5.2.9 Release
http://www.php.net/releases/5_2_9.php
Security fixes:
The most notable improvements presented in the new release:
do not translate, took here: www.opennet.ru
Congratulations to everyone - now all efforts are focused on the branch 5.3
Security fixes:
- Fixed a vulnerability in the GD library's imagerotate () function due to the lack of checking the value of the clrBack parameter, which is used inside the library as an index for a fixed array.
- The vulnerability allows an attacker to gain access to any area of the PHP process memory.
- Fixed a problem leading to the collapse of the process when unpacking a zip file with relative paths inside;
- Fixed a bug in the explode () function, when passing an empty string as a parameter in conjunction with the negative argument "limit";
- Fixed the possibility of calling a process crash when passing an incorrect JSON string to the json_decode () function.
The most notable improvements presented in the new release:
- Support for selecting the sort type has been added to the array_unique () function. The default is SORT_REGULAR;
- The problems in the xml_parse () robot are fixed if there is incorrect character data in the stream being processed or when the parser is started for the specified namespace;
- Several significant fixes in the mbstring extension;
- Improved performance of regular expressions when processing UTF-8 strings;
- Fixed a crash when multiple SSL errors occurred;
- Fixed a memory leak in the function strtotime ();
- Fixed a bug in SoapClient :: __ soapCall leading to a crash process;
- Fixed an issue that could lead to memory corruption when processing the return value of a function as a reference;
- The FILTER_VALIDATE_EMAIL filter could mark the correct email addresses as incorrect;
- The module calculation operator returned an incorrect result on 64-bit Linux builds.
do not translate, took here: www.opennet.ru
Congratulations to everyone - now all efforts are focused on the branch 5.3
')
Source: https://habr.com/ru/post/53126/
All Articles