mirror of
https://github.com/QYG2297248353/IYUUPlus-Windows.git
synced 2024-11-15 00:42:09 +08:00
846 lines
34 KiB
Plaintext
846 lines
34 KiB
Plaintext
PHP NEWS
|
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
06 Jun 2024, PHP 8.3.8
|
|
|
|
- CGI:
|
|
. Fixed buffer limit on Windows, replacing read call usage by _read.
|
|
(David Carlier)
|
|
. Fixed bug GHSA-3qgc-jrrr-25jv (Bypass of CVE-2012-1823, Argument Injection
|
|
in PHP-CGI). (CVE-2024-4577) (nielsdos)
|
|
|
|
- CLI:
|
|
. Fixed bug GH-14189 (PHP Interactive shell input state incorrectly handles
|
|
quoted heredoc literals.). (nielsdos)
|
|
|
|
- Core:
|
|
. Fixed bug GH-13970 (Incorrect validation of #[Attribute] flags type for
|
|
non-compile-time expressions). (ilutov)
|
|
|
|
- DOM:
|
|
. Fix crashes when entity declaration is removed while still having entity
|
|
references. (nielsdos)
|
|
. Fix references not handled correctly in C14N. (nielsdos)
|
|
. Fix crash when calling childNodes next() when iterator is exhausted.
|
|
(nielsdos)
|
|
. Fix crash in ParentNode::append() when dealing with a fragment
|
|
containing text nodes. (nielsdos)
|
|
|
|
- Filter:
|
|
. Fixed bug GHSA-w8qr-v226-r27w (Filter bypass in filter_var FILTER_VALIDATE_URL).
|
|
(CVE-2024-5458) (nielsdos)
|
|
|
|
- FPM:
|
|
. Fix bug GH-14175 (Show decimal number instead of scientific notation in
|
|
systemd status). (Benjamin Cremer)
|
|
|
|
- Hash:
|
|
. ext/hash: Swap the checking order of `__has_builtin` and `__GNUC__`
|
|
(Saki Takamachi)
|
|
|
|
- Intl:
|
|
. Fixed build regression on systems without C++17 compilers. (Calvin Buckley,
|
|
Peter Kokot)
|
|
|
|
- MySQLnd:
|
|
. Fix bug GH-14255 (mysqli_fetch_assoc reports error from
|
|
nested query). (Kamil Tekiela)
|
|
|
|
- Opcache:
|
|
. Fixed bug GH-14109 (Fix accidental persisting of internal class constant in
|
|
shm). (ilutov)
|
|
|
|
- OpenSSL:
|
|
. The openssl_private_decrypt function in PHP, when using PKCS1 padding
|
|
(OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack
|
|
unless it is used with an OpenSSL version that includes the changes from this pull
|
|
request: https://github.com/openssl/openssl/pull/13817 (rsa_pkcs1_implicit_rejection).
|
|
These changes are part of OpenSSL 3.2 and have also been backported to stable
|
|
versions of various Linux distributions, as well as to the PHP builds provided for
|
|
Windows since the previous release. All distributors and builders should ensure that
|
|
this version is used to prevent PHP from being vulnerable. (CVE-2024-2408)
|
|
|
|
- Standard:
|
|
. Fixed bug GHSA-9fcc-425m-g385 (Bypass of CVE-2024-1874).
|
|
(CVE-2024-5585) (nielsdos)
|
|
|
|
- XML:
|
|
. Fixed bug GH-14124 (Segmentation fault with XML extension under certain
|
|
memory limit). (nielsdos)
|
|
|
|
- XMLReader:
|
|
. Fixed bug GH-14183 (XMLReader::open() can't be overridden). (nielsdos)
|
|
|
|
09 May 2024, PHP 8.3.7
|
|
|
|
- Core:
|
|
. Fixed zend_call_stack build with Linux/uclibc-ng without thread support.
|
|
(Fabrice Fontaine)
|
|
. Fixed bug GH-13772 (Invalid execute_data->opline pointers in observer fcall
|
|
handlers when JIT is enabled). (Bob)
|
|
. Fixed bug GH-13931 (Applying zero offset to null pointer in
|
|
Zend/zend_opcode.c). (nielsdos)
|
|
. Fixed bug GH-13942 (Align the behavior of zend-max-execution-timers with
|
|
other timeout implementations). (Kévin Dunglas)
|
|
. Fixed bug GH-14003 (Broken cleanup of unfinished calls with callable convert
|
|
parameters). (ilutov)
|
|
. Fixed bug GH-14013 (Erroneous dnl appended in configure). (Peter Kokot)
|
|
. Fixed bug GH-10232 (If autoloading occurs during constant resolution
|
|
filename and lineno are identified incorrectly). (ranvis)
|
|
. Fixed bug GH-13727 (Missing void keyword). (Peter Kokot)
|
|
|
|
- Fibers:
|
|
. Fixed bug GH-13903 (ASAN false positive underflow when executing copy()).
|
|
(nielsdos)
|
|
|
|
- Fileinfo:
|
|
. Fixed bug GH-13795 (Test failing in ext/fileinfo/tests/bug78987.phpt on
|
|
big-endian PPC). (orlitzky)
|
|
|
|
- FPM:
|
|
. Fixed bug GH-13563 (Setting bool values via env in FPM config fails).
|
|
(Jakub Zelenka)
|
|
|
|
- Intl:
|
|
. Fixed build for icu 74 and onwards. (dunglas)
|
|
|
|
- MySQLnd:
|
|
. Fix shift out of bounds on 32-bit non-fast-path platforms. (nielsdos)
|
|
|
|
- Opcache:
|
|
. Fixed bug GH-13433 (Segmentation Fault in zend_class_init_statics when
|
|
using opcache.preload). (nielsdos)
|
|
. Fixed incorrect assumptions across compilation units for static calls.
