|
8 | 8 | ?>
|
9 | 9 | <a id="PHP_8_3"></a>
|
10 | 10 |
|
| 11 | +<section class="version" id="8.3.14"><!-- {{{ 8.3.14 --> |
| 12 | +<h3>Version 8.3.14</h3> |
| 13 | +<b><?php release_date('21-Nov-2024'); ?></b> |
| 14 | +<ul><li>CLI: |
| 15 | +<ul> |
| 16 | + <li>Fixed bug <?php githubissuel('php/php-src', 16373); ?> (Shebang is not skipped for router script in cli-server started through shebang).</li> |
| 17 | + <li>Fixed bug <?php githubsecurityl('php/php-src', '4w77-75f9-2c8w'); ?> (Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface).</li> |
| 18 | +</ul></li> |
| 19 | +<li>COM: |
| 20 | +<ul> |
| 21 | + <li>Fixed out of bound writes to SafeArray data.</li> |
| 22 | +</ul></li> |
| 23 | +<li>Core: |
| 24 | +<ul> |
| 25 | + <li>Fixed bug <?php githubissuel('php/php-src', 16168); ?> (php 8.1 and earlier crash immediately when compiled with Xcode 16 clang on macOS 15).</li> |
| 26 | + <li>Fixed bug <?php githubissuel('php/php-src', 16371); ?> (Assertion failure in Zend/zend_weakrefs.c:646).</li> |
| 27 | + <li>Fixed bug <?php githubissuel('php/php-src', 16515); ?> (Incorrect propagation of ZEND_ACC_RETURN_REFERENCE for call trampoline).</li> |
| 28 | + <li>Fixed bug <?php githubissuel('php/php-src', 16509); ?> (Incorrect line number in function redeclaration error).</li> |
| 29 | + <li>Fixed bug <?php githubissuel('php/php-src', 16508); ?> (Incorrect line number in inheritance errors of delayed early bound classes).</li> |
| 30 | + <li>Fixed bug <?php githubissuel('php/php-src', 16648); ?> (Use-after-free during array sorting).</li> |
| 31 | +</ul></li> |
| 32 | +<li>Curl: |
| 33 | +<ul> |
| 34 | + <li>Fixed bug <?php githubissuel('php/php-src', 16302); ?> (CurlMultiHandle holds a reference to CurlHandle if curl_multi_add_handle fails).</li> |
| 35 | +</ul></li> |
| 36 | +<li>Date: |
| 37 | +<ul> |
| 38 | + <li>Fixed bug <?php githubissuel('php/php-src', 16454); ?> (Unhandled INF in date_sunset() with tiny $utcOffset).</li> |
| 39 | + <li>Fixed bug <?php githubissuel('php/php-src', 14732); ?> (date_sun_info() fails for non-finite values).</li> |
| 40 | +</ul></li> |
| 41 | +<li>DBA: |
| 42 | +<ul> |
| 43 | + <li>Fixed bug <?php githubissuel('php/php-src', 16390); ?> (dba_open() can segfault for "pathless" streams).</li> |
| 44 | +</ul></li> |
| 45 | +<li>DOM: |
| 46 | +<ul> |
| 47 | + <li>Fixed bug <?php githubissuel('php/php-src', 16316); ?> (DOMXPath breaks when not initialized properly).</li> |
| 48 | + <li>Add missing hierarchy checks to replaceChild.</li> |
| 49 | + <li>Fixed bug <?php githubissuel('php/php-src', 16336); ?> (Attribute intern document mismanagement).</li> |
| 50 | + <li>Fixed bug <?php githubissuel('php/php-src', 16338); ?> (Null-dereference in ext/dom/node.c).</li> |
| 51 | + <li>Fixed bug <?php githubissuel('php/php-src', 16473); ?> (dom_import_simplexml stub is wrong).</li> |
| 52 | + <li>Fixed bug <?php githubissuel('php/php-src', 16533); ?> (Segfault when adding attribute to parent that is not an element).</li> |
| 53 | + <li>Fixed bug <?php githubissuel('php/php-src', 16535); ?> (UAF when using document as a child).</li> |
| 54 | + <li>Fixed bug <?php githubissuel('php/php-src', 16593); ?> (Assertion failure in DOM->replaceChild).</li> |
| 55 | + <li>Fixed bug <?php githubissuel('php/php-src', 16595); ?> (Another UAF in DOM -> cloneNode).</li> |
| 56 | +</ul></li> |
| 57 | +<li>EXIF: |
| 58 | +<ul> |
| 59 | + <li>Fixed bug <?php githubissuel('php/php-src', 16409); ?> (Segfault in exif_thumbnail when not dealing with a real file).</li> |
| 60 | +</ul></li> |
| 61 | +<li>FFI: |
| 62 | +<ul> |
| 63 | + <li>Fixed bug <?php githubissuel('php/php-src', 16397); ?> (Segmentation fault when comparing FFI object).</li> |
| 64 | +</ul></li> |
