5.2.7RC5 out!
五番目の登場です(1・2・3・4)。
CVEへの対応が入っているので、その為のRCリリースなのかな?
5.2.7RC4から5.2.7RC5までの修正状況は以下の通り。
--- NEWS 2008/11/21 00:08:49 1.2027.2.547.2.1322 +++ NEWS 2008/11/27 21:21:41 1.2027.2.547.2.1337 @@ -1,5 +1,29 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| +27 Nov 2008, PHP 5.2.7RC5 +- Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371) (Ilia) + +- Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). (Pierre) +- Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). (Laurent + Gaffie) + +- Fixed memory leak inside readline_callback_handler_remove() function. (Felipe) +- Fixed bug #46696 (cURL fails in upload files with specified content-type). + (Ilia) +- Fixed bug #46673 (stream_lock call with wrong paramater). (Arnaud) +- Fixed bug #46649 (Setting array element with that same array produces + inconsistent results). (Arnaud) +- Fixed bug #46626 (mb_convert_case does not handle apostrophe correctly). + (Ilia) +- Fixed bug #46427 (SoapClient() stumbles over its "stream_context" parameter). + (Dmitry, Herman Radtke) +- Fixed bug #44882 (SOAP extension object decoding bug). (Dmitry) +- Fixed bug #44182 (extract($a, EXTR_REFS) can fail to split copy-on-write + references). (robin_fernandes at uk dot ibm dot com) +- Fixed bug #44181 (extract($a, EXTR_OVERWRITE|EXTR_REFS) can fail to create + references to $a). (robin_fernandes at uk dot ibm dot com) +- Fixed bug #42473 (ob_start php://output and headers). (Arnaud) + 20 Nov 2008, PHP 5.2.7RC4 - Added logging option for error_log to send directly to SAPI. (Stas) @@ -122,7 +146,7 @@ pgsql). (Felipe) - Fixed bug #43723 (SOAP not sent properly from client for <choice>). (Dmitry) - Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer - overflow). (Dmitry) + overflow). (Fixes CVE-2008-2829) (Dmitry) - Fixed bug #42078 (pg_meta_data mix tables metadata from different schemas). (Felipe) - Fixed bug #37100 (data is returned truncated with BINARY CURSOR). (Tony) @@ -229,7 +253,7 @@ - Fixed bug #45178 (memory corruption on assignment result of "new" by reference). (Dmitry) - Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)). - (Dmitry) + (Fixes CVE-2008-3660) (Dmitry) - Fixed bug #45139 (ReflectionProperty returns incorrect declaring class). (Felipe) - Fixed bug #45124 ($_FILES['upload']['size'] sometimes return zero and @@ -262,7 +286,6 @@ overlapping needles). (Moriyoshi) - Fixed Bug #43958 (class name added into the error message). (Dmitry) - Fixed bug #43941 (json_encode silently cuts non-UTF8 strings). (Stas) -- Fixed bug #43782 (feof() does not detect timeout on socket). (David Soria Parra) - Fixed bug #43668 (Added odbc.default_cursortype to control the ODBC cursormodel). (Patrick) - Fixed bug #43666 (Fixed code to use ODBC 3.52 datatypes for 64bit systems).