|
|
(ilutov)
|
|
|
|
- OpenSSL:
|
|
. Fixed bug GH-10495 (feof on OpenSSL stream hangs indefinitely).
|
|
(Jakub Zelenka)
|
|
|
|
- PDO SQLite:
|
|
. Fix GH-13984 (Buffer size is now checked before memcmp). (Saki Takamachi)
|
|
. Fix GH-13998 (Manage refcount of agg_context->val correctly).
|
|
(Saki Takamachi)
|
|
|
|
- Phar:
|
|
. Fixed bug GH-13836 (Renaming a file in a Phar to an already existing
|
|
filename causes a NULL pointer dereference). (nielsdos)
|
|
. Fixed bug GH-13833 (Applying zero offset to null pointer in zend_hash.c).
|
|
(nielsdos)
|
|
. Fix potential NULL pointer dereference before calling EVP_SignInit. (icy17)
|
|
|
|
- PHPDBG:
|
|
. Fixed bug GH-13827 (Null pointer access of type 'zval' in phpdbg_frame).
|
|
(nielsdos)
|
|
|
|
- Posix:
|
|
. Fix usage of reentrant functions in ext/posix. (Arnaud)
|
|
|
|
- Session:
|
|
. Fixed bug GH-13856 (Member access within null pointer of type 'ps_files' in
|
|
ext/session/mod_files.c). (nielsdos)
|
|
. Fixed bug GH-13891 (memleak and segfault when using ini_set with
|
|
session.trans_sid_hosts). (nielsdos, kamil-tekiela)
|
|
. Fixed buffer _read/_write size limit on windows for the file mode. (David Carlier)
|
|
|
|
- Streams:
|
|
. Fixed file_get_contents() on Windows fails with "errno=22 Invalid
|
|
argument". (Damian Wójcik)
|
|
. Fixed bug GH-13264 (Part 1 - Memory leak on stream filter failure).
|
|
(Jakub Zelenka)
|
|
. Fixed bug GH-13860 (Incorrect PHP_STREAM_OPTION_CHECK_LIVENESS case in
|
|
ext/openssl/xp_ssl.c - causing use of dead socket). (nielsdos)
|
|
. Fixed bug GH-11678 (Build fails on musl 1.2.4 - lfs64). (Arnaud)
|
|
|
|
- Treewide:
|
|
. Fix gcc-14 Wcalloc-transposed-args warnings. (Cristian Rodríguez)
|
|
|
|
28 Mar 2024, PHP 8.3.5RC1
|
|
|
|
- Core:
|
|
. Fixed GH-13569 (GC buffer unnecessarily grows up to GC_MAX_BUF_SIZE when
|
|
scanning WeakMaps). (Arnaud)
|
|
. Fixed bug GH-13612 (Corrupted memory in destructor with weak references).
|
|
(nielsdos)
|
|
. Fixed bug GH-13446 (Restore exception handler after it finishes). (ilutov)
|
|
. Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). (Remi)
|
|
. Fixed bug GH-13670 (GC does not scale well with a lot of objects created in
|
|
destructor). (Arnaud)
|
|
|
|
- DOM:
|
|
. Add some missing ZPP checks. (nielsdos)
|
|
. Fix potential memory leak in XPath evaluation results. (nielsdos)
|
|
|
|
- FPM:
|
|
. Fixed GH-11086 (FPM: config test runs twice in daemonised mode).
|
|
(Jakub Zelenka)
|
|
. Fixed incorrect check in fpm_shm_free(). (nielsdos)
|
|
|
|
- GD:
|
|
. Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). (Michael Orlitzky)
|
|
|
|
- Gettext:
|
|
. Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5
|
|
with category set to LC_ALL. (David Carlier)
|
|
|
|
- MySQLnd:
|
|
. Fix GH-13452 (Fixed handshake response [mysqlnd]). (Saki Takamachi)
|
|
. Fix incorrect charset length in check_mb_eucjpms(). (nielsdos)
|
|
|
|
- Opcache:
|
|
. Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null).
|
|
(Arnaud, Dmitry)
|
|
. Fixed GH-13712 (Segmentation fault for enabled observers when calling trait
|
|
method of internal trait when opcache is loaded). (Bob)
|
|
|
|
- Random:
|
|
. Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown
|
|
modes). (timwolla)
|
|
. Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between
|
|
requests when MT_RAND_PHP is used). (timwolla)
|
|
|
|
- Session:
|
|
. Fixed bug GH-13680 (Segfault with session_decode and compilation error).
|
|
(nielsdos)
|
|
|
|
- SPL:
|
|
. Fixed bug GH-13685 (Unexpected null pointer in zend_string.h). (nielsdos)
|
|
|
|
- Standard:
|
|
. Fixed bug GH-11808 (Live filesystem modified by tests). (nielsdos)
|
|
. Fixed GH-13402 (Added validation of `\n` in $additional_headers of mail()).
|
|
(SakiTakamachi)
|
|
. Fixed bug GH-13203 (file_put_contents fail on strings over 4GB on Windows).
|
|
(divinity76)
|
|
. Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command
|
|
parameter of proc_open). (CVE-2024-1874) (Jakub Zelenka)
|
|
. Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
|
|
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos)
|
|
. Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
|
|
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka)
|
|
. Fixed bug GHSA-fjp9-9hwx-59fq (mb_encode_mimeheader runs endlessly for some
|
|
inputs). (CVE-2024-2757) (Alex Dowad)
|
|
|
|
14 Mar 2024, PHP 8.3.4
|
|
|
|
- Core:
|
|
. Fix ZTS persistent resource crashes on shutdown. (nielsdos)
|
|
|
|
- Curl:
|
|
. Fix failing tests due to string changes in libcurl 8.6.0. (Ayesh)
|
|
|
|
- DOM:
|
|
. Fix unlikely memory leak in case of namespace removal with extremely deep
|
|
trees. (nielsdos)
|
|
. Fix reference access in dimensions for DOMNodeList and DOMNodeMap.
