PHP 8.0.0alpha1

PHP is a scripting language primarily suited for web applications. It's organically grown into a full-featured programming language, with huge semantic progress in recent years (apart from the namespace separator choice). Many features and extensions come built-in or can be dynamically loaded. Database interfaces, XML processing, regular expressions, networking and broad internet protocol support, IPC, internationalization, image manipulation, filesystem, contemporary cryptography support, file and data format support make the Zend-based PHP.net distribution the most general-purpose PHP runtime.

Tags php scripting programming-language web
License PHPL
State stable

Recent Releases

8.0.0alpha124 Jun 2020 20:25 minor feature: small typo in comment . Move upgrading note for mixed. . some line overruns in UPGRADING. . Add UPGRADING note for xmlrpc unbundling. . Add UPGRADING note for pty support. . php_get_args function info return type and add arg check. . tracing JIT for closure run_time_cache access. . Merge branch 'PHP-7.4'. . retutn type inference when return undefined variable. . Add some mixed types. . Merge branch 'PHP-7.4'. . Afdded misse MAY_BE_ARRAY_ flags. . Tracing JIT support for indirect CV modification (may be incomplete). . Merge branch 'PHP-7.4'. . Skip new test case on Windows when JIT is enabled. . Added missed helper. . Avoid reference counting when RETURN CV. . d out token IDs in test. . Handle VM interrupts after DO_ICALL through side exits. . Merge branch 'PHP-7.4'. . Merge branch 'PHP-7.4'. . Use cheaper zend_rethrow_exception() instead of zend_throw_exception_ . . : ini_get() and opcache_get_configuration() inconsistency. . Avoid useless REFCOUNTED check. . typo in skipif section. . Avoid useless register reload. . "call_info" doesn't matter. . abstract stack consistency for JMPZ_EX/JMPNZ_EX. . Tracing JIT for FETCH_DIM_FUNC_ARG and FETCH_OBJ_FUNC_ARG when they a . . Merge branch 'PHP-7.4'. . Merge branch 'PHP-7.4'. . Remove MYSQLND_COMPRESSION_WANTED define. . Improved tracing JIT for FETCH_OBJ_R/IS. . Implement #47074: phpinfo() reports "On" as 1 for the some extensions. . Prefer shorter x86 instructions. . Add guard for FETCH_DIM_FUNC_ARG. . Merge branch 'PHP-7.4'. . Add Attributes. . Add upgrading note for Attributes RFC. . in_array() avoid internal property access as we have the arrlen already. . weird zend_bool usage in Intl Calendar::roll() method. . Avoid useless "mov". . phpdbg watchpoints wrt. negative_array_index RFC. . : Throw Error on require failure. . Pass zend_string message to zend_error_cb. . Merge branch 'PHP-7.4'. . Don't leak attributes on internal classes. . Free attribute validators on shutdown
7.4.710 Jun 2020 19:25 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . Add tidy.php to enforce formatting. . Apply tidy formatting. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . : Copied cURL handles upload empty file. . Merge branch 'PHP-7.3' into PHP-7.4 ci skip . . Merge branch 'PHP-7.3' into PHP-7.4. . NEWS ci skip . . Make opcodes to return de-refereced values of typed references (in th . . Merge branch 'PHP-7.3' into PHP-7.4. . PCRE: Check whether start offset is on char boundary. . PCRE: Only remember valid UTF-8 if start offset zero. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Update bundled stdxx check macros. . : Garbage collecting variant objects segfaults. . Merge branch 'PHP-7.3' into PHP-7.4. . (php crashes during parsing INI file). (Laruence). . Remove hint to security purpose of disable_functions. . Merge branch 'PHP-7.3' into PHP-7.4. . . Remove value from comment in php.ini files. . Merge branch 'PHP-7.3' into PHP-7.4. . Azure MacOS build. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Null Pointer Dereference in PHP Session Upload Progress. . Files added to tar with Phar::buildFromIterator have . . # 79171: heap-buffer-overflow in phar_extract_file. . Disable instantiation of zero size FFI CData objects. . Create a new console for each test worker on Windows. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Don't use VLA in mysqlnd auth. . Merge branch 'PHP-7.3' into PHP-7.4. . Update Ubuntu version on Azure. . Merge branch 'PHP-7.3' into PHP-7.4. . Don't use asm arithmetic under msan. . Merge branch 'PHP-7.3' into PHP-7.4. . (operator displayed instead of the real error message). . (PHP-FPM Primary script unknown). . Merge branch 'PHP-7.3' into
7.4.7RC127 May 2020 20:45 minor feature: Add WHITESPACE_SENSITIVE run-tests section . Wrong return for ZipArchive::addEmptyDir Method. . NEWS. . add test. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Add tidy.php to enforce formatting. . Apply tidy formatting. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . : Copied cURL handles upload empty file. . Merge branch 'PHP-7.3' into PHP-7.4 ci skip . . Merge branch 'PHP-7.3' into PHP-7.4. . NEWS ci skip . . Make opcodes to return de-refereced values of typed references (in th . . Merge branch 'PHP-7.3' into PHP-7.4. . PCRE: Check whether start offset is on char boundary. . PCRE: Only remember valid UTF-8 if start offset zero. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Update bundled stdxx check macros. . : Garbage collecting variant objects segfaults. . Merge branch 'PHP-7.3' into PHP-7.4. . (php crashes during parsing INI file). (Laruence). . Remove hint to security purpose of disable_functions. . Merge branch 'PHP-7.3' into PHP-7.4. . . Remove value from comment in php.ini files. . Merge branch 'PHP-7.3' into PHP-7.4. . Azure MacOS build. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Null Pointer Dereference in PHP Session Upload Progress. . Files added to tar with Phar::buildFromIterator have . . # 79171: heap-buffer-overflow in phar_extract_file. . Disable instantiation of zero size FFI CData objects. . Create a new console for each test worker on Windows. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Don't use VLA in mysqlnd auth. . Merge branch 'PHP-7.3' into PHP-7.4. . Update Ubuntu version on Azure. . Merge branch 'PHP-7.3' into PHP-7.4. . Don't use asm arithmetic under msan. . Merge
7.4.613 May 2020 21:05 minor feature: Add ZipArchive::CM_LZMA2 constant (since libzip 1.6.0) . Merge branch 'PHP-7.3' into PHP-7.4. . memory leaks in mysqlnd defunctionality. . . mysqli ssl test for tls1.3. . . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Make PASSWORD_DEFAULT match PASSWORD_BCRYPT instead of bei . . - bump zip extension version to 1.15.6. . : STRUCT_OFFSET() relies on undefined behavior. . Merge branch 'PHP-7.3' into PHP-7.4. . . Enable support for LIBZIP_VERSION. . : cookie values with spaces fail to round-trip. . mysqli_get_warnings() with multi queries. . memory leak in mb_str_split. . mysqli_options generates Warning on var_dump(). . (Building with clang+lld-9 results in a broken PHP b . . Use " define parse.error verbose". . recovery of large entities in mb_decode_numericentity(). . length inconsistency in mb_convert_encoding. . Merge branch 'PHP-7.3' into PHP-7.4. . Backport 7d2ef3d into 7.4. . zip: more constants. . Merge branch 'PHP-7.3' into PHP-7.4. . Better overflow check for entity decoding. . Merge branch 'PHP-7.3' into PHP-7.4. . Restore digit check in mb_decode_numericentity(). . shift ub in mbstring. . UAF in is_callable() and allocated trampoline. . Reset trampoline on executor startup. . Merge branch 'PHP-7.3' into PHP-7.4. . copying of functions in variance obligations. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . DatePeriod property handling with indirect modification. . live range calculation for FE_FETCH. . . cross compilation failure due to size_t typecast in define. . (Crashing when running recursion function). . Merge branch 'PHP-7.3' into PHP-7.4. . Disable parallelism for FPM tests. . Add WHITESPACE_SENSITIVE run-tests section. . Wrong return for ZipArchive::addEmptyDir Method. . NEWS. . add test. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Add tidy.php to enforce forma
