PHP Changelog

New in version 5.6.1

October 3rd, 2014
  • Core:
  • Implemented FR #38409 (parse_ini_file() loses the type of booleans).
  • Fixed bug #65463 (SIGSEGV during zend_shutdown()).
  • Fixed bug #66036 (Crash on SIGTERM in apache process).
  • Fixed bug #67878 (program_prefix not honoured in man pages).
  • Fixed bug #67938 (Segfault when extending interface method with variadic).
  • Fixed bug #67985 (Incorrect last used array index copied to new array after unset).
  • Fixed bug #68088 (New Posthandler Potential Illegal efree() vulnerability).
  • DOM:
  • Made DOMNode::textContent writeable.
  • Fileinfo:
  • Fixed bug #67731 (finfo::file() returns invalid mime type for binary files).
  • GD:
  • Made fontFetch's path parser thread-safe.
  • GMP:
  • Fixed bug #67917 (Using GMP objects with overloaded operators can cause memory exhaustion).
  • Fixed bug #50175 (gmp_init() results 0 on given base and number starting with 0x or 0b).
  • Implemented gmp_import() and gmp_export().
  • MySQLi:
  • Fixed bug #67839 (mysqli does not handle 4-byte floats correctly).
  • OpenSSL:
  • Fixed bug #67850 (extension won't build if openssl compiled without SSLv3).
  • phpdbg:
  • Fixed issue krakjoe/phpdbg#111 (compile error without ZEND_SIGNALS).
  • SOAP:
  • Fixed bug #67955 (SoapClient prepends 0-byte to cookie names).
  • Session:
  • Fixed bug #67972 (SessionHandler Invalid memory read create_sid()).
  • Sysvsem:
  • Implemented FR #67990 (Add optional nowait argument to sem_acquire).

New in version 5.5.16 (August 27th, 2014)

  • COM:
  • Fixed missing type checks in com_event_sink.
  • Core:
  • Fixed bug #67693 (incorrect push to the empty array).
  • Fileinfo:
  • Fixed bug #67705 (extensive backtracking in rule regular expression). (CVE-2014-3538).
  • Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587)).
  • FPM:
  • Fixed bug #67635 (php links to systemd libraries without using pkg-config).
  • GD:
  • Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference). (CVE-2014-2497).
  • Fixed bug #67730 (Null byte injection possible with imagexxx functions). (CVE-2014-5120).
  • Milter:
  • Fixed bug #67715 (php-milter does not build and crashes randomly).
  • Network:
  • Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597).
  • OpenSSL:
  • Fixed missing type checks in OpenSSL options.
  • readline:
  • Fixed bug #55496 (Interactive mode doesn't force a newline before the prompt).
  • Fixed bug #67496 (Save command history when exiting interactive shell with control-c).
  • Sessions:
  • Fixed missing type checks in php_session_create_id.
  • ODBC:
  • Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte char fields).

New in version 5.6.0 Alpha 2 (February 17th, 2014)

  • Peer certificates are now verified by default when connecting to SSL/TLS servers
  • An exponentiation operator has been added: **
  • Output encoding handling has been simplified by using default_charset as the default character encoding

New in version 5.6.0 Alpha 1 (January 25th, 2014)

  • constant scalar expressions,
  • variadic functions,
  • argument unpacking,
  • support for large(>2GiB) file uploads,
  • SSL/TLS improvements,
  • a new command line debugger called phpdbg.

New in version 5.5.8 (January 10th, 2014)

  • Core:
  • Disallowed JMP into a finally block.
  • Added validation of class names in the autoload process.
  • Fixed invalid C code in zend_strtod.c.
  • Fixed bug #66041 (list() fails to unpack yielded ArrayAccess object).
  • Fixed bug #65764 (generators/throw_rethrow FAIL with ZEND_COMPILE_EXTENDED_INFO).
  • Fixed bug #61645 (fopen and O_NONBLOCK).
  • Fixed bug #66218 (zend_register_functions breaks reflection).
  • Date:
  • Fixed bug #66060 (Heap buffer over-read in DateInterval).
  • Fixed bug #65768 (DateTimeImmutable::diff does not work).
  • DOM:
  • Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML() Produces invalid Markup).
  • Exif:
  • Fixed bug #65873 (Integer overflow in exif_read_data()).
  • Filter:
  • Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer).
  • GD:
  • Fixed bug #64405 (Use freetype-config for determining freetype2 dir(s)).
  • PDO_odbc:
  • Fixed bug #66311 (Stack smashing protection kills PDO/ODBC queries).
  • MySQLi:
  • Fixed bug #65486 (mysqli_poll() is broken on win x64).
  • OPCache:
  • Fixed revalidate_path=1 behavior to avoid caching of symlinks values.
  • Fixed Issue #140: "opcache.enable_file_override" doesn't respect "opcache.revalidate_freq".
  • SNMP:
  • Fixed SNMP_ERR_TOOBIG handling for bulk walk operations.
  • SOAP:
  • Fixed bug #66112 (Use after free condition in SOAP extension).
  • Sockets:
  • Fixed bug #65923 (ext/socket assumes AI_V4MAPPED is defined).
  • XSL:
  • Fixed bug #49634 (Segfault throwing an exception in a XSL registered function).
  • ZIP:
  • Fixed bug #66321 (ZipArchive::open() ze_obj->filename_len not real).

