ます’s Blog - どうでもいい記事100選

どうでもいい記事100選

5.2.7RC5 out!

PHP

五番目の登場です()。
CVEへの対応が入っているので、その為のRCリリースなのかな?
5.2.7RC4から5.2.7RC5までの修正状況は以下の通り。

--- NEWS	2008/11/21 00:08:49	1.2027.2.547.2.1322
+++ NEWS	2008/11/27 21:21:41	1.2027.2.547.2.1337
@@ -1,5 +1,29 @@
 PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
+27 Nov 2008, PHP 5.2.7RC5
+- Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371) (Ilia)
+
+- Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658). (Pierre)
+- Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659). (Laurent
+  Gaffie)
+
+- Fixed memory leak inside readline_callback_handler_remove() function. (Felipe)
+- Fixed bug #46696 (cURL fails in upload files with specified content-type).
+  (Ilia)
+- Fixed bug #46673 (stream_lock call with wrong paramater). (Arnaud)
+- Fixed bug #46649 (Setting array element with that same array produces 
+  inconsistent results). (Arnaud)
+- Fixed bug #46626 (mb_convert_case does not handle apostrophe correctly).
+  (Ilia)
+- Fixed bug #46427 (SoapClient() stumbles over its "stream_context" parameter).
+  (Dmitry, Herman Radtke)
+- Fixed bug #44882 (SOAP extension object decoding bug). (Dmitry)
+- Fixed bug #44182 (extract($a, EXTR_REFS) can fail to split copy-on-write
+  references). (robin_fernandes at uk dot ibm dot com)
+- Fixed bug #44181 (extract($a, EXTR_OVERWRITE|EXTR_REFS) can fail to create 
+  references to $a). (robin_fernandes at uk dot ibm dot com)
+- Fixed bug #42473 (ob_start php://output and headers). (Arnaud)
+
 20 Nov 2008, PHP 5.2.7RC4
 - Added logging option for error_log to send directly to SAPI. (Stas)
 
@@ -122,7 +146,7 @@
   pgsql). (Felipe)
 - Fixed bug #43723 (SOAP not sent properly from client for <choice>). (Dmitry)
 - Fixed bug #42862 (IMAP toolkit crash: rfc822.c legacy routine buffer
-  overflow). (Dmitry)
+  overflow). (Fixes CVE-2008-2829) (Dmitry)
 - Fixed bug #42078 (pg_meta_data mix tables metadata from different schemas).
   (Felipe)
 - Fixed bug #37100 (data is returned truncated with BINARY CURSOR). (Tony)
@@ -229,7 +253,7 @@
 - Fixed bug #45178 (memory corruption on assignment result of "new" by
   reference). (Dmitry)
 - Fixed bug #45151 (Crash with URI/file..php (filename contains 2 dots)).
-  (Dmitry)
+  (Fixes CVE-2008-3660) (Dmitry)
 - Fixed bug #45139 (ReflectionProperty returns incorrect declaring class).
   (Felipe)
 - Fixed bug #45124 ($_FILES['upload']['size'] sometimes return zero and 
@@ -262,7 +286,6 @@
   overlapping needles). (Moriyoshi)
 - Fixed Bug #43958 (class name added into the error message). (Dmitry)
 - Fixed bug #43941 (json_encode silently cuts non-UTF8 strings). (Stas)
-- Fixed bug #43782 (feof() does not detect timeout on socket). (David Soria Parra)
 - Fixed bug #43668 (Added odbc.default_cursortype to control the ODBC
   cursormodel). (Patrick)
 - Fixed bug #43666 (Fixed code to use ODBC 3.52 datatypes for 64bit systems).