Scott)

- mysqlnd
. Fixed problem with always returning 0 as num_rows for unbuffered sets.
(Andrey, Ulf)

- MySQL Improved extension:
. Added 'db' and 'catalog' keys to the field fetching functions (FR #39847).
(Kalle)
. Fixed buggy counting of affected rows when using the text protocol. The
collected statistics were wrong when multi_query was used with mysqlnd
(Andrey)
. Fixed bug #53795 (Connect Error from MySqli (mysqlnd) when using SSL).
(Kalle)
. Fixed bug #53503 (mysqli::query returns false after successful LOAD DATA
query). (Kalle, Andrey)
. Fixed bug #53425 (mysqli_real_connect() ignores client flags when built to
call libmysql). (Kalle, tre-php-net at crushedhat dot com)

- OpenSSL extension:
. Fixed stream_socket_enable_crypto() not honoring the socket timeout in
server mode. (Gustavo)
. Fixed bug #54060 (Memory leaks when openssl_encrypt). (Pierre)
. Fixed bug #54061 (Memory leaks when openssl_decrypt). (Pierre)
. Fixed bug #53592 (stream_socket_enable_crypto() busy-waits in client mode).
(Gustavo)
. Implemented FR #53447 (Cannot disable SessionTicket extension for servers
that do not support it) by adding a no_ticket SSL context option. (Adam,
Tony)

- PDO MySQL driver:
. Fixed bug #53551 (PDOStatement execute segfaults for pdo_mysql driver).
(Johannes)
. Implemented FR #47802 (Support for setting character sets in DSN strings).
(Kalle)

- PDO Oracle driver:
. Fixed bug #39199 (Cannot load Lob data with more than 4000 bytes on
ORACLE 10). (spatar at mail dot nnov dot ru)

- PDO PostgreSQL driver:
. Fixed bug #53517 (segfault in pgsql_stmt_execute() when postgres is down).
(gyp at balabit dot hu)

- Phar extension:
. Fixed bug #54247 (format-string vulnerability on Phar). (Felipe)
(CVE-2011-1153)
. Fixed bug #53541 (format string bug in ext/phar).
(crrodriguez at opensuse dot org, Ilia)
. Fixed bug #53898 (PHAR reports invalid error message, when the directory
does not exist). (Ilia)

- PHP-FPM SAPI:
. Enforce security in the fastcgi protocol parsing.
(ef-lists at email dotde)
. Fixed bug #53777 (php-fpm log format now match php_error log format). (fat)
. Fixed bug #53527 (php-fpm --test doesn't set a valuable return value). (fat)
. Fixed bug #53434 (php-fpm slowlog now also logs the original request). (fat)

- Readline extension:
. Fixed bug #53630 (Fixed parameter handling inside readline() function).
(jo at feuersee dot de, Ilia)

- Reflection extension:
. Fixed bug #53915 (ReflectionClass::getConstant(s) emits fatal error on
constants with self::). (Gustavo)

- Shmop extension:
. Fixed bug #54193 (Integer overflow in shmop_read()). (Felipe)
Reported by Jose Carlos Norte <jose at eyeos dot org> (CVE-2011-1092)

- SNMP extension:
. Fixed bug #51336 (snmprealwalk (snmp v1) does not handle end of OID tree
correctly). (Boris Lytochkin)

- SOAP extension:
. Fixed possible crash introduced by the NULL poisoning patch.
(Mateusz Kocielski, Pierre)

- SPL extension:
. Fixed memory leak in DirectoryIterator::getExtension() and
SplFileInfo::getExtension(). (Felipe)
. Fixed bug #53914 (SPL assumes HAVE_GLOB is defined). (Chris Jones)
. Fixed bug #53515 (property_exists incorrect on ArrayObject null and 0
values). (Felipe)
. Fixed bug #49608 (Using CachingIterator on DirectoryIterator instance
segfaults). (Felipe)

. Added SplFileInfo::getExtension(). FR #48767. (Peter Cowburn)

- SQLite3 extension:
. Fixed memory leaked introduced by the NULL poisoning patch.
(Mateusz Kocielski, Pierre)
. Fixed memory leak on SQLite3Result and SQLite3Stmt when assigning to a
reference. (Felipe)
. Add SQlite3_Stmt::readonly() for checking if a statement is read only.
(Scott)
. Implemented FR #53466 (SQLite3Result::columnType() should return false after
all of the rows have been fetched). (Scott)

- Streams:
. Fixed bug #54092 (Segmentation fault when using HTTP proxy with the FTP
wrapper). (Gustavo)
. Fixed bug #53913 (Streams functions assume HAVE_GLOB is defined). (Chris
Jones)
. Fixed bug #53903 (userspace stream stat callback does not separate the
elements of the returned array before converting them). (Gustavo)
. Implemented FR #26158 (open arbitrary file descriptor with fopen). (Gustavo)

- Tokenizer Extension
. Fixed bug #54089 (token_get_all() does not stop after __halt_compiler).
(Ilia)

- XSL extension:
. Fixed memory leaked introduced by the NULL poisoning patch.
(Mateusz Kocielski, Pierre)

- Zip extension:
. Added the filename into the return value of stream_get_meta_data(). (Hannes)
. Fixed bug #53923 (Zip functions assume HAVE_GLOB is defined). (Adam)
. Fixed bug #53893 (Wrong return value for ZipArchive::extractTo()). (Pierre)
. Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive).
(Stas, Maksymilian Arciemowicz). (CVE-2011-0421)
. Fixed bug #53854 (Missing constants for compression type). (Richard, Adam)
. Fixed bug #53603 (ZipArchive should quiet stat errors). (brad dot froehle at
gmail dot com, Gustavo)
. Fixed bug #53579 (stream_get_contents() segfaults on ziparchive streams).
(Hannes)
. Fixed bug #53568 (swapped memset arguments in struct initialization).
(crrodriguez at opensuse dot org)
. Fixed bug #53166 (Missing parameters in docs and reflection definition).
(Richard)
. Fixed bug #49072 (feof never returns true for damaged file in zip).
(Gustavo, Richard Quadling)

----
こがよういちろう


投稿者 xml-rpc : 2011年3月22日 15:14
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/102715
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。