7.4.6RC130 Apr 2020 02:45 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . Merge branch 'PHP-7.3' into PHP-7.4. . Don't use CRLF when generating diffs. . Yet another check for php_strip_tags_ex(). . Merge branch 'PHP-7.3' into PHP-7.4. . Add ZipArchive::CM_LZMA2 constant (since libzip 1.6.0). . Merge branch 'PHP-7.3' into PHP-7.4. . memory leaks in mysqlnd defunctionality. . . mysqli ssl test for tls1.3. . . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Make PASSWORD_DEFAULT match PASSWORD_BCRYPT instead of bei . . - bump zip extension version to 1.15.6. . : STRUCT_OFFSET() relies on undefined behavior. . Merge branch 'PHP-7.3' into PHP-7.4. . . Enable support for LIBZIP_VERSION. . : cookie values with spaces fail to round-trip. . mysqli_get_warnings() with multi queries. . memory leak in mb_str_split. . mysqli_options generates Warning on var_dump(). . (Building with clang+lld-9 results in a broken PHP b . . Use " define parse.error verbose". . recovery of large entities in mb_decode_numericentity(). . length inconsistency in mb_convert_encoding. . Merge branch 'PHP-7.3' into PHP-7.4. . Backport 7d2ef3d into 7.4. . zip: more constants. . Merge branch 'PHP-7.3' into PHP-7.4. . Better overflow check for entity decoding. . Merge branch 'PHP-7.3' into PHP-7.4. . Restore digit check in mb_decode_numericentity(). . shift ub in mbstring. . UAF in is_callable() and allocated trampoline. . Reset trampoline on executor startup. . Merge branch 'PHP-7.3' into PHP-7.4. . copying of functions in variance obligations. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . DatePeriod property handling with indirect modification. . live range calculation for FE_FETCH. . . cross compilation failure due to size_t typecast in define. . (Crashing when running recursion function). . Merge branch 'PHP-7.3' into PHP-7.4. . Disable parallelism for FPM tests. . Add WHITESPACE_SENSITIV
7.4.516 Apr 2020 01:05 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . ci skip Merge branch 'PHP-7.3' into PHP-7.4. . Throw Error when referencing uninit typed prop in __sleep. . Remove support for preloading on Windows. . Merge branch 'PHP-7.3' into PHP-7.4. . Increase sleep() time in test case. . Make test more resilient. . Display a message if select in FPM test timeouts. . Revert "Display a message if select in FPM test timeouts". . Extract function. . Bump version. . Merge branch 'PHP-7.3' into PHP-7.4. . : Bump version not applied. . Increase select timeout in FPM tester. . useless tests. . Silence potential taskkill error messages. . Merge branch 'PHP-7.3' into PHP-7.4. . Remove unnecessary whitespace sensitivtiy from some tests. . Merge branch 'PHP-7.3' into PHP-7.4. . Bring back test case support for older MySQL versions. . test. . Merge branch 'PHP-7.3' into PHP-7.4. . : FFI Struct Segfault. . Disable optimizations for ASan instrumented builds. . Merge branch 'PHP-7.3' into PHP-7.4. . Update php.ini files to add missing FTP extension. . Merge branch 'PHP-7.3' into PHP-7.4. . (Eval class during preload causes class to be only h . . minor cleanup. . Let's make this safer from maliciously crafted filename. . Increase timeout in mysqli_reap_async_query test. . : IMAP can't find OpenSSL during configure. . Merge branch 'PHP-7.3' into PHP-7.4. . file clash in.phpt tests. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Add sleep in FPM reload test. . Avoid some @count() suppressions in run-tests.php. . Merge branch 'PHP-7.3' into PHP-7.4. . : SEGV in mb_convert_encoding with non-string encodings. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Make MSVCRT memory leak checking usable for the test suite. . Enable UBSan in addition to ASan. . . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into
7.4.5RC102 Apr 2020 06:25 minor feature: Clean up curl openssl check . : Curl openssl does not respect PKG_CONFIG_PATH. . Merge branch 'PHP-7.3' into PHP-7.4. . Don't link against openssl 1.1 in curl. . Merge branch 'PHP-7.3' into PHP-7.4. . ci skip Merge branch 'PHP-7.3' into PHP-7.4. . Throw Error when referencing uninit typed prop in __sleep. . Remove support for preloading on Windows. . Merge branch 'PHP-7.3' into PHP-7.4. . Increase sleep() time in test case. . Make test more resilient. . Display a message if select in FPM test timeouts. . Revert "Display a message if select in FPM test timeouts". . Extract function. . Bump version. . Merge branch 'PHP-7.3' into PHP-7.4. . : Bump version not applied. . Increase select timeout in FPM tester. . useless tests. . Silence potential taskkill error messages. . Merge branch 'PHP-7.3' into PHP-7.4. . Remove unnecessary whitespace sensitivtiy from some tests. . Merge branch 'PHP-7.3' into PHP-7.4. . Bring back test case support for older MySQL versions. . test. . Merge branch 'PHP-7.3' into PHP-7.4. . : FFI Struct Segfault. . Disable optimizations for ASan instrumented builds. . Merge branch 'PHP-7.3' into PHP-7.4. . Update php.ini files to add missing FTP extension. . Merge branch 'PHP-7.3' into PHP-7.4. . (Eval class during preload causes class to be only h . . minor cleanup. . Let's make this safer from maliciously crafted filename. . Increase timeout in mysqli_reap_async_query test. . : IMAP can't find OpenSSL during configure. . Merge branch 'PHP-7.3' into PHP-7.4. . file clash in.phpt tests. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Add sleep in FPM reload test. . Avoid some @count() suppressions in run-tests.php. . Merge branch 'PHP-7.3' into PHP-7.4. . : SEGV in mb_convert_encoding with non-string encodings. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Mak
