Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
PHP 5.6.40-2 and 7.0.33-2 released
Posted by Philipp Esselbach on: 04/03/2019 06:49 AM [ Print | 0 comment(s) ]
Updated versions of PHP 5.6.40 and 7.0.33 with security patches backported from PHP 7.1.28 has been released
PHP 5.6.40-2
Download Source
PHP 7.0.33-2
Download
Backported from 7.1.28
- EXIF:
. Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s). (Stas)
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value). (Stas)
- SQLite3:
. Added sqlite3.defensive INI directive. (BohwaZ)
Backported from 7.1.27
- Core:
. Fixed bug #77630 (rename() across the device may allow unwanted access during
processing). (Stas)
- EXIF:
. Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF). (Stas)
. Fixed bug #77540 (Invalid Read on exif_process_SOFn). (Stas)
. Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
. Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
- PHAR:
. Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
(bishop)
. Fixed bug #77586 (phar_tar_writeheaders_int() buffer overflow). (bishop)
- SPL:
. Fixed bug #77431 (openFile() silently truncates after a null byte). (cmb)
- EXIF:
. Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s). (Stas)
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value). (Stas)
- SQLite3:
. Added sqlite3.defensive INI directive. (BohwaZ)
Backported from 7.1.27
- Core:
. Fixed bug #77630 (rename() across the device may allow unwanted access during
processing). (Stas)
- EXIF:
. Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF). (Stas)
. Fixed bug #77540 (Invalid Read on exif_process_SOFn). (Stas)
. Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
. Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
- PHAR:
. Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
(bishop)
. Fixed bug #77586 (phar_tar_writeheaders_int() buffer overflow). (bishop)
- SPL:
. Fixed bug #77431 (openFile() silently truncates after a null byte). (cmb)
Download Source
PHP 7.0.33-2
Backported from 7.1.28
- EXIF:
. Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s). (Stas)
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value). (Stas)
- SQLite3:
. Added sqlite3.defensive INI directive. (BohwaZ)
Backported from 7.1.27
- Core:
. Fixed bug #77630 (rename() across the device may allow unwanted access during
processing). (Stas)
- EXIF:
. Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF). (Stas)
. Fixed bug #77540 (Invalid Read on exif_process_SOFn). (Stas)
. Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
. Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
- PHAR:
. Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
(bishop)
. Fixed bug #77586 (phar_tar_writeheaders_int() buffer overflow). (bishop)
- SPL:
. Fixed bug #77431 (openFile() silently truncates after a null byte). (cmb)
Backported from 7.1.26
- GD:
. Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to
use-after-free). (cmb)
. Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb)
- Mbstring:
. Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas)
. Fixed bug #77371 (heap buffer overflow in mb regex functions
- compile_string_node). (Stas)
. Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas)
. Fixed bug #77382 (heap buffer overflow due to incorrect length in
expand_case_fold_string). (Stas)
. Fixed bug #77385 (buffer overflow in fetch_token). (Stas)
. Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas)
. Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas)
- Phar:
. Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas)
- Xmlrpc:
. Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb)
. Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas)
- EXIF:
. Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s). (Stas)
. Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value). (Stas)
- SQLite3:
. Added sqlite3.defensive INI directive. (BohwaZ)
Backported from 7.1.27
- Core:
. Fixed bug #77630 (rename() across the device may allow unwanted access during
processing). (Stas)
- EXIF:
. Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF). (Stas)
. Fixed bug #77540 (Invalid Read on exif_process_SOFn). (Stas)
. Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
. Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE). (Stas)
- PHAR:
. Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
(bishop)
. Fixed bug #77586 (phar_tar_writeheaders_int() buffer overflow). (bishop)
- SPL:
. Fixed bug #77431 (openFile() silently truncates after a null byte). (cmb)
Backported from 7.1.26
- GD:
. Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to
use-after-free). (cmb)
. Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). (cmb)
- Mbstring:
. Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). (Stas)
. Fixed bug #77371 (heap buffer overflow in mb regex functions
- compile_string_node). (Stas)
. Fixed bug #77381 (heap buffer overflow in multibyte match_at). (Stas)
. Fixed bug #77382 (heap buffer overflow due to incorrect length in
expand_case_fold_string). (Stas)
. Fixed bug #77385 (buffer overflow in fetch_token). (Stas)
. Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). (Stas)
. Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). (Stas)
- Phar:
. Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). (Stas)
- Xmlrpc:
. Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). (cmb)
. Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). (Stas)
Download
Related Stories
01/13/2019 08:34 AM: PHP 5.6.40 and 7.1.26 released by Philipp Esselbach
Both PHP 5.6.40 and 7.1.26 has been released to address security issues. PHP 5.6.40 is the last scheduled release of the PHP 5.6 branch. ...
12/08/2018 07:39 AM: PHP 5.6.39, 7.0.33, 7.1.25, 7.2.13 released by Philipp Esselbach
New PHP updates has been released...
09/14/2018 09:18 AM: PHP 5.6.38 released by Philipp Esselbach
PHP 5.6.38 has been released...
07/20/2018 02:13 PM: PHP 5.6.37 released by Philipp Esselbach
PHP 5.6.37 has been released ...
03/31/2018 07:36 AM: PHP 5.6.35 and 7.1.16 released by Philipp Esselbach
Both PHP 5.6.35 and 7.1.16 are now available...
01/05/2018 11:40 AM: PHP 5.6.33 Released by Philipp Esselbach
PHP 5.6.33 has been released...
08/28/2014 03:21 PM: PHP 5.6.0 released by Philipp Esselbach
The PHP Development Team has announced the immediate availability of PHP 5.6.0...
06/21/2014 08:25 AM: PHP 5.6.0 Release Candidate 1 released by Philipp Esselbach
The first release candidate of PHP 5.6.0 is available...
Both PHP 5.6.40 and 7.1.26 has been released to address security issues. PHP 5.6.40 is the last scheduled release of the PHP 5.6 branch. ...
12/08/2018 07:39 AM: PHP 5.6.39, 7.0.33, 7.1.25, 7.2.13 released by Philipp Esselbach
New PHP updates has been released...
09/14/2018 09:18 AM: PHP 5.6.38 released by Philipp Esselbach
PHP 5.6.38 has been released...
07/20/2018 02:13 PM: PHP 5.6.37 released by Philipp Esselbach
PHP 5.6.37 has been released ...
03/31/2018 07:36 AM: PHP 5.6.35 and 7.1.16 released by Philipp Esselbach
Both PHP 5.6.35 and 7.1.16 are now available...
01/05/2018 11:40 AM: PHP 5.6.33 Released by Philipp Esselbach
PHP 5.6.33 has been released...
08/28/2014 03:21 PM: PHP 5.6.0 released by Philipp Esselbach
The PHP Development Team has announced the immediate availability of PHP 5.6.0...
06/21/2014 08:25 AM: PHP 5.6.0 Release Candidate 1 released by Philipp Esselbach
The first release candidate of PHP 5.6.0 is available...