New in version 5.5.7 (December 12th, 2013)

  • CLI server:
  • Added some MIME types to the CLI web server (Chris Jones)
  • Implemented FR #65917 (getallheaders() is not supported by the built-in web server) also implements apache_response_headers() (Andrea Faulds)
  • Core:
  • Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string). (Laruence)
  • OPCache:
  • Fixed bug #66176 (Invalid constant substitution). (Dmitry)
  • Fixed bug #65915 (Inconsistent results with require return value). (Dmitry)
  • Fixed bug #65559 (Opcache: cache not cleared if changes occur while running). (Dmitry)
  • OpenSSL:
  • Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser).
  • readline:
  • Fixed Bug #65714 (PHP cli forces the tty to cooked mode). (Remi)

New in version 5.5.7 RC1 (November 29th, 2013)

  • CLI server:
  • Added some MIME types to the CLI web server (Chris Jones)
  • Implemented FR #65917 (getallheaders() is not supported by the built-in web server) also implements apache_response_headers() (Andrea Faulds)
  • Core:
  • Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string). (Laruence)
  • OPCache:
  • Fixed bug #66176 (Invalid constant substitution). (Dmitry)
  • Fixed bug #65915 (Inconsistent results with require return value). (Dmitry)
  • Fixed bug #65559 (Opcache: cache not cleared if changes occur while running). (Dmitry)
  • readline:
  • Fixed Bug #65714 (PHP cli forces the tty to cooked mode). (Remi)

New in version 5.5.6 (November 14th, 2013)

  • Core:
  • Improved performance of array_merge() and func_get_args() by eliminating useless copying.
  • Fixed bug #65947 (basename is no more working after fgetcsv in certain situation).
  • Fixed bug #65939 (Space before ";" breaks php.ini parsing).
  • Fixed bug #65911 (scope resolution operator - strange behavior with $this).
  • Fixed bug #65936 (dangling context pointer causes crash).
  • FPM:
  • Changed default listen() backlog to 65535.
  • MySQLi:
  • Fixed bug #66043 (Segfault calling bind_param() on mysqli).
  • OPCache:
  • Increased limit for opcache.max_accelerated_files to 1,000,000.
  • Fixed issue #115 (path issue when using phar).
  • Fixed issue #149 (Phar mount points not working with OPcache enabled).
  • ODBC:
  • Fixed bug #65950 (Field name truncation if the field name is bigger than 32 characters).
  • PDO:
  • Fixed bug #66033 (Segmentation Fault when constructor of PDO statement throws an exception).
  • Fixed bug #65946 (sql_parser permanently converts values bound to strings).
  • Standard:
  • Fixed bug #64760 (var_export() does not use full precision for floating-point numbers).

New in version 5.5.5 (October 17th, 2013)

  • Core:
  • Fixed bug #64979 (Wrong behavior of static variables in closure generators).
  • Fixed bug #65322 (compile time errors won't trigger auto loading).
  • Fixed bug #65821 (By-ref foreach on property access of string offset segfaults).
  • CLI Server:
  • Fixed bug #65633 (built-in server treat some http headers as case-sensitive).
  • Fixed bug #65818 (Segfault with built-in webserver and chunked transfer encoding).
  • Added application/pdf to PHP CLI Web Server mime types
  • Datetime:
  • Fixed bug #64157 (DateTime::createFromFormat() reports confusing error message).
  • Fixed bug #65502 (DateTimeImmutable::createFromFormat returns DateTime).
  • Fixed bug #65548 (Comparison for DateTimeImmutable doesn't work).
  • DBA:
  • Fixed bug #65708 (dba functions cast $key param to string in-place, bypassing copy on write).
  • Filter:
  • Add RFC 6598 IPs to reserved addresses.
  • Fixed bug #64441 (FILTER_VALIDATE_URL rejects fully qualified domain names).
  • FTP:
  • Fixed bug #65667 (ftp_nb_continue produces segfault).
  • GD:
  • Ensure that the defined interpolation method is used with the generic scaling methods.
  • IMAP:
  • Fixed bug #65721 (configure script broken in 5.5.4 and 5.4.20 when enabling imap).
  • OPCache:
  • Fixed bug #65845 (Error when Zend Opcache Optimizer is fully enabled).
  • Fixed bug #65665 (Exception not properly caught when opcache enabled).
  • Fixed bug #65510 (5.5.2 crashes in _get_zval_ptr_ptr_var).
  • Fixed issue #135 (segfault in interned strings if initial memory is too low).
  • Added function opcache_compile_file() to load PHP scripts into cache without execution.
  • Added support for GNU Hurd.
  • Sockets:
  • Fixed bug #65808 (the socket_connect() won't work with IPv6 address).
  • SPL:
  • Fixed bug #64782 (SplFileObject constructor make $context optional / give it a default value).
  • Standard:
  • Fixed bug #61548 content-type must appear at the end of headers for 201 Location to work in http.
  • XMLReader:
  • Fixed bug #51936 Crash with clone XMLReader.
  • Fixed bug #64230 XMLReader does not suppress errors.
  • Build system:
  • Fixed bug #51076 Race condition in shtool's mkdir -p implementation.
  • Fixed bug #62396 'make test' crashes starting with 5.3.14 (missing gzencode()).