7.4.418 Mar 2020 10:45 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . Merge branch 'PHP-7.3' into PHP-7.4. . Try to make proc_open_.phpt more robust. . : General performance regression with PHP 7.4 on Windows. . leak when generator during yield in finally. . (class_exists returns True for classes that are not . . Similar problem also exists in Interfaces. . Partial for. (Use After Free's in XMLReader / XMLWriter). . Revert "(Use After Free's in XMLReader / XMLWriter)". . (Use After Free's in XMLReader / XMLWriter). . test case. . Merge branch 'PHP-7.3' into PHP-7.4. . Skip test for clang builds. . Make GeomFromText tests compatible with MySQL 8. . Don't test the RENAME DATABASE query. . Don't check TIMESTAMP NOT NULL in fetch_field_flags test. . Skip.phpt if local_infile disabled on server. . Specify explicit row order in PDO MySQL test. . Don't use PASSWORD() function in test. . Support auth switch request during caching sha2 auth. . unix socket check during caching_sha2_password. . Add support for caching_sha2_password in change user authentication. . Handle error response during caching_sha2_password auth. . Handle empty password fast path in caching_sha2_password. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Revert "Increase serialize_lock while decoding session". . Add test for. Merge branch 'PHP-7.3' into PHP-7.4. . . Properly propagate url_stat exceptions during include. . Avoid undefined behavior. . Make url_stats in resolve_path quiet. . Also propagate include exceptions in opcache. . Remove superfluous compiler option. . Add test case for. ci skip Revert "Add test case for ". . Extract php_var_serialize_nested_data() function. . Deref names returned by __sleep(). . Populate hashtable of __sleep() properties. . Update ZCSG(map_ptr_last) only if for_shm. . file cache run_time_cache unserialization. . Extract functions for file cache type serialization. . . Add test case for. . . Merge branch 'PHP-7.3' in
7.4.4RC105 Mar 2020 03:05 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . Avoid signed integer overflow in string offset check. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . early free of assign_obj op_data. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Try to make proc_open_.phpt more robust. . : General performance regression with PHP 7.4 on Windows. . leak when generator during yield in finally. . (class_exists returns True for classes that are not . . Similar problem also exists in Interfaces. . Partial for. (Use After Free's in XMLReader / XMLWriter). . Revert "(Use After Free's in XMLReader / XMLWriter)". . (Use After Free's in XMLReader / XMLWriter). . test case. . Merge branch 'PHP-7.3' into PHP-7.4. . Skip test for clang builds. . Make GeomFromText tests compatible with MySQL 8. . Don't test the RENAME DATABASE query. . Don't check TIMESTAMP NOT NULL in fetch_field_flags test. . Skip.phpt if local_infile disabled on server. . Specify explicit row order in PDO MySQL test. . Don't use PASSWORD() function in test. . Support auth switch request during caching sha2 auth. . unix socket check during caching_sha2_password. . Add support for caching_sha2_password in change user authentication. . Handle error response during caching_sha2_password auth. . Handle empty password fast path in caching_sha2_password. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Revert "Increase serialize_lock while decoding session". . Add test for. Merge branch 'PHP-7.3' into PHP-7.4. . . Properly propagate url_stat exceptions during include. . Avoid undefined behavior. . Make url_stats in resolve_path quiet. . Also propagate include exceptions in opcache. . Remove superfluous compiler option. . Add test case for. ci skip Revert "Add test case for ". . Extract php_var_serialize_nested_data() fun
7.4.319 Feb 2020 20:45 minor feature: timeout tests . intermittent error in pdo_mysql___construct_options.phpt. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . (php-fpm 7.4.0 don't send mail via mail()). . : Don't call any magic for uninitialized typed proper . . Use unmangled named in property type inheritance error. . : Add upgrading note about get_declared_classes() order. . : Handle class table reallocation on failed link. . Merge branch 'PHP-7.3' into PHP-7.4. . (Reflection detects abstract non-static class as abs . . Call zend_unregister_ini_entries() when unload extension loaded throu . . Export zend_init_func_run_time_cache(). . build. . : INTL Support for accounting format. . Merge branch 'PHP-7.3' into PHP-7.4. . merge mistake. . : Check that all linked classes can be preloaded. . Add support for class_alias to preloading. . Improve error message. . release build failure. . incorrect zend_try usage. . Set zend.exception_ignore_args=0 in run-tests.php. . PHP-7.4 is now 7.4.2-dev. . error message. . (Preloading unlinkable anonymous class can segfault). . Addirional for. Free RSA public key in mysqlnd sha256 auth. . : Conflict in RTD key for closures results in crash. . Revert ": Conflict in RTD key for closures results in . . Typo in php.ini-production. . uint/ulong removal may affect other platforms as well. . handling of non-final loop var free in sccp. . : Preloading trait method with static variables. . : plus signs in cookie values are converted to spaces. . Introduce extra counter to avoid RTD key collisions. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . (erroneous optimization of re-assigned GLOBALS). . . Remove DateTime class registration test. . Merge branch 'PHP-7.4' of git.php.net:php-src into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Test. Set opcache.optimization_level=0 in test. . memory leaks. . memory leak. . Property na
7.4.3RC107 Feb 2020 05:45 minor feature: Preload: Better reason message for internal parents on windows . Merge branch 'PHP-7.3' into PHP-7.4. . : add zlib library to mysqlnd. . mysqli ssl tests. . timeout tests. . intermittent error in pdo_mysql___construct_options.phpt. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . (php-fpm 7.4.0 don't send mail via mail()). . : Don't call any magic for uninitialized typed proper . . Use unmangled named in property type inheritance error. . : Add upgrading note about get_declared_classes() order. . : Handle class table reallocation on failed link. . Merge branch 'PHP-7.3' into PHP-7.4. . (Reflection detects abstract non-static class as abs . . Call zend_unregister_ini_entries() when unload extension loaded throu . . Export zend_init_func_run_time_cache(). . build. . : INTL Support for accounting format. . Merge branch 'PHP-7.3' into PHP-7.4. . merge mistake. . : Check that all linked classes can be preloaded. . Add support for class_alias to preloading. . Improve error message. . release build failure. . incorrect zend_try usage. . Set zend.exception_ignore_args=0 in run-tests.php. . PHP-7.4 is now 7.4.2-dev. . error message. . (Preloading unlinkable anonymous class can segfault). . Addirional for. Free RSA public key in mysqlnd sha256 auth. . : Conflict in RTD key for closures results in crash. . Revert ": Conflict in RTD key for closures results in . . Typo in php.ini-production. . uint/ulong removal may affect other platforms as well. . handling of non-final loop var free in sccp. . : Preloading trait method with static variables. . : plus signs in cookie values are converted to spaces. . Introduce extra counter to avoid RTD key collisions. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . (erroneous optimization of re-assigned GLOBALS). . . Remove DateTime class registration test. . Merge branch 'PHP-7.4' of git.php.net
7.2.2726 Jan 2020 12:05 minor feature: heap use-after-free in session_create_id(). . : OOB read in php_strip_tags_ex. . (global buffer-overflow in `mbfl_filt_conv_big5_wchar`). . Update NEWS. . Update NEWS for PHP 7.2.27. . Update CREDITS for PHP 7.2.27. . Update versions for PHP 7.2.27.
