Debian 9858 Published by

Ondřej Surý has released PHP 5.6.38, 7.0.32, 7.1.22, 7.2.10, and 7.3.0 RC2 packages for both Debian GNU/Linux 8 and 9



Version 5.6.38
13 Sep 2018
Apache2:
Fixed bug #76582 (XSS due to the header Transfer-Encoding: chunked).
Version 7.0.32
13 Sep 2018
Apache2:
Fixed bug #76582 (XSS due to the header Transfer-Encoding: chunked).
Version 7.1.22
13 Sep 2018
Core:
Fixed bug #76754 (parent private constant in extends class memory leak).
Fixed bug #72443 (Generate enabled extension).
Apache2:
Fixed bug #76582 (Apache bucket brigade sometimes becomes invalid).
Bz2:
Fixed arginfo for bzcompress.
gettext:
Fixed bug #76517 (incorrect restoring of LDFLAGS).
iconv:
Fixed bug #68180 (iconv_mime_decode can return extra characters in a header).
Fixed bug #63839 (iconv_mime_decode_headers function is skipping headers).
Fixed bug #60494 (iconv_mime_decode does ignore special characters).
Fixed bug #55146 (iconv_mime_decode_headers() skips some headers).
intl:
Fixed bug #74484 (MessageFormatter::formatMessage memory corruption with 11+ named placeholders).
libxml:
Fixed bug #76777 ("public id" parameter of libxml_set_external_entity_loader callback undefined).
mbstring:
Fixed bug #76704 (mb_detect_order return value varies based on argument type).
Opcache:
Fixed bug #76747 (Opcache treats path containing "test.pharma.tld" as a phar file).
OpenSSL:
Fixed bug #76705 (unusable ssl => peer_fingerprint in stream_context_create()).
phpdbg:
Fixed bug #76595 (phpdbg man page contains outdated information).
SPL:
Fixed bug #68825 (Exception in DirectoryIterator::getLinkTarget()).
Fixed bug #68175 (RegexIterator pregFlags are NULL instead of 0).
Standard:
Fixed bug #76778 (array_reduce leaks memory if callback throws exception).
zlib:
Fixed bug #65988 (Zlib version check fails when an include/zlib/ style dir is passed to the --with-zlib configure option).
Fixed bug #76709 (Minimal required zlib library is 1.2.0.4).
Version 7.2.10
13 Sep 2018
Core:
Fixed bug #76754 (parent private constant in extends class memory leak).
Fixed bug #72443 (Generate enabled extension).
Fixed bug #75797 (Memory leak when using class_alias() in non-debug mode).
Apache2:
Fixed bug #76582 (Apache bucket brigade sometimes becomes invalid).
Bz2:
Fixed arginfo for bzcompress.
gettext:
Fixed bug #76517 (incorrect restoring of LDFLAGS).
iconv:
Fixed bug #68180 (iconv_mime_decode can return extra characters in a header).
Fixed bug #63839 (iconv_mime_decode_headers function is skipping headers).
Fixed bug #60494 (iconv_mime_decode does ignore special characters).
Fixed bug #55146 (iconv_mime_decode_headers() skips some headers).
intl:
Fixed bug #74484 (MessageFormatter::formatMessage memory corruption with 11+ named placeholders).
libxml:
Fixed bug #76777 ("public id" parameter of libxml_set_external_entity_loader callback undefined).
mbstring:
Fixed bug #76704 (mb_detect_order return value varies based on argument type).
Opcache:
Fixed bug #76747 (Opcache treats path containing "test.pharma.tld" as a phar file).
OpenSSL:
Fixed bug #76705 (unusable ssl => peer_fingerprint in stream_context_create()).
phpdbg:
Fixed bug #76595 (phpdbg man page contains outdated information).
SPL:
Fixed bug #68825 (Exception in DirectoryIterator::getLinkTarget()).
Fixed bug #68175 (RegexIterator pregFlags are NULL instead of 0).
Standard:
Fixed bug #76778 (array_reduce leaks memory if callback throws exception).
zlib:
Fixed bug #65988 (Zlib version check fails when an include/zlib/ style dir is passed to the --with-zlib configure option).
Fixed bug #76709 (Minimal required zlib library is 1.2.0.4).
Version 7.3.0RC2
- CURL:
. Fixed bug #76480 (Use curl_multi_wait() so that timeouts are respected).
(Pierrick)

- Core:
. Fixed bug #76869 (Incorrect bypassing protected method accessibilty check).
(Dmitry)
. Fixed bug #76800 (foreach inconsistent if array modified during loop).
(Dmitry)
. Fixed bug #76901 (method_exists on SPL iterator passthrough method corrupts
memory). (Nikita)

- iconv:
. Fixed bug #66828 (iconv_mime_encode Q-encoding longer than it should be).
(cmb)

- Opcache:
. Fixed bug #76711 (OPcache enabled triggers false-positive "Illegal string
offset"). (Dmitry)

- PCRE:
. Upgrade PCRE2 to 10.32. (Anatol)
. Fixed bug #76909 (preg_match difference between 7.3 and < 7.3). (Anatol)

- Standard:
. Fixed bug #75533 (array_reduce is slow when $carry is large array).
(Manabu Matsui)

- XMLRPC:
. Fixed bug #76886 (Can't build xmlrpc with expat). (Thomas Petazzoni, cmb)
To install PHP 7.2 with MySQL/MariaDB and php-fpm support:
apt-get install php7.2-cgi php7.2-gd php7.2-curl php7.2-imap php7.2-sqlite3 php7.2-mysql php7.2-tidy php7.2-pspell php7.2-recode php7.2-xml php7.2-intl php7.2-enchant php7.2-gmp php7.2-mbstring php7.2-soap php7.2-xmlrpc php7.2-zip php7.2-fpm

Please note that the mcrypt package is no longer available after the support has been removed from PHP 7.2