|
|
(nielsdos)
|
|
|
|
- Fileinfo:
|
|
. Fixed bug GH-13344 (finfo::buffer(): Failed identify data 0:(null),
|
|
backport). (nielsdos)
|
|
|
|
- FPM:
|
|
. Fixed bug #75712 (getenv in php-fpm should not read $_ENV, $_SERVER).
|
|
(Jakub Zelenka)
|
|
|
|
- GD:
|
|
. Fixed bug GH-12019 (detection of image formats in system gd library).
|
|
(Michael Orlitzky)
|
|
|
|
- MySQLnd:
|
|
. Fixed bug GH-11950 ([mysqlnd] Fixed not to set CR_MALFORMED_PACKET to error
|
|
if CR_SERVER_GONE_ERROR is already set). (Saki Takamachi)
|
|
|
|
- PDO:
|
|
. Fix various PDORow bugs. (Girgias)
|
|
|
|
- PGSQL:
|
|
. Fixed bug GH-13354 (pg_execute/pg_send_query_params/pg_send_execute
|
|
with null value passed by reference). (George Barbarosie)
|
|
|
|
- SPL:
|
|
. Fixed bug GH-13531 (Unable to resize SplfixedArray after being unserialized
|
|
in PHP 8.2.15). (nielsdos)
|
|
|
|
- Standard:
|
|
. Fixed bug GH-13279 (Instable array during in-place modification in uksort).
|
|
(ilutov)
|
|
. Fixed array key as hash to string (case insensitive) comparison typo
|
|
for the second operand buffer size (albeit unused for now). (A. Slepykh)
|
|
|
|
- XML:
|
|
. Fixed bug GH-13517 (Multiple test failures when building with
|
|
--with-expat). (nielsdos)
|
|
|
|
15 Feb 2024, PHP 8.3.3
|
|
|
|
- Core:
|
|
. Fixed timer leak in zend-max-execution-timers builds. (withinboredom)
|
|
. Fixed bug GH-12349 (linking failure on ARM with mold). (Jan Palus)
|
|
. Fixed bug GH-13097 (Anonymous class reference in trigger_error / thrown
|
|
Exception). (nielsdos)
|
|
. Fixed bug GH-13177 (PHP 8.3.2: final private constructor not allowed
|
|
when used in trait). (nielsdos)
|
|
. Fixed bug GH-13215 (GCC 14 build failure). (Remi)
|
|
|
|
- Curl:
|
|
. Fix missing error check in curl_multi_init(). (divinity76)
|
|
|
|
- FPM:
|
|
. Fixed bug GH-12996 (Incorrect SCRIPT_NAME with Apache ProxyPassMatch when
|
|
plus in path). (Jakub Zelenka)
|
|
|
|
- GD:
|
|
. Fixed bug GH-10344 (imagettfbbox(): Could not find/open font UNC path).
|
|
(nielsdos)
|
|
. Fixed bug GH-10614 (imagerotate will turn the picture all black, when
|
|
rotated 90). (nielsdos)
|
|
|
|
- LibXML:
|
|
. Fix crashes with entity references and predefined entities. (nielsdos)
|
|
|
|
- MySQLnd:
|
|
. Fixed bug GH-12107 (When running a stored procedure (that returns a result
|
|
set) twice, PHP crashes). (nielsdos)
|
|
|
|
- Opcache:
|
|
. Fixed bug GH-13145 (strtok() is not comptime). (ilutov)
|
|
. Fixed type inference of range(). (ilutov)
|
|
. Fixed bug GH-13232 (Segmentation fault will be reported when JIT is off but
|
|
JIT_debug is still on). (nielsdos)
|
|
|
|
- OpenSSL:
|
|
. Fixed LibreSSL undefined reference when OPENSSL_NO_ENGINE not set.
|
|
(David Carlier).
|
|
|
|
- PDO_Firebird:
|
|
. Fix GH-13119 (Changed to convert float and double values into strings using
|
|
`H` format). (SakiTakamachi)
|
|
|
|
- Phar:
|
|
. Fixed bug #71465 (PHAR doesn't know about litespeed). (nielsdos)
|
|
. Fixed bug GH-13037 (PharData incorrectly extracts zip file). (nielsdos)
|
|
|
|
- Random:
|
|
. Fixed bug GH-13138 (Randomizer::pickArrayKeys() does not detect broken
|
|
engines). (timwolla)
|
|
|
|
- Session:
|
|
. Fixed bug GH-12504 (Corrupted session written when there's a fatal error
|
|
in autoloader). (nielsdos)
|
|
|
|
- Standard:
|
|
. Fixed bug GH-13094 (range(9.9, '0') causes segmentation fault). (nielsdos)
|
|
|
|
- Streams:
|
|
. Fixed bug GH-13071 (Copying large files using mmap-able source streams may
|
|
exhaust available memory and fail). (nielsdos)
|
|
|
|
18 Jan 2024, PHP 8.3.2
|
|
|
|
- Core:
|
|
. Fixed bug GH-12953 (false positive SSA integrity verification failed when
|
|
loading composer classmaps with more than 11k elements). (nielsdos)
|
|
. Fixed bug GH-12999 (zend_strnlen build when strnlen is unsupported).
|
|
(rainerjung)
|
|
. Fixed bug GH-12966 (missing cross-compiling 3rd argument so Autoconf
|
|
doesn't emit warnings). (Peter Kokot)
|
|
. Fixed bug GH-12854 (8.3 - as final trait-used method does not correctly
|
|
report visibility in Reflection). (nielsdos)
|
|
|
|
- Cli:
|
|
. Fix incorrect timeout in built-in web server when using router script and
|
|
max_input_time. (ilutov)
|
|
|
|
- DOM:
|
|
. Fixed bug GH-12870 (Creating an xmlns attribute results in a DOMException).
|
|
(nielsdos)
|
|
. Fix crash when toggleAttribute() is used without a document. (nielsdos)
|
|
. Fix crash in adoptNode with attribute references. (nielsdos)
|
|
. Fixed bug GH-13012 (DOMNode::isEqualNode() is incorrect when attribute
|
|
order is different). (nielsdos)
|
|
|
|
- FFI:
|
|
. Fixed bug GH-9698 (stream_wrapper_register crashes with FFI\CData).
|
|
(Jakub Zelenka)
|
|
. Fixed bug GH-12905 (FFI::new interacts badly with observers). (nielsdos)
|
|
|
|
- GD:
|
|
. Fixed GH-13082 undefined behavior with GdFont instances handling with
|
|
imageload* and imagechar*. (David Carlier)
|
|
|
|
- Intl:
|
|
. Fixed GH-12943 (IntlDateFormatter::__construct accepts 'C' as valid locale).
|
|
(David Carlier)
|
|
|
|
- Hash:
|
|
. Fixed bug GH-12936 (hash() function hangs endlessly if using sha512 on
|
|
strings >= 4GiB). (nielsdos)
|
|
|
|
- MBString:
|
|
. When operating on a string with invalid encoding, mb_substr (as well
|
|
as mb_strstr and its variants) defines character indices in the same
|
|
way as other mbstring functions such as mb_strpos. (Alex Dowad)
|
|
|
|
- ODBC:
|
|
. Fix crash on Apache shutdown with persistent connections. (nielsdos)
|
|
|
|
- Opcache:
|
|
. Fixed oss-fuzz #64727 (JIT undefined array key warning may overwrite DIM
|
|
with NULL when DIM is the same var as result). (ilutov)
|
|
. Added workaround for SELinux mprotect execheap issue.
|
|
See https://bugzilla.kernel.org/show_bug.cgi?id=218258. (ilutov)
|
|
|
|
- OpenSSL:
|
|
. Fixed bug GH-12987 (openssl_csr_sign might leak new cert on error).
|
|
(Jakub Zelenka)
|
|
|
|
- PDO:
|
|
. Fix GH-12969 (Fixed PDO::getAttribute() to get PDO::ATTR_STRINGIFY_FETCHES).
|
|
(SakiTakamachi)
|
|
|
|
- PDO_ODBC:
|
|
. Fixed bug GH-12767 (Unable to turn on autocommit mode with setAttribute()).
|
|
(SakiTakamachi)
|
|
|
|
- PGSQL:
|
|
. Fixed auto_reset_persistent handling and allow_persistent type. (David Carlier)
|
|
. Fixed bug GH-12974 (Apache crashes on shutdown when using pg_pconnect()).
|
|
(nielsdos)
|
|
|
|
- Phar:
|
|
. Fixed bug #77432 (Segmentation fault on including phar file). (nielsdos)
|
|
|
|
- PHPDBG:
|
|
. Fixed bug GH-12962 (Double free of init_file in phpdbg_prompt.c). (nielsdos)
|
|
|
|
- SimpleXML:
|
|
. Fix getting the address of an uninitialized property of a SimpleXMLElement
|
|
resulting in a crash. (nielsdos)
|
|
. Fixed bug GH-12929 (SimpleXMLElement with stream_wrapper_register can
|
|
segfault). (nielsdos)
|
|
|
|
- Tidy:
|
|
. Fixed bug GH-12980 (tidynode.props.attribute is missing
|
|
"Boolean Attributes" and empty attributes). (nielsdos)
|
|
|
|
07 Dec 2023, PHP 8.3.1RC1
|
|
|
|
- Core:
|
|
. Fixed bug GH-12758 / GH-12768 (Invalid opline in OOM handlers within
|
|
ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC). (Florian Engelhardt)
|
|
. Fix various missing NULL checks. (nielsdos, dstogov)
|
|
. Fixed bug GH-12835 (Leak of call->extra_named_params on internal __call).
|
|
(ilutov)
|
|
. Fixed bug GH-12826 (Weird pointers issue in nested loops). (nielsdos)
|
|
|
|
- FPM:
|
|
. Fixed bug GH-12705 (Segmentation fault in fpm_status_export_to_zval).
|
|
(Patrick Prasse)
|
|
|
|
- FTP:
|
|
. Fixed bug GH-9348 (FTP & SSL session reuse). (nielsdos)
|
|
|
|
- LibXML:
|
|
. Fixed test failures for libxml2 2.12.0. (nielsdos)
|
|
|
|
- MySQLnd:
|
|
. Avoid using uninitialised struct. (mikhainin)
|
|
. Fixed bug GH-12791 (Possible dereference of NULL in MySQLnd debug code).
|
|
(nielsdos)
|
|
|
|
- Opcache:
|
|
. Fixed JIT bug (Function JIT emits "Uninitialized string offset" warning
|
|
at the same time as invalid offset Error). (Girgias)
|
|
. Fixed JIT bug (JIT emits "Attempt to assign property of non-object"
|
|
warning at the same time as Error is being thrown). (Girgias)
|
|
|
|
- PDO PGSQL:
|
|
. Fixed the default value of $fetchMode in PDO::pgsqlGetNotify() (kocsismate)
|
|
|
|
- SOAP:
|
|
. Fixed bug GH-12838 ([SOAP] Temporary WSDL cache files not being deleted).
|
|
(nielsdos)
|
|
|
|
- Standard
|
|
. Fixed GH-12745 (http_build_query() default null argument for $arg_separator
|
|
is implicitly coerced to string). (Girgias)
|
|
|
|
23 Nov 2023, PHP 8.3.0
|
|
|
|
- Bcmath
|
|
. Fixed GH-11761 (removing trailing zeros from numbers) (jorgsowa)
|
|
|
|
- CLI:
|
|
. Added pdeathsig to builtin server to terminate workers when the master
|
|
process is killed. (ilutov)
|
|
. Fixed bug GH-11104 (STDIN/STDOUT/STDERR is not available for CLI without
|
|
a script). (nielsdos)
|
|
. Implement GH-10024 (support linting multiple files at once using php -l).
|
|
(nielsdos)
|
|
|
|
- Core:
|
|
. Fix GH-11388 (Allow "final" modifier when importing a method from a trait).
|
|
(nielsdos)
|
|
. Fixed bug GH-11406 (segfault with unpacking and magic method closure).
|
|
(nielsdos)
|
|
. Fixed bug GH-9388 (Improve unset property and __get type incompatibility
|
|
error message). (ilutov)
|
|
. SA_ONSTACK is now set for signal handlers to be friendlier to other
|
|
in-process code such as Go's cgo. (Kévin Dunglas)
|
|
. SA_ONSTACK is now set when signals are disabled. (Kévin Dunglas)
|
|
. Fix GH-9649: Signal handlers now do a no-op instead of crashing when
|
|
executed on threads not managed by TSRM. (Kévin Dunglas)
|
|
. Added shadow stack support for fibers. (Chen Hu)
|
|
. Fix bug GH-9965 (Fix accidental caching of default arguments with side
|
|
effects). (ilutov)
|
|
. Implement GH-10217 (Use strlen() for determining the class_name length).
|
|
(Dennis Buteyn)
|
|
. Fix bug GH-8821 (Improve line numbers for errors in constant expressions).
|
|
(ilutov)
|
|
. Fix bug GH-10083 (Allow comments between & and parameter). (ilutov)
|
|
. Zend Max Execution Timers is now enabled by default for ZTS builds on
|
|
Linux. (Kévin Dunglas)
|
|
. Fix bug GH-10469 (Disallow .. in open_basedir paths set at runtime).
|
|
(ilutov)
|
|
. Fix bug GH-10168, GH-10582 (Various segfaults with destructors and VM return
|
|
values). (dstogov, nielsdos, ilutov)
|
|
. Fix bug GH-10935 (Use of trait doesn't redeclare static property if class
|
|
has inherited it from its parent). (ilutov)
|
|
. Fix bug GH-11154 (Negative indices on empty array don't affect next chosen
|
|
index). (ColinHDev)
|
|
. Fix bug GH-8846 (Implement delayed early binding for classes without
|
|
parents). (ilutov)
|
|
. Fix bug #79836 (Segfault in concat_function). (nielsdos)
|
|
. Fix bug #81705 (type confusion/UAF on set_error_handler with concat
|
|
operation). (nielsdos)
|
|
. Fix GH-11348 (Closure created from magic method does not accept named
|
|
arguments). (nielsdos)
|
|
. Fix GH-11388 (Allow "final" modifier when importing a method from a trait).
|
|
(nielsdos)
|
|
. Fixed bug GH-11406 (segfault with unpacking and magic method closure).
|
|
(nielsdos)
|
|
. Fixed bug GH-11507 (String concatenation performance regression in 8.3).
|
|
(nielsdos)
|
|
. Fixed GH-11488 (Missing "Optional parameter before required" deprecation on
|
|
union null type). (ilutov)
|
|
. Implement the #[\Override] attribute RFC. (timwolla)
|
|
. Fixed bug GH-11601 (Incorrect handling of unwind and graceful exit
|
|
exceptions). (ilutov)
|
|
. Added zend_call_stack_get implementation for OpenBSD. (David Carlier)
|
|
. Add stack limit check in zend_eval_const_expr(). (Arnaud)
|
|
. Expose time spent collecting cycles in gc_status(). (Arnaud)
|
|
. Remove WeakMap entries whose key is only reachable through the entry value.
|
|
(Arnaud)
|
|
. Resolve open_basedir paths on INI update. (ilutov)
|
|
. Fixed oss-fuzz #60741 (Leak in open_basedir). (ilutov)
|
|
. Fixed segfault during freeing of some incompletely initialized objects due
|
|
to OOM error (PDO, SPL, XSL). (ilutov)
|
|
. Introduced Zend guard recursion protection to fix __debugInfo issue.
|
|
(Jakub Zelenka)
|
|
. Fixed oss-fuzz #61712 (assertion failure with error handler during binary
|
|
op). (nielsdos)
|
|
. Fixed GH-11847 (DTrace enabled build is broken). (Filip Zrůst)
|
|
. Fixed OSS Fuzz #61865 (Undef variable in ++/-- for declared property
|
|
that is unset in error handler). (Girgias)
|
|
. Fixed warning emitted when checking if a user stream is castable. (Girgias)
|
|
. Fixed bug GH-12123 (Compile error on MacOS with C++ extension when using
|
|
ZEND_BEGIN_ARG_WITH_RETURN_TYPE_INFO_EX). (kocsismate)
|
|
. Fixed bug GH-12189 (#[Override] attribute in trait does not check for
|
|
parent class implementations). (timwolla)
|
|
. Fixed OSS Fuzz #62294 (Unsetting variable after ++/-- on string variable
|
|
warning). (Girgias)
|
|
. Fixed buffer underflow when compiling memoized expression. (ilutov)
|
|
. Fixed oss-fuzz #63802 (OP1 leak in error path of post inc/dec). (ilutov)
|
|
|
|
- Curl:
|
|
. Added Curl options and constants up to (including) version 7.87.
|
|
(nielsdos, adoy)
|
|
|
|
- Date:
|
|
. Implement More Appropriate Date/Time Exceptions RFC. (Derick)
|
|
|
|
- DOM:
|
|
. Fix bug GH-8388 (DOMAttr unescapes character reference). (Tim Starling)
|
|
. Fix bug GH-11308 (getElementsByTagName() is O(N^2)). (nielsdos)
|
|
. Fix #79700 (wrong use of libxml oldNs leads to performance problem).
|
|
(nielsdos)
|
|
. Fix #77894 (DOMNode::C14N() very slow on generated DOMDocuments even after
|
|
normalisation). (nielsdos)
|
|
. Revert changes to DOMAttr::$value and DOMAttr::$nodeValue expansion.
|
|
(nielsdos)
|
|
. Fixed bug GH-11500 (Namespace reuse in createElementNS() generates wrong
|
|
output). (nielsdos)
|
|
. Implemented DOMDocument::adoptNode(). Previously this always threw a
|
|
"not yet implemented" exception. (nielsdos)
|
|
. Fixed bug GH-9628 (Implicitly removing nodes from \DOMDocument breaks
|
|
existing references). (nielsdos)
|
|
. Added DOMNode::contains() and DOMNameSpaceNode::contains(). (nielsdos)
|
|
. Added DOMElement::getAttributeNames(). (nielsdos)
|
|
. Added DOMNode::getRootNode(). (nielsdos)
|
|
. Added DOMElement::className and DOMElement::id. (nielsdos)
|
|
. Added DOMParentNode::replaceChildren(). (nielsdos)
|
|
. Added DOMNode::isConnected and DOMNameSpaceNode::isConnected. (nielsdos)
|
|
. Added DOMNode::parentElement and DOMNameSpaceNode::parentElement.
|
|
(nielsdos)
|
|
. Added DOMNode::isEqualNode(). (nielsdos)
|
|
. Added DOMElement::insertAdjacentElement() and
|
|
DOMElement::insertAdjacentText(). (nielsdos)
|
|
. Added DOMElement::toggleAttribute(). (nielsdos)
|
|
. Fixed bug GH-11792 (LIBXML_NOXMLDECL is not implemented or broken).
|
|
(nielsdos)
|
|
. adoptNode now respects the strict error checking property. (nielsdos)
|
|
. Align DOMChildNode parent checks with spec. (nielsdos)
|
|
. Fixed bug #80927 (Removing documentElement after creating attribute node:
|
|
possible use-after-free). (nielsdos)
|
|
. Fix various namespace prefix conflict resolution bugs. (nielsdos)
|
|
. Fix calling createAttributeNS() without prefix causing the default
|
|
namespace of the element to change. (nielsdos)
|
|
. Fixed GH-11952 (Confusing warning when blocking entity loading via
|
|
libxml_set_external_entity_loader). (nielsdos)
|
|
. Fix broken cache invalidation with deallocated and reallocated document
|
|
node. (nielsdos)
|
|
. Fix compile error when php_libxml.h header is included in C++.
|
|
(Remi, nielsdos)
|
|
. Fixed bug #47531 (No way of removing redundant xmlns: declarations).
|
|
(nielsdos)
|
|
|
|
- Exif:
|
|
. Removed unneeded codepaths in exif_process_TIFF_in_JPEG(). (nielsdos)
|
|
|
|
- FFI:
|
|
. Implement GH-11934 (Allow to pass CData into struct and/or union fields).
|
|
(nielsdos, KapitanOczywisty)
|
|
|
|
- Fileinfo:
|
|
. Upgrade bundled libmagic to 5.43. (Anatol)
|
|
. Fix GH-11408 (Unable to build PHP 8.3.0 alpha 1 / fileinfo extension).
|
|
(nielsdos)
|
|
|
|
- FPM:
|
|
. The status.listen shared pool now uses the same php_values (including
|
|
expose_php) and php_admin_value as the pool it is shared with. (dwxh)
|
|
. Added warning to log when fpm socket was not registered on the expected
|
|
path. (Joshua Behrens, Jakub Zelenka)
|
|
. Fixed bug #76067 (system() function call leaks php-fpm listening sockets).
|
|
(Mikhail Galanin, Jakub Zelenka)
|
|
. Fixed GH-12077 (PHP 8.3.0RC1 borked socket-close-on-exec.phpt).
|
|
(Jakub Zelenka)
|
|
|
|
- GD:
|
|
. Removed imagerotate "ignore_transparent" argument since it has no effect.
|
|
(David Carlier)
|
|
|
|
- Intl:
|
|
. Added pattern format error infos for numfmt_set_pattern. (David Carlier)
|
|
. Added MIXED_NUMBERS and HIDDEN_OVERLAY constants for
|
|
the Spoofchecker's class. (David Carlier)
|
|
. Updated datefmt_set_timezone/IntlDateformatter::setTimezone returns type.
|
|
(David Carlier).
|
|
. Updated IntlBreakInterator::setText return type. (David Carlier)
|
|
. Updated IntlChar::enumCharNames return type. (David Carlier)
|
|
. Removed the BC break on IntlDateFormatter::construct which threw an
|
|
exception with an invalid locale. (David Carlier)
|
|
|
|
- JSON:
|
|
. Added json_validate(). (Juan Morales)
|
|
|
|
- LDAP:
|
|
. Deprecate calling ldap_connect() with separate hostname and port.