7.4.222 Jan 2020 18:25 minor feature: Skip large ftruncate test if large files not supported . Skip IntlTimeZone::getOffset() error tests on non-x86. . Clean up and clarify instanceof_function_ex(). . Optimize instanceof_class/interface. . Remove recursive check from instanceof_interface. . Simplify travis setup scripts. . Check class linking in VERIFY_RETURN_TYPE optimization. . Optimize VERIFY_RETURN_TYPE for TMP operands as well. . Merge branch 'PHP-7.3' into PHP-7.4. . : Don't call __set() on uninitialized typed properties. . Add ARM64 CI to Travis. . Replace EXPECTF by EXPECT. . Try one more FD in ext/standard/tests/file/php_fd_wrapper_04.phpt. . Merge branch 'PHP-7.3' into PHP-7.4. . Remove redundant variable rv and optimize code. . Merge branch 'PHP-7.3' into PHP-7.4. . Add support for Interbase 1 dialect. . Merge branch 'PHP-7.3' into PHP-7.4. . Implement #78270: Support __vectorcall convention with FFI. . Update NEWS for PHP 7.4.0RC5. . Update NEWS for 7.4.0RC6. . Skip test case on non Windows platforms. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Optimize creation of empty arrays in json_decode. . Add UPGRADING note for stream_read() change. . : Failing FFI::cast() may leak memory. . : Zend memory heap corruption with preload and casting. . : Remove mmap limit. . Remove configure checks for supported instruction sets. . Merge branch 'PHP-7.3' into PHP-7.4. . conflicts between tests with obscure filenames. . conflicts between tests with obscure filenames. . . Explicitly specify ubuntu versions on azure pipelines. . Print Client Library Version in phpinfo. . . Revert "Remove configure checks for supported instruction sets". . Make test more robust. . Add a test for ReflectionClass:getInterfaceNames(). . Remove dead code `ext/mysqlnd/mysqlnd_net.c`. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch
7.4.2RC109 Jan 2020 06:05 minor feature: Reverting push to wrong repo . Added suppot for glob() wildcard matching in ffi.preload directive. . typo and better wording. . Use posix_getuid() to check for root in pcntl_setpriority() test. . Increase FD used in php://fd test. . Don't test "blocks" in lstat_stat_variation7.phpt. . Skip large ftruncate test if large files not supported. . Skip IntlTimeZone::getOffset() error tests on non-x86. . Clean up and clarify instanceof_function_ex(). . Optimize instanceof_class/interface. . Remove recursive check from instanceof_interface. . Simplify travis setup scripts. . Check class linking in VERIFY_RETURN_TYPE optimization. . Optimize VERIFY_RETURN_TYPE for TMP operands as well. . Merge branch 'PHP-7.3' into PHP-7.4. . : Don't call __set() on uninitialized typed properties. . Add ARM64 CI to Travis. . Replace EXPECTF by EXPECT. . Try one more FD in ext/standard/tests/file/php_fd_wrapper_04.phpt. . Merge branch 'PHP-7.3' into PHP-7.4. . Remove redundant variable rv and optimize code. . Merge branch 'PHP-7.3' into PHP-7.4. . Add support for Interbase 1 dialect. . Merge branch 'PHP-7.3' into PHP-7.4. . Implement #78270: Support __vectorcall convention with FFI. . Update NEWS for PHP 7.4.0RC5. . Update NEWS for 7.4.0RC6. . Skip test case on non Windows platforms. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Optimize creation of empty arrays in json_decode. . Add UPGRADING note for stream_read() change. . : Failing FFI::cast() may leak memory. . : Zend memory heap corruption with preload and casting. . : Remove mmap limit. . Remove configure checks for supported instruction sets. . Merge branch 'PHP-7.3' into PHP-7.4. . conflicts between tests with obscure filenames. . conflicts between tests with obscure filenames. . . Explicitly specify ubuntu versions on azure pipelines. . Print Client Library Version in phpinfo. . . Revert "Remove configure checks for supported instruction sets". . Make test
7.4.119 Dec 2019 00:05 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Add support for mbstring.regex_retry_limit. . Merge branch 'PHP-7.3' into PHP-7.4. . typo in UPGRADING. . Limit retry_limit test to oniguruma = 6.9.3. . Delete temporary.post files of run-tests.php. . Don't test default serialize max_depth. . Bail out if JUNIT is not enabled. . Merge branch 'PHP-7.3' into PHP-7.4. . number of required arguments in arginfo. . Merge branch 'PHP-7.3' into PHP-7.4. . leak when include fails in a read operation. . Merge branch 'PHP-7.3' into PHP-7.4. . grammar nits on php 7.4 UPGRADING. . Merge branch 'PHP-7.3' into PHP-7.4. . add librt for opcache. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . . . Merge branch 'PHP-7.3' into PHP-7.4. . Handle "non well formed" exception during ZPP. . Don't check type of simple parameter default values. . Avoid file clash in root_check skipifs. . : new COM Crash. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . leak on "Cannot assign by reference to overloaded object" error. . Report error if stream_read is not implemented. . Merge branch 'PHP-7.3' into PHP-7.4. . Also check for exception after stream_eof. . leak when property AST evaluation fails. . Explicitly check for exceptions in by-ref obj prop assign. . Return error_zval form get_property_ptr_ptr on exception. . Revert "Link executable files using non PIC object files. This reduce . . Revert "Don't buid static libaraies when only DSO required". . Revert "CLI/CGI/FPM build, when they are built together with Ap . . Merge branch 'PHP-7.3' into PHP-7.4. . Replace port already used. . : stream_write bad error detection. . NEWS. . Remov
7.4.1RC111 Dec 2019 18:25 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . typo in CODING_STANDARDS.md ci skip . . Merge branch 'PHP-7.3' into PHP-7.4. . (Does not compile with DTRACE anymore). . Merge branch 'PHP-7.3' into PHP-7.4. . crash when unpacking into array literal with string keys. . use-after-free with delayed interned memoized const operand. . . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Add support for mbstring.regex_retry_limit. . Merge branch 'PHP-7.3' into PHP-7.4. . typo in UPGRADING. . Limit retry_limit test to oniguruma = 6.9.3. . Delete temporary.post files of run-tests.php. . Don't test default serialize max_depth. . Bail out if JUNIT is not enabled. . Merge branch 'PHP-7.3' into PHP-7.4. . number of required arguments in arginfo. . Merge branch 'PHP-7.3' into PHP-7.4. . leak when include fails in a read operation. . Merge branch 'PHP-7.3' into PHP-7.4. . grammar nits on php 7.4 UPGRADING. . Merge branch 'PHP-7.3' into PHP-7.4. . add librt for opcache. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . . . Merge branch 'PHP-7.3' into PHP-7.4. . Handle "non well formed" exception during ZPP. . Don't check type of simple parameter default values. . Avoid file clash in root_check skipifs. . : new COM Crash. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . leak on "Cannot assign by reference to overloaded object" error. . Report error if stream_read is not implemented. . Merge branch 'PHP-7.3' into PHP-7.4. . Also check for exception after stream_eof. . leak when property AST evaluation fails. . Explicitly check for exceptions in by-ref obj prop assign. . Return error_zval form get_property_ptr_ptr on exception. .
7.3.13RC104 Dec 2019 20:05 minor feature: Merge branch 'PHP-7.2' into PHP-7.3 . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Add tests from from PHP-7.2. . typo. . Merge branch 'PHP-7.2' into PHP-7.3. . Update timelib to 2018.02. . tests due to changed timezone data. . : PCRE2 version check. . Update NEWS ci skip . . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . NEWS. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . . Merge branch 'PHP-7.2' into PHP-7.3. . typo in NEWS skip ci . . ci skip Remove NEWS entry. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS ci skip . . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Add CONFLICTS to recognized sections. . . : Segfault in built-in webserver. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . . password_hash uses weak options for argon2. . Merge branch 'PHP-7.2' into PHP-7.3. . typo ci skip . . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS ci skip . . Convert short tag to standard tag in Zend test file. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Prevent use after free in fpm_event_epoll_wait. . Reduce number of workers in test. . Remove test for. Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . . Update NEWS ci skip .
7.4.029 Nov 2019 05:45 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . Don't set content of elements with only whitespaces. . Allow SA_RESTART for SIGALRM. . Avoid file clash in root_check skipifs. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . AArch64 build. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . Updated to version 2019.3 (2019c). . Empty merge. . Updated to version 2019.3 (2019c). . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . typo in CODING_STANDARDS.md ci skip . . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.2' into PHP-7.3. . (Does not compile with DTRACE anymore). . Merge branch 'PHP-7.3' into PHP-7.4. . crash when unpacking into array literal with string keys. . use-after-free with delayed interned memoized const operand. . . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . Improve diagnostic on PCRE JIT mmap failure. . Merge branch 'PHP-7.3' into PHP-7.4. . Make sure T_ERROR is returned for all lexer exceptions. . Merge branch 'PHP-7.3' into PHP-7.4. . Add support for mbstring.regex_retry_limit. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . typo in UPGRADING. . Limit retry_limit test to oniguruma = 6.9.3. . Delete temporary.post files of run-tests.php. . Don't test default serialize max_depth. . Bail out if JUNIT is not enabled. . Backport for uaf during pcre jit fallback. . Merge branch 'PHP-7.3' into PHP-7.4. . number of required arguments in arginfo. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . leak when include fails in a read operation. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.3' into PHP-7.4. . grammar nits o
7.2.2525 Nov 2019 00:25 minor feature: Update NEWS for PHP 7.2.25RC1 . Update CREDITS for PHP 7.2.25RC1. . Correct release date for 7.2.25. . Update versions for PHP 7.2.25.
7.3.1220 Nov 2019 14:05 minor feature: Prepare 7.3.12RC1 . Prepare PHP 7.3.12.
7.4.0RC611 Nov 2019 22:05 minor feature: Clean up JSON parser . Merge branch 'PHP-7.3' into PHP-7.4. . Don't buid static libaraies when only DSO required. . (broken shared build). . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Allow lookup of distro-packaged QDBM headers on Debian. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Remove commented code. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . . Use nproc instead of hardcoded number. . GCOV not working for PHP-7.4 and master branches. . Merge branch 'PHP-7.3' into PHP-7.4. . Remove xfail on.phpt. . Increase serialize_lock while decoding session. . GOTO VM. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Handle resources used as array keys consistently. . file clash in rename_variation.phpt. . Enable ubsan stack trace printing on community job. . XFAIL sapi/fpm/tests/log-bwd-multiple-msgs-stdout-stderr.phpt. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . test regarding Reflection::export() deprecation. . wrong function name in SKIPIF. . Merge branch 'PHP-7.3' into PHP-7.4. . Reduce memory used by token_get_all(). . Merge branch 'PHP-7.3' into PHP-7.4. . Add max_depth option to unserialize(). . . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Skip tests for old versions instead of marking them XFAIL. . Merge branch 'PHP-7.3' into PHP-7.4. . borked SKIPIFs. . Update regarding changed OpenSSL default config path. . AppVeyor setup wrt. changed OpenSSL default config path. . Update NEWS for PHP 7.4.0RC3. . Update
7.3.12RC107 Nov 2019 06:25 minor feature: Merge branch 'PHP-7.2' into PHP-7.3 . Avoid converting zval when not needed. . Some more string conversion handling, ing. some leaks in ldap. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Add syslog.filter=raw. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Add tests from from PHP-7.2. . typo. . Merge branch 'PHP-7.2' into PHP-7.3. . Update timelib to 2018.02. . tests due to changed timezone data. . : PCRE2 version check. . Update NEWS ci skip . . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . NEWS. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . . Merge branch 'PHP-7.2' into PHP-7.3. . typo in NEWS skip ci . . ci skip Remove NEWS entry. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS ci skip . . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Add CONFLICTS to recognized sections. . . : Segfault
7.4.0RC530 Oct 2019 14:45 minor feature: Merge branch 'PHP-7.3' into PHP-7.4 . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Allow lookup of distro-packaged QDBM headers on Debian. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Remove commented code. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . . Use nproc instead of hardcoded number. . GCOV not working for PHP-7.4 and master branches. . Merge branch 'PHP-7.3' into PHP-7.4. . Remove xfail on.phpt. . Increase serialize_lock while decoding session. . GOTO VM. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Handle resources used as array keys consistently. . file clash in rename_variation.phpt. . Enable ubsan stack trace printing on community job. . XFAIL sapi/fpm/tests/log-bwd-multiple-msgs-stdout-stderr.phpt. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . test regarding Reflection::export() deprecation. . wrong function name in SKIPIF. . Merge branch 'PHP-7.3' into PHP-7.4. . Reduce memory used by token_get_all(). . Merge branch 'PHP-7.3' into PHP-7.4. . Add max_depth option to unserialize(). . . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Skip tests for old versions instead of marking them XFAIL. . Merge branch 'PHP-7.3' into PHP-7.4. . borked SKIPIFs. . Update regarding changed OpenSSL default config path. . AppVeyor setup wrt. changed OpenSSL default config path. . Update NEWS for PHP 7.4.0RC3. . Update NEWS for 7.4.0RC4. . Merge branch 'PHP-7.3' into PHP-7.4. . AppVeyor build. . Remove func copy optimization for private method with static vars. . Merge branch 'PHP-7.3' into PHP-7.
7.3.1124 Oct 2019 08:45 minor feature: Update NEWS for 7.3.6 . Merge branch 'PHP-7.2' into PHP-7.3. . SCCP: leak when determining TYPE_CHECK from type info. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . expect section. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . this was in 7.3.5, not 7.3.6. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . : segfault when calling sodium_ functions from eval. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . next is 7.2.21. . Merge branch 'PHP-7.2' into PHP-7.3. . Next is 7.3.8. . in opcache flags for mysqli_get_charset. . opcache signatures for mysqli_stat. . Be more precise about possible types for mysqli methods. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Avoid converting zval when not needed. . Some more string conversion handling, ing. some leaks in ldap. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Add syslog.filter=raw. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2'
7.4.0RC417 Oct 2019 06:05 minor feature: Revert "Microoptimization (avoid code duplication)" . pipe detection and stream position handling. . Merge branch 'PHP-7.3' into PHP-7.4. . . detection of gmp on clang. . Remove nsldap support. . Remove support for umich_ldap. . Remove defines for specific oraldap versions. . Link executable files using non PIC object files. This reduces PIC ov . . reporting of redirect test failures in junit. . : Bundled pcre2 library missing LICENCE file. . Update NEWS. . double free of DSN credentials. . PDO pgsql memory leak with scrollable cursors. . . type consistency after. . zip edxtension is now 1.15.5. . typo. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Clarify that our usage of gettimeofday() is infallible. . opcache zend_func_info for microtime/gettimeofday. . Add opcache return type for random_int(). . Merge branch 'PHP-7.3' into PHP-7.4. . new_variable ' ' expr ' ' is deprecated as well. . Request #77863: PDO firebird support type Boolean in input parameters. . Stop after exceptions. . add FFI::isNull() to check whether a FFI CData is a null pointer. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.4' of git.php.net:php-src into PHP-7.4. . NEWS entry, test and minor cleanup for FFI::isNull(). . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . bad format string. . Preloading: handling of static vars in inherited methods. . . another pointer indexing UB in http_fopen_wrapper. . Free history_get_history_state() result. . Improve Symfony test setup. . Specify -fsanitize-no-recover. . Only allow "nearly linked" classes for parent/interface. . typo in unlinked_instanceof assertion. . Improve "already declared" error message. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Allow throwing exception while loading parent class. . Eliminate checks using ZEND_CONST_COND() macro. . Load st
7.3.11RC110 Oct 2019 05:45 minor feature: Restore the execute bit for run-tests.php . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS for 7.3.6. . Merge branch 'PHP-7.2' into PHP-7.3. . SCCP: leak when determining TYPE_CHECK from type info. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . expect section. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . this was in 7.3.5, not 7.3.6. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . : segfault when calling sodium_ functions from eval. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . next is 7.2.21. . Merge branch 'PHP-7.2' into PHP-7.3. . Next is 7.3.8. . in opcache flags for mysqli_get_charset. . opcache signatures for mysqli_stat. . Be more precise about possible types for mysqli methods. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Avoid converting zval when not needed. . Some more string conversion handling, ing. some leaks in ldap. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Add syslog.filter=raw. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Update NEWS. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-7.3. . Merge branch 'PHP-7.2' into PHP-
7.4.0RC303 Oct 2019 22:25 minor feature: Add missing argument checks . Clarify failure behavior of spl_iterator_apply(). . Update NEWS for PHP 7.4.0RC1. . Update NEWS for 7.4.0RC2. . Add zpp check to spl_classes(). . Add new missing functions from ext/hash. . Add missing opcache return info for ext/standard. . Merge branch 'PHP-7.4' of git://github.com/php/php-src into PHP-7.4. . Use unsigned subtraction in php_random_int(). . Avoid pointer UB in strip_header. . Execute preload script under user defined by opcache.preload_user dir . . Merge branch 'PHP-7.3' into PHP-7.4. . Report false for inherited private methods in method_exists(). . Document opcache.preload_user directive. . Add missing SKIPIF. . Add missing SKIPIF (sqlite). . Add missing SKIPIF (openssl). . Add missing SKIPIF (mbstring). . Add the last missing SKIPIF. . Add missing opcache return types for functions in spl. . (OOB in ZEND_FUNCTION(ffi_trampoline)). . handling of abstract/deprecated exception. . Improve exception handling for abstract/deprecated calls. . Remove --with-zlib-dir option from mysqlnd config. . Remove HOT attribute from some VM handlers. Comparisons almost always . . Microoptimization (avoid code duplication). . Revert "Microoptimization (avoid code duplication)". . pipe detection and stream position handling. . Merge branch 'PHP-7.3' into PHP-7.4. . . detection of gmp on clang. . Remove nsldap support. . Remove support for umich_ldap. . Remove defines for specific oraldap versions. . Link executable files using non PIC object files. This reduces PIC ov . . reporting of redirect test failures in junit. . : Bundled pcre2 library missing LICENCE file. . Update NEWS. . double free of DSN credentials. . PDO pgsql memory leak with scrollable cursors. . . type consistency after. . zip edxtension is now 1.15.5. . typo. . Merge branch 'PHP-7.3' into PHP-7.4. . Merge branch 'PHP-7.3' into PHP-7.4. . Clarify that our usage of gettimeofday() is infallible. . opcache zend_func_info for mic
7.3.1030 Sep 2019 02:59 major bugfix:
7.0.727 May 2016 01:20 major bugfix: Core: Fixed bug #72162 (use-after-free - error_reporting). Add compiler option to disable special case function calls. Fixed bug #72101 (crash on complex code). Fixed bug #72100 (implode() inserts garbage into resulting string when joins very big integer). Fixed bug #72057 (PHP Hangs when using custom error handler and typehint). Fixed bug #72038 (Function calls with values to a by-ref parameter don't always throw a notice). Fixed bug #71737 (Memory leak in closure with parameter named this). Fixed bug #72059 (?? is not allowed on constant expressions). Fixed bug #72159 (Imported Class Overrides Local Class Name). Curl: Fixed bug #68658 (Define CURLE_SSL_CACERT_BADFILE). DBA: Fixed bug #72157 (use-after-free caused by dba_open). GD: Fixed bug #72227 (imagescale out-of-bounds read). (CVE-2013-7456) Intl: Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (CVE-2016-5093) JSON: Fixed bug #72069 (Behavior JsonSerializable different from json_encode). Mbstring: Fixed bug #72164 (Null Pointer Dereference - mb_ereg_replace). OCI8: Fixed bug #71600 (oci_fetch_all segfaults when selecting more than eight columns). Opcache: Fixed bug #72014 (Including a file with anonymous classes multiple times leads to fatal error). OpenSSL: Fixed bug #72165 (Null pointer dereference - openssl_csr_new). PCNTL: Fixed bug #72154 (pcntl_wait/pcntl_waitpid array internal structure overwrite). POSIX: Fixed bug #72133 (php_posix_group_to_array crashes if gr_passwd is NULL). Postgres: Fixed bug #72028 (pg_query_params(): NULL converts to empty string). Fixed bug #71062 (pg_convert() doesn't accept ISO 8601 for datatype timestamp). Fixed bug #72151 (mysqli_fetch_object changed behaviour).
7.0.531 Mar 2016 14:30 major bugfix: Call-by-reference widens scope to uninvolved functions when used in switch, Possible crash in zend_bin_strtod, zend_oct_strtod, zend_hex_strtod, Global variables are reserved before execution, Out-of-bounds access in php_url_decode in context php_stream_url_wrap_rfc2397, Strings used in pass-as-reference cannot be used to invoke C:: callable(, Segmentation fault on ZTS with date function (setlocale, Integer overflow in zend_mm_alloc_heap(, Leaked 1 hashtable iterators, ISO C does not allow extra ; outside of a function, yield from does not count EOLs, ReflectionMethod::getDocComment returns the wrong comment, php_strip_whitespace(, `php -R` (PHP_MODE_PROCESS_STDIN, Call-by-reference widens scope to uninvolved functions when used in switch, Possible crash in zend_bin_strtod, zend_oct_strtod, zend_hex_strtod, Global variables are reserved before execution, Out-of-bounds access in php_url_decode in context php_stream_url_wrap_rfc2397, Strings used in pass-as-reference cannot be used to invoke C:: callable(, Segmentation fault on ZTS with date function (setlocale, Integer overflow in zend_mm_alloc_heap(, Leaked 1 hashtable iterators, ISO C does not allow extra ; outside of a function, yield from does not count EOLs, ReflectionMethod::getDocComment returns the wrong comment, php_strip_whitespace(, `php -R` (PHP_MODE_PROCESS_STDIN, Support MKCALENDAR request method, Support MKCALENDAR request method, Support constant CURLM_ADDED_ALREADY, Support constant CURLM_ADDED_ALREADY, DatePeriod::getEndDate segfault, DatePeriod::getEndDate segfault, Buffer over-write in finfo_open with malformed magic file, Buffer over-write in finfo_open with malformed magic file, Access Violation crashes php-cgi.exe, Access Violation crashes php-cgi.exe, AddressSanitizer: negative-size-param (-1, AddressSanitizer: negative-size-param (-1, Executing prepared statements is succesfull only for the first two statements, Executing prepared statements is succesfull only for the first two statements
7.0.118 Dec 2015 22:41 major bugfix: Several bugs have been fixed. Format String Vulnerability in Class Name Error Message. Compile fails on system with 160 CPUs. Symbol referencing errors on Sparc/Solaris. When using parentClass:: instead of parent::, static context changed. Segfault when combining error handler with output buffering. Weird error handling for __toString when Error is thrown. Invalid opcode while using ::class as trait method paramater default value. try finally can create infinite chains of exceptions. Two errors messages are in conflict. yield from incorrectly marks valid generator as finished. buildconf failure in extensions. SAPI build problem on AIX: Undefined symbol: php_register_internal_extensions. Fixed int (or generally every scalar type name with leading backslash) to not be accepted as type name. Fixed exception not being thrown immediately into a generator yielding from an array. static::class within Closure::call() causes segfault. Incorrect exception handler with yield from. Fixed double free in error condition of format printer.
7.0.003 Dec 2015 00:00 major feature: PHP 7.0.0 comes with new version of the Zend Engine with features such as: Improved performance: PHP 7 is up to twice as fast as PHP 5.6. Consistent 64-bit support. Many fatal errors are now Exceptions. Removal of old and unsupported SAPIs and extensions. The null coalescing operator (??). Combined comparison Operator (). Return Type Declarations. Scalar Type Declarations. Anonymous Classes.
