PHP 7.1.28、7.2.17、7.3.4 发布,主要是安全更新

2019年4月7日13:03:05 发表评论

PHP(外文名:PHP: Hypertext Preprocessor,中文名:“超文本预处理器”)是一种通用开源脚本语言。语法吸收了C语言、Java和Perl的特点,利于学习,使用广泛,主要适用于Web开发领域。PHP 独特的语法混合了C、Java、Perl以及PHP自创的语法。它可以比CGI或者Perl更快速地执行动态网页。

用PHP做出的动态页面与其他的编程语言相比,PHP是将程序嵌入到HTML(标准通用标记语言下的一个应用)文档中去执行,执行效率比完全生成HTML标记的CGI要高许多;PHP还可以执行编译后代码,编译可以达到加密和优化代码运行,使代码运行更快。

PHP 7.1.28、7.2.17、7.3.4 发布,主要是安全更新

PHP 发布了三个更新版本,这三个版本主要都是安全方面的更新,详细改进记录如下:

Version 7.1.28

04 Apr 2019

  • EXIF:
    • Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s).
    • Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value).
  • SQLite3:
    • Added sqlite3.defensive INI directive.

 

Version 7.3.4

04 Apr 2019

  • Core:
    • Fixed bug #77738 (Nullptr deref in zend_compile_expr).
    • Fixed bug #77660 (Segmentation fault on break 2147483648).
    • Fixed bug #77652 (Anonymous classes can lose their interface information).
    • Fixed bug #77345 (Stack Overflow caused by circular reference in garbage collection).
    • Fixed bug #76956 (Wrong value for 'syslog.filter' documented in php.ini).
  • Apache2Handler:
    • Fixed bug #77648 (BOM in sapi/apache2handler/php_functions.c).
  • Bcmath:
    • Fixed bug #77742 (bcpow() implementation related to gcc compiler optimization).
  • CLI Server:
    • Fixed bug #77722 (Incorrect IP set to $_SERVER['REMOTE_ADDR'] on the localhost).
  • COM:
    • Fixed bug #77578 (Crash when php unload).
  • EXIF:
    • Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s).
    • Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value).
  • FPM:
    • Fixed bug #77677 (FPM fails to build on AIX due to missing WCOREDUMP).
  • GD:
    • Fixed bug #77700 (Writing truecolor images as GIF ignores interlace flag).
  • MySQLi:
    • Fixed bug #77597 (mysqli_fetch_field hangs scripts).
  • Opcache:
    • Fixed bug #77743 (Incorrect pi node insertion for jmpznz with identical successors).
  • PCRE:
    • Fixed bug #76127 (preg_split does not raise an error on invalid UTF-8).
  • Phar:
    • Fixed bug #77697 (Crash on Big_Endian platform).
  • phpdbg:
    • Fixed bug #77767 (phpdbg break cmd aliases listed in help do not match actual aliases).
  • sodium:
    • Fixed bug #77646 (sign_detached() strings not terminated).
  • SQLite3:
    • Added sqlite3.defensive INI directive.
  • Standard:
    • Fixed bug #77664 (Segmentation fault when using undefined constant in custom wrapper).
    • Fixed bug #77669 (Crash in extract() when overwriting extracted array).
    • Fixed bug #76717 (var_export() does not create a parsable value for PHP_INT_MIN).
    • Fixed bug #77765 (FTP stream wrapper should set the directory as executable).

 

Version 7.2.17

  • Core:
    • Fixed bug #77738 (Nullptr deref in zend_compile_expr).
    • Fixed bug #77660 (Segmentation fault on break 2147483648).
    • Fixed bug #77652 (Anonymous classes can lose their interface information).
    • Fixed bug #77676 (Unable to run tests when building shared extension on AIX).
  • Bcmath:
    • Fixed bug #77742 (bcpow() implementation related to gcc compiler optimization).
  • COM:
    • Fixed bug #77578 (Crash when php unload).
  • Date:
    • Fixed bug #50020 (DateInterval:createDateFromString() silently fails).
    • Fixed bug #75113 (Added DatePeriod::getRecurrences() method).
  • EXIF:
    • Fixed bug #77753 (Heap-buffer-overflow in php_ifd_get32s).
    • Fixed bug #77831 (Heap-buffer-overflow in exif_iif_add_value).
  • FPM:
    • Fixed bug #77677 (FPM fails to build on AIX due to missing WCOREDUMP).
  • GD:
    • Fixed bug #77700 (Writing truecolor images as GIF ignores interlace flag).
  • MySQLi:
    • Fixed bug #77597 (mysqli_fetch_field hangs scripts).
  • Opcache:
    • Fixed bug #77691 (Opcache passes wrong value for inline array push assignments).
    • Fixed bug #77743 (Incorrect pi node insertion for jmpznz with identical successors).
  • phpdbg:
    • Fixed bug #77767 (phpdbg break cmd aliases listed in help do not match actual aliases).
  • sodium:
    • Fixed bug #77646 (sign_detached() strings not terminated).
  • SQLite3:
    • Added sqlite3.defensive INI directive.
  • Standard:
    • Fixed bug #77664 (Segmentation fault when using undefined constant in custom wrapper).
    • Fixed bug #77669 (Crash in extract() when overwriting extracted array).
    • Fixed bug #76717 (var_export() does not create a parsable value for PHP_INT_MIN).
    • Fixed bug #77765 (FTP stream wrapper should set the directory as executable).

 

更新日志:https://www.php.net/ChangeLog-7.php

©里维斯社,本站推荐使用的主机:阿里云腾讯云;本站推荐使用的WP主题:WordPress主题

晨会游戏

发表评论

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen: