PHP

5.6.10

Released on 11 Jun 2015
Project description.
PHP is a popular general-purpose scripting language that is especially suited to web development
PHP 5.6.10 Changelog
  • Core:
    • Fixed bug #66048 (temp. directory is cached during multiple requests).
    • Fixed bug #69566 (Conditional jump or move depends on uninitialised value in extension trait).
    • Fixed bug #69599 (Strange generator+exception+variadic crash).
    • Fixed bug #69628 (complex GLOB_BRACE fails on Windows).
    • Fixed POST data processing slowdown due to small input buffer size on Windows.
    • Fixed bug #69646 (OS command injection vulnerability in escapeshellarg). (CVE-2015-4642)
    • Fixed bug #69719 (Incorrect handling of paths with NULs).
  • FTP:
    • Improved fix for bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow). (CVE-2015-4643)
  • GD:
    • Fixed bug #69479 (GD fails to build with newer libvpx).
  • Iconv:
    • Fixed bug #48147 (iconv with //IGNORE cuts the string).
  • Litespeed SAPI:
    • Fixed bug #68812 (Unchecked return value).
  • Mail:
    • Fixed bug #68776 (mail() does not have mail header injection prevention for additional headers).
  • MCrypt:
    • Added file descriptor caching to mcrypt_create_iv().
  • Opcache:
    • Fixed bug #69549 (Memory leak with opcache.optimization_level=0xFFFFFFFF).
  • PCRE:
    • Upgraded pcrelib to 8.37. (CVE-2015-2325, CVE-2015-2326)
  • Phar:
    • Fixed bug #69680 (phar symlink in binary directory broken).
  • Postgres:
    • Fixed bug #69667 (segfault in php_pgsql_meta_data). (CVE-2015-4644)
  • Sqlite3:
    • Upgrade bundled sqlite to 3.8.10.2. (CVE-2015-3414, CVE-2015-3415, CVE-2015-3416)