PHP 5 업데이트 안내

06 Jul 2017

• Core:
  • Fixed bug #73807 (Performance problem with processing post request over 2000000 chars).
  • Fixed bug #74111 (Heap buffer overread (READ: 1) finish_nested_data from unserialize).
  • Fixed bug #74603 (PHP INI Parsing Stack Buffer Overflow Vulnerability).
  • Fixed bug #74819 (wddx_deserialize() heap out-of-bound read via php_parse_date()).
• GD:
  • Fixed bug #74435 (Buffer over-read into uninitialized memory). (CVE-2017-7890)
• mbstring:
  • Add oniguruma upstream fix (CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229)
• OpenSSL:
  • Fixed bug #74651 (negative-size-param (-1) in memcpy in zif_openssl_seal()).
• PCRE:
  • Fixed bug #74087 (Segmentation fault in PHP7.1.1(compiled using the bundled PCRE library)).
• WDDX:
  • Fixed bug #74145 (wddx parsing empty boolean tag leads to SIGSEGV).