|
1 | 1 | PHP NEWS |
2 | 2 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| |
3 | | -?? ??? 2015, PHP 5.5.29 |
| 3 | +?? ??? 2015, PHP 5.5.30 |
4 | 4 |
|
5 | 5 | ** PHP 5.5 is in security-only mode , please do not commit to this branch ** |
6 | 6 |
|
| 7 | +03 Sep 2015, PHP 5.5.29 |
| 8 | + |
| 9 | +- Core: |
| 10 | + . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas) |
| 11 | + . Fixed bug #70219 (Use after free vulnerability in session deserializer). |
| 12 | + (taoguangchen at icloud dot com) |
| 13 | + |
| 14 | +- EXIF: |
| 15 | + . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte |
| 16 | + value of 32 bytes). (Stas) |
| 17 | + |
| 18 | +- hash: |
| 19 | + . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). (letsgolee |
| 20 | + at naver dot com) |
| 21 | + |
| 22 | +- PCRE: |
| 23 | + . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). |
| 24 | + (Anatol Belski) |
| 25 | + |
| 26 | +- SOAP: |
| 27 | + . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). |
| 28 | + (Stas) |
| 29 | + |
| 30 | +- SPL: |
| 31 | + . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with |
| 32 | + SplObjectStorage). (taoguangchen at icloud dot com) |
| 33 | + . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with |
| 34 | + SplDoublyLinkedList). (taoguangchen at icloud dot com) |
| 35 | + |
| 36 | +- XSLT: |
| 37 | + . Fixed bug #69782 (NULL pointer dereference). (Stas) |
| 38 | + |
| 39 | +- ZIP: |
| 40 | + . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when |
| 41 | + creating directories). (neal at fb dot com) |
| 42 | + |
7 | 43 | 06 Aug 2015, PHP 5.5.28 |
8 | 44 |
|
9 | 45 | - Core: |
@@ -80,9 +116,10 @@ PHP NEWS |
80 | 116 | (Matteo) |
81 | 117 |
|
82 | 118 | - Phar: |
83 | | - . Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). (Stas) |
| 119 | + . Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). |
| 120 | + (CVE-2015-5589) (Stas) |
84 | 121 | . Fixed bug #69923 (Buffer overflow and stack smashing error in |
85 | | - phar_fix_filepath). (Stas) |
| 122 | + phar_fix_filepath). (CVE-2015-5590) (Stas) |
86 | 123 |
|
87 | 124 | - SimpleXML: |
88 | 125 | . Refactored the fix for bug #66084 (simplexml_load_string() mangles empty |
@@ -354,7 +391,8 @@ PHP NEWS |
354 | 391 |
|
355 | 392 | - SOAP: |
356 | 393 | . Fixed bug #69085 (SoapClient's __call() type confusion through |
357 | | - unserialize()). (andrea dot palazzo at truel dot it, Laruence) |
| 394 | + unserialize()). (CVE-2015-4147, CVE-2015-4148) |
| 395 | + (andrea dot palazzo at truel dot it, Laruence) |
358 | 396 |
|
359 | 397 | - SPL: |
360 | 398 | . Fixed bug #69108 ("Segmentation fault" when (de)serializing |
|
0 commit comments