|
|
(heiglandreas)
|
|
|
|
- LibXML:
|
|
. Fix compile error with -Werror=incompatible-function-pointer-types and
|
|
old libxml2. (nielsdos)
|
|
|
|
- MBString:
|
|
. mb_detect_encoding is better able to identify the correct encoding for
|
|
Turkish text. (Alex Dowad)
|
|
. mb_detect_encoding's "non-strict" mode now behaves as described in the
|
|
documentation. Previously, it would return false if the same byte
|
|
(for example, the first byte) of the input string was invalid in all
|
|
candidate encodings. More generally, it would eliminate candidate
|
|
encodings from consideration when an invalid byte was seen, and if the
|
|
same input byte eliminated all remaining encodings still under
|
|
consideration, it would return false. On the other hand, if all candidate
|
|
encodings but one were eliminated from consideration, it would return the
|
|
last remaining one without regard for how many encoding errors might be
|
|
encountered later in the string. This is different from the behavior
|
|
described in the documentation, which says: "If strict is set to false,
|
|
the closest matching encoding will be returned." (Alex Dowad)
|
|
. mb_strtolower, mb_strtotitle, and mb_convert_case implement conditional
|
|
casing rules for the Greek letter sigma. For mb_convert_case, conditional
|
|
casing only applies to MB_CASE_LOWER and MB_CASE_TITLE modes, not to
|
|
MB_CASE_LOWER_SIMPLE and MB_CASE_TITLE_SIMPLE. (Alex Dowad)
|
|
. mb_detect_encoding is better able to identify UTF-8 and UTF-16 strings
|
|
with a byte-order mark. (Alex Dowad)
|
|
. mb_decode_mimeheader interprets underscores in QPrint-encoded MIME
|
|
encoded words as required by RFC 2047; they are converted to spaces.
|
|
Underscores must be encoded as "=5F" in such MIME encoded words.
|
|
(Alex Dowad)
|
|
. mb_encode_mimeheader no longer drops NUL (zero) bytes when
|
|
QPrint-encoding the input string. This previously caused strings in
|
|
certain text encodings, especially UTF-16 and UTF-32, to be
|
|
corrupted by mb_encode_mimeheader. (Alex Dowad)
|
|
. Implement mb_str_pad() RFC. (nielsdos)
|
|
. Fixed bug GH-11514 (PHP 8.3 build fails with --enable-mbstring enabled).
|
|
(nielsdos)
|
|
. Fix use-after-free of mb_list_encodings() return value. (ilutov)
|
|
. Fixed bug GH-11992 (utf_encodings.phpt fails on Windows 32-bit). (nielsdos)
|
|
|
|
- mysqli:
|
|
. mysqli_fetch_object raises a ValueError instead of an Exception.
|
|
(David Carlier)
|
|
|
|
- Opcache:
|
|
. Added start, restart and force restart time to opcache's
|
|
phpinfo section. (Mikhail Galanin)
|
|
. Fix GH-9139: Allow FFI in opcache.preload when opcache.preload_user=root.
|
|
(Arnaud, Kapitan Oczywisty)
|
|
. Made opcache.preload_user always optional in the cli and phpdbg SAPIs.
|
|
(Arnaud)
|
|
. Allows W/X bits on page creation on FreeBSD despite system settings.
|
|
(David Carlier)
|
|
. Added memfd api usage, on Linux, for zend_shared_alloc_create_lock()
|
|
to create an abstract anonymous file for the opcache's lock. (Max Kellermann)
|
|
. Avoid resetting JIT counter handlers from multiple processes/threads.
|
|
(ilutov)
|
|
. Fixed COPY_TMP type inference for references. (ilutov)
|
|
|
|
- OpenSSL:
|
|
. Added OPENSSL_CMS_OLDMIMETYPE and PKCS7_NOOLDMIMETYPE contants to switch
|
|
between mime content types. (Daniel Kesselberg)
|
|
. Fixed GH-11054: Reset OpenSSL errors when using a PEM public key.
|
|
(Florian Moser)
|
|
. Added support for additional EC parameters in openssl_pkey_new. (Eno-CN)
|
|
|
|
- PCNTL:
|
|
. SA_ONSTACK is now set for pcntl_signal. (Kévin Dunglas)
|
|
. Added SIGINFO constant. (David Carlier)
|
|
|
|
- PCRE:
|
|
. Update bundled libpcre2 to 10.42. (nielsdos)
|
|
|
|
- PGSQL:
|
|
. pg_fetch_object raises a ValueError instead of an Exception.
|
|
(David Carlier)
|
|
. pg_cancel use thread safe PQcancel api instead. (David Carlier)
|
|
. pg_trace new PGSQL_TRACE_SUPPRESS_TIMESTAMPS/PGSQL_TRACE_REGRESS_MODE
|
|
contants support. (David Carlier)
|
|
. pg_set_error_verbosity adding PGSQL_ERRORS_STATE constant. (David Carlier)
|
|
. pg_convert/pg_insert E_WARNING on type errors had been converted to
|
|
ValueError/TypeError exceptions. (David Carlier)
|
|
. Added pg_set_error_context_visibility to set the context's visibility
|
|
within the error messages. (David Carlier)
|
|
|
|
- Phar:
|
|
. Fix memory leak in phar_rename_archive(). (stkeke)
|
|
|
|
- POSIX:
|
|
. Added posix_sysconf. (David Carlier)
|
|
. Added posix_pathconf. (David Carlier)
|
|
. Added posix_fpathconf. (David Carlier)
|
|
. Fixed zend_parse_arg_long's bool pointer argument assignment. (Cristian Rodriguez)
|
|
. Added posix_eaccess. (David Carlier)
|
|
|
|
- Random:
|
|
. Added Randomizer::getBytesFromString(). (Joshua Rüsweg)
|
|
. Added Randomizer::nextFloat(), ::getFloat(), and IntervalBoundary. (timwolla)
|
|
. Enable getrandom() for NetBSD (from 10.x). (David Carlier)
|
|
. Deprecate MT_RAND_PHP. (timwolla)
|
|
. Fix Randomizer::getFloat() returning incorrect results under
|
|
certain circumstances. (timwolla)
|
|
|
|
- Reflection:
|
|
. Fix GH-9470 (ReflectionMethod constructor should not find private parent
|
|
method). (ilutov)
|
|
. Fix GH-10259 (ReflectionClass::getStaticProperties doesn't need null return
|
|
type). (kocsismate)
|
|
|
|
- SAPI:
|
|
. Fixed GH-11141 (Could not open input file: should be sent to stderr).
