Software 42770 Published by

Pierrick Charron has announced the release of PHP 8.2.14.



php-8.2.14

- Core:
. Fixed oss-fuzz #54325 (Use-after-free of name in var-var with malicious error handler). (ilutov)
. Fixed oss-fuzz #64209 (In-place modification of filename in php_message_handler_for_zend). (ilutov)
. Fixed bug GH-12758 / GH-12768 (Invalid opline in OOM handlers within ZEND_FUNC_GET_ARGS and ZEND_BIND_STATIC). (Florian Engelhardt)
. Fix various missing NULL checks. (nielsdos, dstogov)
. Fixed bug GH-12835 (Leak of call->extra_named_params on internal __call). (ilutov)

- Date:
. Fixed improbably integer overflow while parsing really large (or small) Unix timestamps. (Derick)

- DOM:
. Fixed bug GH-12616 (DOM: Removing XMLNS namespace node results in invalid default: prefix). (nielsdos)

- FPM:
. Fixed bug GH-12705 (Segmentation fault in fpm_status_export_to_zval). (Patrick Prasse)

- FTP:
. Fixed bug GH-9348 (FTP & SSL session reuse). (nielsdos)

- Intl:
. Fixed bug GH-12635 (Test bug69398.phpt fails with ICU 74.1). (nielsdos)

- LibXML:
. Fixed bug GH-12702 (libxml2 2.12.0 issue building from src). (nono303)
. Fixed test failures for libxml2 2.12.0. (nielsdos)

- MySQLnd:
. Avoid using uninitialised struct. (mikhainin)
. Fixed bug GH-12791 (Possible dereference of NULL in MySQLnd debug code). (nielsdos)

- Opcache:
. Fixed JIT bug (Function JIT emits "Uninitialized string offset" warning at the same time as invalid offset Error). (Girgias)
. Fixed JIT bug (JIT emits "Attempt to assign property of non-object" warning at the same time as Error is being thrown). (Girgias)

- OpenSSL:
. Fixed bug #50713 (openssl_pkcs7_verify() may ignore untrusted CAs). (Jakub Zelenka)

- PCRE:
. Fixed bug GH-12628 (The gh11374 test fails on Alpinelinux). (nielsdos)

- PDO PGSQL:
. Fixed the default value of $fetchMode in PDO::pgsqlGetNotify() (kocsismate)

- PGSQL:
. Fixed bug GH-12763 wrong argument type for pg_untrace. (degtyarov)

- PHPDBG:
. Fixed bug GH-12675 (MEMORY_LEAK in phpdbg_prompt.c). (nielsdos)

- SOAP:
. Fixed bug GH-12838 ([SOAP] Temporary WSDL cache files not being deleted). (nielsdos)

- SPL:
. Fixed bug GH-12721 (SplFileInfo::getFilename() segfault in combination with GlobIterator and no directory separator). (nielsdos)

- SQLite3:
. Fixed bug GH-12633 (sqlite3_defensive.phpt fails with sqlite 3.44.0). (SakiTakamachi)

- Standard:
. Fix memory leak in syslog device handling. (danog)
. Fixed bug GH-12621 (browscap segmentation fault when configured in the vhost). (nielsdos)
. Fixed bug GH-12655 (proc_open() does not take into account references in the descriptor array). (nielsdos)

- Streams:
. Fixed bug #79945 (Stream wrappers in imagecreatefrompng causes segfault). (Jakub Zelenka)

- Zip:
. Fixed bug GH-12661 (Inconsistency in ZipArchive::addGlob remove_path Option Behavior). (Remi)

Release php-8.2.14 · php/php-src