PHP

5.4.32

Released on 21 Aug 2014
Project description.
PHP is a popular general-purpose scripting language that is especially suited to web development
PHP 5.4.32 Changelog
  • Core:
    • Fixed bug #67717 (segfault in dns_get_record) (CVE-2014-3597).
    • Fixed bug #67693 (incorrect push to the empty array)
  • COM:
    • Fixed missing type checks in com_event_sink.
  • Fileinfo:
    • Fixed bug #67705 (extensive backtracking in rule regular expression) (CVE-2014-3538).
    • Fixed bug #67716 (Segfault in cdf.c) (CVE-2014-3587).
  • GD:
    • Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference) (CVE-2014-2497).
    • Fixed bug #67730 (Null byte injection possible with imagexxx functions) (CVE-2014-5120).
  • Milter:
    • Fixed bug #67715 (php-milter does not build and crashes randomly).
  • OpenSSL:
    • Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas).
  • Readline:
    • Fixed bug #55496 (Interactive mode doesn't force a newline before the prompt).
    • Fixed bug #67496 (Save command history when exiting interactive shell with control-c).
  • Sessions:
    • Fixed missing type checks in php_session_create_id.
  • SPL:
    • Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting) (CVE-2014-4698).
    • Fixed bug #67538 (SPL Iterators use-after-free) (CVE-2014-4670).
  • ODBC:
    • Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte char fields).