Ondřej Surý has released PHP 5.6.37, 7.0.31, 7.1.20, 7.2.8, and 7.3.0 alpha 4 packages for both Debian GNU/Linux 8 and 9
Version 5.6.37
Please note that the mcrypt package is no longer available after the support has been removed from PHP 7.2
Version 5.6.37
19 Jul 2018Version 7.0.31
Exif:
Fixed bug #76423 (Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c).
Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif data).
Win32:
Fixed bug #76459 (windows linkinfo lacks openbasedir check).
19 Jul 2018Version 7.1.20
Exif:
Fixed bug #76423 (Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c).
Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif data).
Win32:
Fixed bug #76459 (windows linkinfo lacks openbasedir check).
19 Jul 2018Version 7.2.8
Core:
Fixed bug #76534 (PHP hangs on 'illegal string offset on string references with an error handler).
Fixed bug #76502 (Chain of mixed exceptions and errors does not serialize properly).
Date:
Fixed bug #76462 (Undefined property: DateInterval::$f).
exif:
Fixed bug #76423 (Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c).
Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif data).
FPM:
Fixed bug #73342 (Vulnerability in php-fpm by changing stdin to non-blocking).
GMP:
Fixed bug #74670 (Integer Underflow when unserializing GMP and possible other classes).
intl:
Fixed bug #76556 (get_debug_info handler for BreakIterator shows wrong type).
mbstring:
Fixed bug #76532 (Integer overflow and excessive memory usage in mb_strimwidth).
PGSQL:
Fixed bug #76548 (pg_fetch_result did not fetch the next row).
phpdbg:
Fix arginfo wrt. optional/required parameters.
Reflection:
Fixed bug #76536 (PHP crashes with core dump when throwing exception in error handler).
Fixed bug #75231 (ReflectionProperty#getValue() incorrectly works with inherited classes).
Standard:
Fixed bug #76505 (array_merge_recursive() is duplicating sub-array keys).
Fixed bug #71848 (getimagesize with $imageinfo returns false).
Win32:
Fixed bug #76459 (windows linkinfo lacks openbasedir check).
19 Jul 2018Version 7.3.0 alpha 4
Core:
Fixed bug #76534 (PHP hangs on 'illegal string offset on string references with an error handler).
Fixed bug #76520 (Object creation leaks memory when executed over HTTP).
Fixed bug #76502 (Chain of mixed exceptions and errors does not serialize properly).
Date:
Fixed bug #76462 (Undefined property: DateInterval::$f).
EXIF:
Fixed bug #76409 (heap use after free in _php_stream_free).
Fixed bug #76423 (Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c).
Fixed bug #76557 (heap-buffer-overflow (READ of size 48) while reading exif data).
FPM:
Fixed bug #73342 (Vulnerability in php-fpm by changing stdin to non-blocking).
GMP:
Fixed bug #74670 (Integer Underflow when unserializing GMP and possible other classes).
intl:
Fixed bug #76556 (get_debug_info handler for BreakIterator shows wrong type).
mbstring:
Fixed bug #76532 (Integer overflow and excessive memory usage in mb_strimwidth).
Opcache:
Fixed bug #76477 (Opcache causes empty return value).
PGSQL:
Fixed bug #76548 (pg_fetch_result did not fetch the next row).
phpdbg:
Fix arginfo wrt. optional/required parameters.
Reflection:
Fixed bug #76536 (PHP crashes with core dump when throwing exception in error handler).
Fixed bug #75231 (ReflectionProperty#getValue() incorrectly works with inherited classes).
Standard:
Fixed bug #76505 (array_merge_recursive() is duplicating sub-array keys).
Fixed bug #71848 (getimagesize with $imageinfo returns false).
Win32:
Fixed bug #76459 (windows linkinfo lacks openbasedir check).
ZIP:
Fixed bug #76461 (OPSYS_Z_CPM defined instead of OPSYS_CPM).
19 Jul 2018To install PHP 7.2 with MySQL/MariaDB and php-fpm support:
- Core:
. Fixed bug #33502 (Some nullary functions don't check the number of
arguments). (cmb)
. Fixed bug #76392 (Error relocating sapi/cli/php: unsupported relocation
type 37). (Peter Kokot)
. The declaration and use of case-insensitive constants has been deprecated.
(Nikita)
- Filter:
. Added the 'add_slashes' sanitization mode (FILTER_SANITIZE_ADD_SLASHES).
(Kalle)
. Fixed bug #76366 (References in sub-array for filtering breaks the filter).
(ZiHang Gao)
- FPM:
. Fixed bug #62596 (getallheaders() missing with PHP-FPM). (Remi)
. Added fpm_get_status function. (Till Backhaus)
. Fixed bug #69031 (Long messages into stdout/stderr are truncated
incorrectly) - added new log related FPM configuration options:
log_limit, log_buffering and decorate_workers_output. (Jakub Zelenka)
- mbstring:
. Fixed bug #76574 (use of undeclared identifiers INT_MAX and LONG_MAX). (cmb)
. Fixed bug #76594 (Bus Error due to unaligned access in zend_ini.c
OnUpdateLong). (cmb, Nikita)
- PDO_Firebird:
. Fixed bug #74462 (PDO_Firebird returns only NULLs for results with boolean
for FIREBIRD >= 3.0). (Dorin Marcoci)
. Fixed bug #76488 (Memory leak when fetching a BLOB field). (Simonov Denis)
- Standard:
. Fixed bug #73817 (Incorrect entries in get_html_translation_table). (cmb)
. Fixed bug #76136 (stream_socket_get_name should enclose IPv6 in brackets).
(seliver)
- Zip:
. Fixed bug #76524 (ZipArchive memory leak (OVERWRITE flag and empty archive)).
(Timur Ibragimov)
apt-get install php7.2-cgi php7.2-gd php7.2-curl php7.2-imap php7.2-sqlite3 php7.2-mysql php7.2-tidy php7.2-pspell php7.2-recode php7.2-xml php7.2-intl php7.2-enchant php7.2-gmp php7.2-mbstring php7.2-soap php7.2-xmlrpc php7.2-zip php7.2-fpm
Please note that the mcrypt package is no longer available after the support has been removed from PHP 7.2