| 65 | +<li>Filter: |
| 66 | +<ul> |
| 67 | + <li>Fixed bug <?php githubissuel('php/php-src', 16523); ?> (FILTER_FLAG_HOSTNAME accepts ending hyphen).</li> |
| 68 | +</ul></li> |
| 69 | +<li>FPM: |
| 70 | +<ul> |
| 71 | + <li>Fixed bug <?php githubissuel('php/php-src', 16628); ?> (FPM logs are getting corrupted with this log statement).</li> |
| 72 | +</ul></li> |
| 73 | +<li>GD: |
| 74 | +<ul> |
| 75 | + <li>Fixed bug <?php githubissuel('php/php-src', 16334); ?> (imageaffine overflow on matrix elements).</li> |
| 76 | + <li>Fixed bug <?php githubissuel('php/php-src', 16427); ?> (Unchecked libavif return values).</li> |
| 77 | + <li>Fixed bug <?php githubissuel('php/php-src', 16559); ?> (UBSan abort in ext/gd/libgd/gd_interpolation.c:1007).</li> |
| 78 | +</ul></li> |
| 79 | +<li>GMP: |
| 80 | +<ul> |
| 81 | + <li>Fixed floating point exception bug with gmp_pow when using large exposant values. (David Carlier).</li> |
| 82 | + <li>Fixed bug <?php githubissuel('php/php-src', 16411); ?> (gmp_export() can cause overflow).</li> |
| 83 | + <li>Fixed bug <?php githubissuel('php/php-src', 16501); ?> (gmp_random_bits() can cause overflow).</li> |
| 84 | + <li>Fixed gmp_pow() overflow bug with large base/exponents.</li> |
| 85 | + <li>Fixed segfaults and other issues related to operator overloading with GMP objects.</li> |
| 86 | +</ul></li> |
| 87 | +<li>LDAP: |
| 88 | +<ul> |
| 89 | + <li>Fixed bug <?php githubsecurityl('php/php-src', 'g665-fm4p-vhff'); ?> (OOB access in ldap_escape). (CVE-2024-8932)</li> |
| 90 | +</ul></li> |
| 91 | +<li>MBstring: |
| 92 | +<ul> |
| 93 | + <li>Fixed bug <?php githubissuel('php/php-src', 16361); ?> (mb_substr overflow on start/length arguments).</li> |
| 94 | +</ul></li> |
| 95 | +<li>MySQLnd: |
| 96 | +<ul> |
| 97 | + <li>Fixed bug <?php githubsecurityl('php/php-src', 'h35g-vwh6-m678'); ?> (Leak partial content of the heap through heap buffer over-read). (CVE-2024-8929)</li> |
| 98 | +</ul></li> |
| 99 | +<li>Opcache: |
| 100 | +<ul> |
| 101 | + <li>Fixed bug <?php githubissuel('php/php-src', 16408); ?> (Array to string conversion warning emitted in optimizer).</li> |
| 102 | +</ul></li> |
| 103 | +<li>OpenSSL: |
| 104 | +<ul> |
| 105 | + <li>Fixed bug <?php githubissuel('php/php-src', 16357); ?> (openssl may modify member types of certificate arrays).</li> |
| 106 | + <li>Fixed bug <?php githubissuel('php/php-src', 16433); ?> (Large values for openssl_csr_sign() $days overflow).</li> |
| 107 | + <li>Fix various memory leaks on error conditions in openssl_x509_parse().</li> |
| 108 | +</ul></li> |
| 109 | +<li>PDO DBLIB: |
| 110 | +<ul> |
| 111 | + <li>Fixed bug <?php githubsecurityl('php/php-src', '5hqh-c84r-qjcv'); ?> (Integer overflow in the dblib quoter causing OOB writes). (CVE-2024-11236)</li> |
| 112 | +</ul></li> |
| 113 | +<li>PDO Firebird: |
| 114 | +<ul> |
| 115 | + <li>Fixed bug <?php githubsecurityl('php/php-src', '5hqh-c84r-qjcv'); ?> (Integer overflow in the firebird quoter causing OOB writes). (CVE-2024-11236)</li> |
| 116 | +</ul></li> |
| 117 | +<li>PDO ODBC: |
| 118 | +<ul> |
| 119 | + <li>Fixed bug <?php githubissuel('php/php-src', 16450); ?> (PDO_ODBC can inject garbage into field values).</li> |
| 120 | +</ul></li> |
| 121 | +<li>Phar: |
| 122 | +<ul> |
| 123 | + <li>Fixed bug <?php githubissuel('php/php-src', 16406); ?> (Assertion failure in ext/phar/phar.c:2808).</li> |
| 124 | +</ul></li> |
| 125 | +<li>PHPDBG: |
| 126 | +<ul> |
| 127 | + <li>Fixed bug <?php githubissuel('php/php-src', 16174); ?> (Empty string is an invalid expression for ev).</li> |
| 128 | +</ul></li> |
| 129 | +<li>Reflection: |
| 130 | +<ul> |
| 131 | + <li>Fixed bug <?php githubissuel('php/php-src', 16601); ?> (Memory leak in Reflection constructors).</li> |
| 132 | +</ul></li> |
| 133 | +<li>Session: |
| 134 | +<ul> |
| 135 | + <li>Fixed bug <?php githubissuel('php/php-src', 16385); ?> (Unexpected null returned by session_set_cookie_params).</li> |
| 136 | + <li>Fixed bug <?php githubissuel('php/php-src', 16290); ?> (overflow on cookie_lifetime ini value).</li> |
| 137 | +</ul></li> |
| 138 | +<li>SOAP: |
| 139 | +<ul> |
| 140 | + <li>Fixed bug <?php githubissuel('php/php-src', 16318); ?> (Recursive array segfaults soap encoding).</li> |
| 141 | + <li>Fixed bug <?php githubissuel('php/php-src', 16429); ?> (Segmentation fault access null pointer in SoapClient).</li> |
| 142 | +</ul></li> |
| 143 | +<li>Sockets: |
| 144 | +<ul> |
| 145 | + <li>Fixed bug with overflow socket_recvfrom $length argument.</li> |
| 146 | +</ul></li> |
| 147 | +<li>SPL: |
| 148 | +<ul> |
| 149 | + <li>Fixed bug <?php githubissuel('php/php-src', 16337); ?> (Use-after-free in SplHeap).</li> |
| 150 | + <li>Fixed bug <?php githubissuel('php/php-src', 16464); ?> (Use-after-free in SplDoublyLinkedList::offsetSet()).</li> |
| 151 | + <li>Fixed bug <?php githubissuel('php/php-src', 16479); ?> (Use-after-free in SplObjectStorage::setInfo()).</li> |
| 152 | + <li>Fixed bug <?php githubissuel('php/php-src', 16478); ?> (Use-after-free in SplFixedArray::unset()).</li> |
| 153 | + <li>Fixed bug <?php githubissuel('php/php-src', 16588); ?> (UAF in Observer->serialize).</li> |
| 154 | + <li>Fix <?php githubissuel('php/php-src', 16477); ?> (Segmentation fault when calling __debugInfo() after failed SplFileObject::__constructor).</li> |
| 155 | + <li>Fixed bug <?php githubissuel('php/php-src', 16589); ?> (UAF in SplDoublyLinked->serialize()).</li> |
| 156 | + <li>Fixed bug <?php githubissuel('php/php-src', 14687); ?> (segfault on SplObjectIterator instance).</li> |
| 157 | + <li>Fixed bug <?php githubissuel('php/php-src', 16604); ?> (Memory leaks in SPL constructors).</li> |
| 158 | + <li>Fixed bug <?php githubissuel('php/php-src', 16646); ?> (UAF in ArrayObject::unset() and ArrayObject::exchangeArray()).</li> |
| 159 | +</ul></li> |
| 160 | +<li>Standard: |
| 161 | +<ul> |
| 162 | + <li>Fixed bug <?php githubissuel('php/php-src', 16293); ?> (Failed assertion when throwing in assert() callback with bail enabled).</li> |
| 163 | +</ul></li> |
| 164 | +<li>Streams: |
| 165 | +<ul> |
| 166 | + <li>Fixed bug <?php githubsecurityl('php/php-src', 'c5f2-jwm7-mmq2'); ?> (Configuring a proxy in a stream context might allow for CRLF injection in URIs). (CVE-2024-11234)</li> |
| 167 | + <li>Fixed bug <?php githubsecurityl('php/php-src', 'r977-prxv-hc43'); ?> (Single byte overread with convert.quoted-printable-decode filter). (CVE-2024-11233)</li> |
| 168 | +</ul></li> |
| 169 | +<li>SysVMsg: |
| 170 | +<ul> |
| 171 | + <li>Fixed bug <?php githubissuel('php/php-src', 16592); ?> (msg_send() crashes when a type does not properly serialized).</li> |
| 172 | +</ul></li> |
| 173 | +<li>SysVShm: |
| 174 | +<ul> |
| 175 | + <li>Fixed bug <?php githubissuel('php/php-src', 16591); ?> (Assertion error in shm_put_var).</li> |
| 176 | +</ul></li> |
| 177 | +<li>XMLReader: |
| 178 | +<ul> |
| 179 | + <li>Fixed bug <?php githubissuel('php/php-src', 16292); ?> (Segmentation fault in ext/xmlreader/php_xmlreader.c).</li> |
| 180 | +</ul></li> |
| 181 | +<li>Zlib: |
| 182 | +<ul> |
| 183 | + <li>Fixed bug <?php githubissuel('php/php-src', 16326); ?> (Memory management is broken for bad dictionaries.) (cmb)</li> |
| 184 | +</ul></li> |
| 185 | +</ul> |
| 186 | +<!-- }}} --></section> |
| 187 | + |
| 188 | + |
| 189 | + |
11 | 190 | <section class="version" id="8.3.13"><!-- {{{ 8.3.13 -->
|
12 | 191 | <h3>Version 8.3.13</h3>
|
13 | 192 | <b><?php release_date('24-Oct-2024'); ?></b>
|
|
0 commit comments