PHP

5.5.28

Released on 6 Aug 2015
Project description.
PHP is a popular general-purpose scripting language that is especially suited to web development
PHP 5.5.28 Changelog
  • Core:
    • Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls).
    • Fixed bug #69892 (Different arrays compare indentical due to integer key truncation).
    • Fixed bug #70002 (TS issues with temporary dir handling).
    • Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref).
  • OpenSSL:
    • Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure).
  • Phar:
    • Improved fix for bug #69441.
    • Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory).
  • SOAP:
    • Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions).
  • SPL:
    • Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
    • Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject).
    • Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage).
    • Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList).