Debian 10261 Published by

Ondřej Surý has released PHP 7.2.0 Release Candidate 5, PHP 7.1.11, PHP 7.0.25, and PHP 5.6.32 packages for both Debian GNU/Linux 8 and 9



PHP 7.2.0 Release Candidate 5
Change Log:

- Core:
. Fixed bug #75368 (mmap/munmap trashing on unlucky allocations). (Nikita,
Dmitry)

- CLI:
. Fixed bug #75287 (Builtin webserver crash after chdir in a shutdown
function). (Laruence)

- Date:
. Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick)

- Enchant:
. Fixed bug #53070 (enchant_broker_get_path crashes if no path is set). (jelle
van der Waa, cmb)
. Fixed bug #75365 (Enchant still reports version 1.1.0). (cmb)

- Exif:
. Fixed bug #75301 (Exif extension has built in revision version). (Peter
Kokot)

- Fileinfo:
. Upgrade bundled libmagic to 5.31. (Anatol)

- GD:
. Fixed bug #65148 (imagerotate may alter image dimensions). (cmb)

- Intl:
. Fixed bug #75378 ([REGRESSION] IntlDateFormatter::parse() does not change
$position argument). (Laruence)
. Fixed bug #75317 (UConverter::setDestinationEncoding changes source instead
of destination). (andrewnester)

- JSON:
. Fixed bug #68567 (JSON_PARTIAL_OUTPUT_ON_ERROR can result in JSON with null
key). (Jakub Zelenka)

- OCI8:
. Fixed valgrind issue. (Tianfang Yang)

- Opcache:
. Fixed bug (assertion fails with extended info generated). (Laruence)
. Fixed bug (Phi sources removel). (Laruence)
. Fixed bug #75370 (Webserver hangs on valid PHP text). (Laruence)
. Fixed bug #75357 (segfault loading WordPress wp-admin). (Laruence)
. Fixed bug #75373 (Warning Internal error: wrong size calculation). (Laruence, Dmitry)

- Openssl:
. Fixed bug #75363 (openssl_x509_parse leaks memory). (Bob)

- PCRE:
. Fixed bug #75207 (applied upstream patch for CVE-2016-1283). (Anatol)

- PGSQL:
. Fixed bug #75419 (Default link incorrectly cleared/linked by pg_close()). (Sara)

- Standard:
. Fixed bug #75221 (Argon2i always throws NUL at the end). (cmb)

- Zlib:
. Fixed bug #75299 (Wrong reflection on inflate_init and inflate_add). (Fabien
Villepinte)
PHP 7.1.11
Change Log:
Core:
Fixed bug #75241 (Null pointer dereference in zend_mm_alloc_small()).
Fixed bug #75236 (infinite loop when printing an error-message).
Fixed bug #75252 (Incorrect token formatting on two parse errors in one request).
Fixed bug #75220 (Segfault when calling is_callable on parent).
Fixed bug #75290 (debug info of Closures of internal functions contain garbage argument names).
Date:
Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()).
Apache2Handler:
Fixed bug #75311 (error: 'zend_hash_key' has no member named 'arKey' in apache2handler).
Hash:
Fixed bug #75303 (sha3 hangs on bigendian).
Intl:
Fixed bug #75318 (The parameter of UConverter::getAliases() is not optional).
litespeed:
Fixed bug #75248 (Binary directory doesn't get created when building only litespeed SAPI).
Fixed bug #75251 (Missing program prefix and suffix).
mcrypt:
Fixed bug #72535 (arcfour encryption stream filter crashes php).
MySQLi:
Fixed bug #75018 (Data corruption when reading fields of bit type).
OCI8:
Fixed incorrect reference counting.
Opcache:
Fixed bug #75255 (Request hangs and not finish).
PCRE:
Fixed bug #75207 (applied upstream patch for CVE-2016-1283).
PDO_mysql:
Fixed bug #75177 (Type 'bit' is fetched as unexpected string).
SPL:
Fixed bug #73629 (SplDoublyLinkedList::setIteratorMode masks intern flags).
PHP 7.0.25
Change Log:
Core:
Fixed bug #75241 (Null pointer dereference in zend_mm_alloc_small()).
Fixed bug #75236 (infinite loop when printing an error-message).
Fixed bug #75252 (Incorrect token formatting on two parse errors in one request).
Fixed bug #75220 (Segfault when calling is_callable on parent).
Fixed bug #75290 (debug info of Closures of internal functions contain garbage argument names).
Apache2Handler:
Fixed bug #75311 (error: 'zend_hash_key' has no member named 'arKey' in apache2handler).
Date:
Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()).
Intl:
Fixed bug #75318 (The parameter of UConverter::getAliases() is not optional).
mcrypt:
Fixed bug #72535 (arcfour encryption stream filter crashes php).
OCI8:
Fixed incorrect reference counting.
PCRE:
Fixed bug #75207 (applied upstream patch for CVE-2016-1283).
litespeed:
Fixed bug #75248 (Binary directory doesn't get created when building only litespeed SAPI).
Fixed bug #75251 (Missing program prefix and suffix).
SPL:
Fixed bug #73629 (SplDoublyLinkedList::setIteratorMode masks intern flags).
PHP 5.6.32 Released
Change Log:
Date:
Fixed bug #75055 (Out-Of-Bounds Read in timelib_meridian()).
mcrypt:
Fixed bug #72535 (arcfour encryption stream filter crashes php).
PCRE:
Fixed bug #75207 (applied upstream patch for CVE-2016-1283).
To add the deb.sury.org PHP repository to your Debian installation, run as root:
apt-get install apt-transport-https lsb-release ca-certificates
wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
sh -c 'echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list'
apt-get update
To install PHP 7.2 with MySQL/MariaDB and php-fpm support:
apt-get install php7.2-cgi php7.2-gd php7.2-curl php7.2-imap php7.2-sqlite3 php7.2-mysql php7.2-tidy php7.2-pspell php7.2-recode php7.2-xml php7.2-intl php7.2-enchant php7.2-gmp php7.2-mbstring php7.2-soap php7.2-xmlrpc php7.2-zip php7.2-fpm

Please note that the mcrypt package is no longer available after the support has been removed from PHP 7.2