Software 42492 Published by

Pierrick Charron has announced the release of the fifth release candidate for PHP 8.2.0.


- CLI:
. Fixed bug GH-9709 (Null pointer dereference with -w/-s options). (Adam Saponara)

- GD:
. Fixed bug #81739: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630) (cmb)

- Hash:
. Fixed bug #81738: buffer overflow in hash_update() on long parameter. (CVE-2022-37454) (nicky at mouha dot be)

- Core:
. Fixed bug GH-9752 (Generator crashes when interrupted during argument evaluation with extra named params). (Arnaud)
. Fixed bug GH-9801 (Generator crashes when memory limit is exceeded during initialization). (Arnaud)
. Fixed a bug with preloaded enums possibly segfaulting. (Bob)

- MySQLnd:
. Fixed potential heap corruption due to alignment mismatch. (cmb)

- OpenSSL:
. Fixed missing clean up of OpenSSL engine list - attempt to fix GH-8620. (Jakub Zelenka)
. Fixed bug GH-8430 (OpenSSL compiled with no-md2, no-md4 or no-rmd160 does not build). (Jakub Zelenka, fsbruva)

. Fixed bug GH-9372 (HY010 when binding overlong parameter). (cmb)

. Fixed bug GH-9720 (Null pointer dereference while serializing the response). (cmb)

- Streams:
. Fixed bug GH-9779 (stream_copy_to_stream fails if dest in append mode). (Jakub Zelenka)

Release php-8.2.0RC5 · php/php-src