Software 42744 Published by

PHP-8.2.25RC1 has been released with several fixes and improvements. These include fixes for calendar, jdtounix overflow, easter_days/easter_date overflow, jddayofweek overflow, jewishtojd overflow, CLI, core, date, DOM, GD, LDAP, MBString, OpenSSL, PCRE, PHPDBG, Reflection, SAPI, SimpleXML, sockets, SOAP, streams, TSRM, and XML.



php-8.2.25RC1

- Calendar:
. Fixed GH-16240: jdtounix overflow on argument value. (David Carlier)
. Fixed GH-16241: easter_days/easter_date overflow on year argument.
(David Carlier)
. Fixed GH-16263: jddayofweek overflow. (cmb)
. Fixed GH-16234: jewishtojd overflow. (nielsdos)

- CLI:
. Fixed bug GH-16137: duplicate http headers when set several times by
the client. (David Carlier)

- Core:
. Fixed bug GH-15712: zend_strtod overflow with precision INI set on
large value. (David Carlier)
. Fixed bug GH-15905 (Assertion failure for TRACK_VARS_SERVER). (cmb)
. Fixed bug GH-15907 (Failed assertion when promoting Serialize deprecation to
exception). (ilutov)
. Fixed bug GH-15851 (Segfault when printing backtrace during cleanup of
nested generator frame). (ilutov)
. Fixed bug GH-15866 (Core dumped in Zend/zend_generators.c). (Arnaud)
. Fixed bug GH-16188 (Assertion failure in Zend/zend_exceptions.c). (Arnaud)
. Fixed bug GH-16233 (Observer segfault when calling user function in
internal function via trampoline). (nielsdos)

- Date:
. Fixed bug GH-15582: Crash when not calling parent constructor of
DateTimeZone. (Derick)
. Fixed regression where signs after the first one were ignored while parsing
a signed integer, with the DateTimeInterface::modify() function. (Derick)

- DOM:
. Fixed bug GH-16039 (Segmentation fault (access null pointer) in
ext/dom/parentnode/tree.c). (nielsdos)
. Fixed bug GH-16151 (Assertion failure in ext/dom/parentnode/tree.c).
(nielsdos)

- GD:
. Fixed bug GH-16232 (bitshift overflow on wbmp file content reading /
fix backport from upstream). (David Carlier)
. Fixed bug GH-12264 (overflow/underflow on imagerotate degrees value)
(David Carlier)
. Fixed bug GH-16274 (imagescale underflow on RBG channels /
fix backport from upstream). (David Carlier)

- LDAP:
. Fixed bug GH-16032 (Various NULL pointer dereferencements in
ldap_modify_batch()). (Girgias)
. Fixed bug GH-16101 (Segfault in ldap_list(), ldap_read(), and ldap_search()
when LDAPs array is not a list). (Girgias)
. Fix GH-16132 (php_ldap_do_modify() attempts to free pointer not allocated
by ZMM.). (Girgias)
. Fix GH-16136 (Memory leak in php_ldap_do_modify() when entry is not a
proper dictionary). (Girgias)

- MBString:
. Fixed bug GH-16261 (Reference invariant broken in mb_convert_variables()).
(nielsdos)

- OpenSSL:
. Fixed stub for openssl_csr_new. (Jakub Zelenka)

- PCRE:
. Fixed bug GH-16189 (underflow on offset argument). (David Carlier)
. Fixed bug GH-16184 (UBSan address overflowed in ext/pcre/php_pcre.c).
(nielsdos)

- PHPDBG:
. Fixed bug GH-15901 (phpdbg: Assertion failure on i funcs). (cmb)
. Fixed bug GH-16181 (phpdbg: exit in exception handler reports fatal error).
(cmb)

- Reflection:
. Fixed bug GH-16187 (Assertion failure in ext/reflection/php_reflection.c).
(DanielEScherzer)

- SAPI:
. Fixed bug GH-15395 (php-fpm: zend_mm_heap corrupted with cgi-fcgi request).
(Jakub Zelenka, David Carlier)

- SimpleXML:
. Fixed bug GH-15837 (Segmentation fault in ext/simplexml/simplexml.c).
(nielsdos)

- Sockets:
. Fixed bug GH-16267 (socket_strerror overflow on errno argument).
(David Carlier)

- SOAP:
. Fixed bug #62900 (Wrong namespace on xsd import error message). (nielsdos)
. Fixed bug GH-16237 (Segmentation fault when cloning SoapServer). (nielsdos)
. Fix Soap leaking http_msg on error. (nielsdos)
. Fixed bug GH-16256 (Assertion failure in ext/soap/php_encoding.c:460).
(nielsdos)
. Fixed bug GH-16259 (Soap segfault when classmap instantiation fails).
(nielsdos)

- Standard:
. Fixed bug GH-15613 (overflow on unpack call hex string repeater).
(David Carlier)
. Fixed bug GH-15937 (overflow on stream timeout option value).
(David Carlier)
. Fixed bug GH-16053 (Assertion failure in Zend/zend_hash.c). (Arnaud)

- Streams:
. Fixed bugs GH-15908 and GH-15026 (leak / assertion failure in streams.c).
(nielsdos)
. Fixed bug GH-15980 (Signed integer overflow in main/streams/streams.c).
(cmb)

- TSRM:
. Prevent closing of unrelated handles. (cmb)

- XML:
. Fixed bug GH-15868 (Assertion failure in xml_parse_into_struct after
exception). (nielsdos)

Release php-8.2.25RC1 · php/php-src