7.0.0rc124 Aug 2015 18:25 minor feature: PHP 7.0.0 RC 1 contains fixes for 27 reported bugs, and altogether over 200 commits with various stability improvements for database, array, assert, streams and other functionality. PHP 7.0.0 comes with new version of the Zend Engine with features such as: Improved performance: PHP 7 is up to twice as fast as PHP 5.6. Consistent 64-bit support. Many fatal errors are now Exceptions. Removal of old and unsupported SAPIs and extensions. The null coalescing operator (??). Combined comparison Operator (). Return Type Declarations. Scalar Type Declarations. Anonymous Classes.
7.0.0-alpha112 Jun 2015 21:35 major feature: PHP 7.0.0 Alpha 1 is a non-production development preview of the PHP7 major series with new version of the Zend Engine. The list of new features entails: Improved performance: up to twice as fast as PHP 5.6. Consistent 64-bit support. Many fatal errors are now Exceptions. Removal of old and unsupported SAPIs and extensions. The null coalescing operator (??). Combined comparison Operator (). Return Type Declarations. Scalar Type Declarations. Anonymous Classes.
5.6.1012 Jun 2015 21:25 minor bugfix: Temp. directory is cached during multiple requests, Conditional jump or move depends on uninitialised value in extension trait, Strange generator+exception+variadic crash, complex GLOB_BRACE fails on Windows, OS command injection vulnerability in escapeshellarg, Incorrect handling of paths with NULs, temp. directory is cached during multiple requests, Conditional jump or move depends on uninitialised value in extension trait, Strange generator+exception+variadic crash, complex GLOB_BRACE fails on Windows, OS command injection vulnerability in escapeshellarg, Incorrect handling of paths with NULs, Integer overflow in ftp_genlist(, Integer overflow in ftp_genlist(, GD fails to build with newer libvpx, GD fails to build with newer libvpx, iconv with //IGNORE cuts the string, iconv with //IGNORE cuts the string, Unchecked return value, Unchecked return value, mail(, mail(, ) (Leigh, ) (Leigh, Memory leak with opcache.optimization_level=0xFFFFFFFF, Memory leak with opcache.optimization_level=0xFFFFFFFF, CVE-2015-2325, CVE-2015-2326, CVE-2015-2325, CVE-2015-2326, phar symlink in binary directory broken, phar symlink in binary directory broken, segfault in php_pgsql_meta_data, segfault in php_pgsql_meta_data.
5.6.914 May 2015 00:00 minor bugfix: Wrong checked for the interface by using Trait, Invalid read in zend_std_get_method, "use statement ... has no effect" depends on leading backslash, Segmentation fault in gc_remove_zval_from_buffer, segmentation fault in destructor, Returning compatible sub generator produces a warning, php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA, PHP Multipart/form-data remote dos Vulnerability, CVE-2015-4024, str_repeat(, CVE-2006-7243 fix regressions in 5.4+, CVE-2015-4025, heap buffer overflow in unpack(, Wrong checked for the interface by using Trait, Invalid read in zend_std_get_method, "use statement ... has no effect" depends on leading backslash, Segmentation fault in gc_remove_zval_from_buffer, segmentation fault in destructor, Returning compatible sub generator produces a warning, php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA, PHP Multipart/form-data remote dos Vulnerability, CVE-2015-4024, str_repeat(, CVE-2006-7243 fix regressions in 5.4+, CVE-2015-4025, heap buffer overflow in unpack(, Integer overflow in ftp_genlist(, CVE-2015-4022, Integer overflow in ftp_genlist(, CVE-2015-4022, Incorrect use of SQLColAttributes with ODBC 3.0, ODBC: Query with same field name from two tables returns incorrect result, out of memory with sage odbc driver, Incorrect use of SQLColAttributes with ODBC 3.0, ODBC: Query with same field name from two tables returns incorrect result, out of memory with sage odbc driver, Reading empty SSL stream hangs until timeout, Reading empty SSL stream hangs until timeout, pcntl_exec(, CVE-2015-4026, pcntl_exec(, CVE-2015-4026, CVE-2015-2325, CVE-2015-2326, CVE-2015-2325, CVE-2015-2326, Memory Corruption in phar_parse_tarfile when entry filename starts with null, CVE-2015-4021, Memory Corruption in phar_parse_tarfile when entry filename starts with null, CVE-2015-4021
5.6.720 Mar 2015 23:45 major bugfix: Core: leaks when unused inner class use traits precedence. Crash in gc_zval_possible_root on unserialize. Segfault in get_current_user when script owner is not in passwd with ZTS build. Segfault when calling ob_start from output buffering callback. pointer returned by php_stream_fopen_temporary_file not validated in memory.c. Exception with invalid character causes segv. Missing arguments in reflection info for some builtin functions. Use After Free Vulnerability in unserialize(). (CVE-2015-0231) Per Directory Values overrides PHP_INI_SYSTEM configuration options. move_uploaded_file allows nulls in path. CGI: php-cgi's getopt does not see argv. CLI: auto_prepend_file messes up __LINE__. cURL: PHP_MINIT_FUNCTION does not fully initialize cURL on Win32. Add CURLPROXY_SOCKS4A and CURLPROXY_SOCKS5_HOSTNAME constants if supported by libcurl. Ereg: heap overflow vulnerability in regcomp.c. (CVE-2015-2305) FPM: request time is reset too early. ODBC: Allowed memory size exhausted with odbc_exec. Opcache: Opcache causes problem when passing a variable variable to a function. Array numeric string as key. switch(SOMECONSTANT) misbehaves. OpenSSL: Segmentation fault at openssl_spki_new. encrypted streams don't observe socket timeouts. use strict peer_fingerprint input checks. IP Address fields in subjectAltNames not used. SAN match fails with trailing DNS dot. Add signatureType to openssl_x509_parse. Inconsistent stream crypto values across versions. pgsql: pg_update() fails to store infinite values. Readline: Null dereference in readline_(read write)_history() without parameters. SOAP: SoapClient's __call() type confusion through unserialize(). SPL: "Segmentation fault" when (de)serializing SplObjectStorage. RecursiveDirectoryIterator::seek(0) broken after calling getChildren(). ZIP: ZIP Integer Overflow leads to writing past heap boundary. (CVE-2015-2331)
5.6.419 Dec 2014 11:45 major bugfix: Some Zend headers lack appropriate extern "C" blocks, Segfault while pre-evaluating a disabled function, "Inconsistent insteadof definition."- incorrectly triggered, Inconsistency in example php.ini comments, "unset( this, Incorrect argument reflection info for array_multisort(, NULL pointer dereference in unserialize.c, Array constant not accepted for array parameter default, Use after free vulnerability in unserialize(, Some Zend headers lack appropriate extern "C" blocks, Segfault while pre-evaluating a disabled function, "Inconsistent insteadof definition."- incorrectly triggered, Inconsistency in example php.ini comments, "unset( this, Incorrect argument reflection info for array_multisort(, NULL pointer dereference in unserialize.c, Array constant not accepted for array parameter default, Use after free vulnerability in unserialize(, fpm_unix_init_main ignores log_level, listen=9000 listens to ipv6 localhost instead of all addresses, access.format=' R' doesn't log ipv6 address, PHP-FPM will no longer load all pools, listen.allowed_clients is IPv4 only, php-fpm man page is oudated, Change pm.start_servers default warning to notice, listen.allowed_clients can silently result in no allowed access, php-fpm conf files loading order, access.log don't use prefix, fpm_unix_init_main ignores log_level, listen=9000 listens to ipv6 localhost instead of all addresses, access.format=' R' doesn't log ipv6 address, PHP-FPM will no longer load all pools, listen.allowed_clients is IPv4 only, php-fpm man page is oudated, Change pm.start_servers default warning to notice, listen.allowed_clients can silently result in no allowed access, php-fpm conf files loading order, access.log don't use prefix, build error with gmp 4.1, build error with gmp 4.1, PDO_PGSQL::beginTransaction(, Matteo, PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving, Matteo, PDO_PGSQL::beginTransaction(, Matteo, PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving, Matteo, Session custom storage callable