|
|
(nielsdos)
|
|
|
|
- Session:
|
|
. Fixed bug GH-11529 (Crash after dealing with an Apache request). (nielsdos)
|
|
|
|
- SimpleXML:
|
|
. Fixed bug GH-12192 (SimpleXML infinite loop when getName() is called
|
|
within foreach). (nielsdos)
|
|
. Fixed bug GH-12208 (SimpleXML infinite loop when a cast is used inside a
|
|
foreach). (nielsdos)
|
|
. Fixed bug #55098 (SimpleXML iteration produces infinite loop). (nielsdos)
|
|
|
|
- Sockets:
|
|
. Added SO_ATTACH_REUSEPORT_CBPF socket option, to give tighter control
|
|
over socket binding for a cpu core. (David Carlier)
|
|
. Added SKF_AD_QUEUE for cbpf filters. (David Carlier)
|
|
. Added socket_atmark if send/recv needs using MSG_OOB. (David Carlier)
|
|
. Added TCP_QUICKACK constant, to give tigher control over
|
|
ACK delays. (David Carlier)
|
|
. Added DONTFRAGMENT support for path MTU discovery purpose. (David Carlier)
|
|
. Added AF_DIVERT for raw socket for divert ports. (David Carlier)
|
|
. Added SOL_UPDLITE, UDPLITE_RECV_CSCOV and UDPLITE_SEND_CSCOV for updlite
|
|
protocol support. (David Carlier)
|
|
. Added SO_RERROR, SO_ZEROIZE and SO_SPLICE netbsd and openbsd constants.
|
|
(David Carlier)
|
|
. Added TCP_REPAIR for quietly close a connection. (David Carlier)
|
|
. Added SO_REUSEPORT_LB freebsd constant. (David Carlier)
|
|
. Added IP_BIND_ADDRESS_NO_PORT. (David Carlier)
|
|
|
|
- SPL:
|
|
. Fixed GH-11573 (RecursiveDirectoryIterator::hasChildren is slow).
|
|
(nielsdos)
|
|
|
|
- Standard:
|
|
. E_NOTICEs emitted by unserialize() have been promoted to E_WARNING. (timwolla)
|
|
. unserialize() now emits a new E_WARNING if the input contains unconsumed
|
|
bytes. (timwolla)
|
|
. Make array_pad's $length warning less confusing. (nielsdos)
|
|
. E_WARNING emitted by strtok in the caase both arguments are not provided when
|
|
starting tokenisation. (David Carlier)
|
|
. password_hash() will now chain the original RandomException to the ValueError
|
|
on salt generation failure. (timwolla)
|
|
. Fix GH-10239 (proc_close after proc_get_status always returns -1). (nielsdos)
|
|
. Improve the warning message for unpack() in case not enough values were
|
|
provided. (nielsdos)
|
|
. Fix GH-11010 (parse_ini_string() now preserves formatting of unquoted
|
|
strings starting with numbers when the INI_SCANNER_TYPED flag is
|
|
specified). (ilutov)
|
|
. Fix GH-10742 (http_response_code emits no error when headers were already
|
|
sent). (NattyNarwhal)
|
|
. Added support for rounding negative places in number_format().
|
|
(Marc Bennewitz)
|
|
. Prevent precision loss on formatting decimal integers in number_format().
|
|
(Marc Bennewitz)
|
|
. Added usage of posix_spawn for proc_open when supported by OS.
|
|
(Cristian Rodriguez)
|
|
. Added $before_needle argument to strrchr(). (HypeMC)
|
|
. Fixed GH-11982 (str_getcsv returns null byte for unterminated enclosure).
|
|
(Jakub Zelenka)
|
|
. Fixed str_decrement() on "1". (ilutov)
|
|
|
|
- Streams:
|
|
. Fixed bug #51056: blocking fread() will block even if data is available.
|
|
(Jakub Zelenka)
|
|
. Added storing of the original path used to open xport stream.
|
|
(Luc Vieillescazes)
|
|
. Implement GH-8641 (STREAM_NOTIFY_COMPLETED over HTTP never emitted).
|
|
(nielsdos, Jakub Zelenka)
|
|
. Fix bug GH-10406 (fgets on a redis socket connection fails on PHP 8.3).
|
|
(Jakub Zelenka)
|
|
. Implemented GH-11242 (_php_stream_copy_to_mem: Allow specifying a maximum
|
|
length without allocating a buffer of that size). (Jakub Zelenka)
|
|
. Fixed bug #52335 (fseek() on memory stream behavior different than file).
|
|
(Jakub Zelenka)
|
|
. Fixed bug #76857 (Can read "non-existant" files). (Jakub Zelenka)
|
|
|
|
- XSLTProcessor:
|
|
. Fixed bug #69168 (DomNode::getNodePath() returns invalid path). (nielsdos)
|
|
|
|
- ZIP:
|
|
. zip extension version 1.22.0 for libzip 1.10.0. (Remi)
|
|
. add new error macros (ER_DATA_LENGTH and ER_NOT_ALLOWED). (Remi)
|
|
. add new archive global flags (ER_AFL_*). (Remi)
|
|
. add ZipArchive::setArchiveFlag and ZipArchive::getArchiveFlag methods.
|
|
(Remi)
|