5.6.314 Nov 2014 07:25 minor bugfix: Implemented 64-bit format codes for pack() and unpack(). proc_open on Windows hangs forever, A foreach on an array returned from a function not doing copy-on-write, Windows 8.1/Server 2012 R2 OS build number reported as 6.2 (instead of 6.3, DOMNodeList elements should be accessible through array notation, AddressSanitizer reports a heap buffer overflow in php_getopt(, a- foo .= 'test'; can leave a- foo undefined, parse_url(, zend_mm_heap corrupted after memory overflow in zend_hash_copy, libmagic: don't assume char is signed, buffer-overflow in libmagic/readcdf.c caught by AddressSanitizer, fileinfo: out-of-bounds read in elf note headers, PHP-FPM incorrectly defines the SCRIPT_NAME variable when using Apache, mod_proxy-fcgi and ProxyPass, listen and listen.allowed_clients should take IPv6 addresses, imagescale, imagescale, and gmp_random_bits(, GMP memory management conflicts with other libraries using GMP, linker error on some OS X machines with fixed width decimal support, ODBC not correctly reading DATE column when preceded by a VARCHAR column, Allow to use system cipher list instead of hardcoded value, PDO::pgsqlGetNotify doesn't support NOTIFY payloads, Segmentation fault on statement deallocation, Duplicate entry in Reflection for class alias, Regression in RecursiveRegexIterator,
5.6.217 Oct 2014 04:00 security: Integer overflow in unserialize, NULL byte injection - cURL lib, Heap corruption in exif_thumbnail, Global buffer overflow in mkgmtime
5.6.106 Oct 2014 03:40 minor bugfix: Fixes for parse_ini_file, SIGSEGV during zend_shutdown, Crash on SIGTERM in apache process, program_prefix not honoured in man pages, Segfault when extending interface method with variadic, Incorrect last used array index copied to new array after unset, New Posthandler Potential Illegal efree, SIGSEGV during zend_shutdown, Crash on SIGTERM in apache process, program_prefix not honoured in man pages, Segfault when extending interface method with variadic, Incorrect last used array index copied to new array after unset, New Posthandler Potential Illegal efree, finfo::file, finfo::file, Using GMP objects with overloaded operators can cause memory exhaustion, gmp_init, and gmp_export, Using GMP objects with overloaded operators can cause memory exhaustion, gmp_init, and gmp_export, mysqli does not handle 4-byte floats correctly, mysqli does not handle 4-byte floats correctly, extension won't build if openssl compiled without SSLv3, extension won't build if openssl compiled without SSLv3, compile error without ZEND_SIGNALS, compile error without ZEND_SIGNALS, SoapClient prepends 0-byte to cookie names, SoapClient prepends 0-byte to cookie names, SessionHandler Invalid memory read create_sid, SessionHandler Invalid memory read create_sid, Add optional nowait argument to sem_acquire, Add optional nowait argument to sem_acquire
5.6.028 Aug 2014 12:25 minor bugfix: This version introduces constant scalar expressions, variadic functions, and argument unpacking syntax, an exponentiation operator, function and constant importing with the use keyword, phpdbg as an interactive integrated debugger SAPI. It also adds php://input attribute changes as well as POST data parsing mechanism, and GMP objects now support operator overloading. Files larger than 2 gigabytes in size are now accepted. It constraints some language behaviour in that array keys won't be overwritten when defining an array as a property of a class via an array literal. json_decode() is more strict in JSON syntax parsing. Stream wrappers now verify peer certificates and host names by default when using SSL/TLS. GMP resources are now objects instead of resources. Mcrypt functions now require valid keys and IVs.
5.5.1624 Aug 2014 14:35 minor bugfix: COM: Fixed missing type checks in com_event_sink (Yussuf Khalil, Stas). Fileinfo: Fixed bug #67705 (extensive backtracking in rule regular expression). CVE-2014-3538) (Remi) Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587) (Remi) FPM: Fixed bug #67635 (php links to systemd libraries without using pkg-config). pacho@gentoo.org, Remi) GD: Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference). CVE-2014-2497) (Remi) Fixed bug #67730 (Null byte injection possible with imagexxx functions). CVE-2014-5120) (Ryan Mauger) Milter: Fixed bug #67715 (php-milter does not build and crashes randomly). (Mike) OpenSSL: Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas). readline: Fixed bug #55496 (Interactive mode doesn't force a newline before the prompt). (Bob, Johannes) Fixed bug #67496 (Save command history when exiting interactive shell with control-c). (Dmitry Saprykin, Johannes) Sessions: Fixed missing type checks in php_session_create_id (Yussuf Khalil, Stas). Core: Fixed bug #67693 (incorrect push to the empty array) (Tjerk) Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597) (Remi) ODBC: Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte char fields). (Keyur)
5.5.1524 Jul 2014 16:27 minor bugfix: Missing HTTP response codes for the CLI webserver were added, fixed for the header() function, and the http:// stream wrapper now honors 308 as well. Fixes were applied to the autoloader logic, syslog setting, a typo in pgsql, redirect loops with nginx and FPM, and some Phar and SPL features. Crashes fixed for eval() with syntax errors, strstr() with empty array,
5.6.0RC204 Jul 2014 20:59 minor bugfix: Fixed memory leak with immediately dereferenced array in class constant, Segfault in highlight_file()/highlight_string(), make install fails to install libphp5.so on FreeBSD 10.0, Type Confusion Information Leak Vulnerability, syslog cannot be set in pool configuration. Fix Apache 2.4.10+ SetHandler proxy:fcgi:// incompatibilities. Fixed Locale::parseLocale Double Free, Buffer overflow in locale_get_display_name and uloc_getDisplayName, pgsql. Fixed debugger: readline feature not enabled when build with libedit, List behavior is inconsistent, The prompt should always ensure it is on a newline, break if does not seem to work, register function has the same behavior as run, No way to list the current stack/frames. And a SPL fix: unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion.
5.5.1428 Jun 2014 04:23 security: The PHP Development Team announces the immediate availability of PHP 5.5.14. This release fixes several bugs against PHP 5.5.13. Also, this release fixes a total of 8 CVEs, half of them concerning the FileInfo extension. Please note that this release also fixes a backward compatibility issue that has been detected in the PHP 5.5.13 release. Still, the fix in PHP 5.5.14 may break some very rare situations. As this tiny compatibility break involves security, and as security is our primary concern, we had to fix it. This concerns bug 67072.
5.5.1327 Jun 2014 04:29 minor bugfix: Missing MIME types for XML/XSL files added, Echoing unserialized "SplFileObject" crash fixeed, usage of memcpy() with overlapping src and dst in zend_exceptions.c, spl_fixedarray_resize integer overflow, printf out-of-bounds read, DateTime constructor crash with invalid data, date_parse_from_format out-of-bounds read, timelib_meridian_with_check out-of-bounds read, DOMDocumentType->internalSubset returned entire DOCTYPE tag, not only the subset, Fileinfo crashed with powerpoint files, CDF infinite loop in nelements DoS. Numerous file_printf calls resulting in performance degradation, php-fpm reload leaks epoll_create() file descriptor, imageaffinematrixget missing check of parameters, Ungreedy and min/max quantifier bug. And $phar->buildFromDirectory couldn't compress file with an accent in its name.