announce 5.6.31

2026-03-23 23:02:13 +01:00 · 2017-07-07 00:06:42 +02:00
parent f65d2c6313
commit ba33d7711f
6 changed files with 122 additions and 8 deletions
--- a/ChangeLog-5.php
+++ b/ChangeLog-5.php
@@ -8,6 +8,40 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change

 <h1>PHP 5 ChangeLog</h1>

+<section class="version" id="5.6.31"><!-- {{{ 5.6.31 -->
+<h3>Version 5.6.31</h3>
+<b><?php release_date('06-Jul-2017'); ?></b>
+<ul><li>Core:
+<ul>
+  <li><?php bugfix(73807); ?> (Performance problem with processing post request over 2000000 chars).</li>
+  <li><?php bugfix(74111); ?> (Heap buffer overread (READ: 1) finish_nested_data from unserialize).</li>
+  <li><?php bugfix(74603); ?> (PHP INI Parsing Stack Buffer Overflow Vulnerability).</li>
+  <li><?php bugfix(74819); ?> (wddx_deserialize() heap out-of-bound read via php_parse_date()).</li>
+</ul></li>
+<li>GD:
+<ul>
+  <li><?php bugfix(74435); ?> (Buffer over-read into uninitialized memory).</li>
+</ul></li>
+<li>mbstring:
+<ul>
+  <li>Add oniguruma upstream fix (CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229) 
+(Remi, Mamoru TASAKA)</li>
+</ul></li>
+<li>OpenSSL:
+<ul>
+  <li><?php bugfix(74651); ?> (negative-size-param (-1) in memcpy in zif_openssl_seal()).</li>
+</ul></li>
+<li>PCRE:
+<ul>
+  <li><?php bugfix(74087); ?> (Segmentation fault in PHP7.1.1(compiled using the bundled PCRE library)).</li>
+</ul></li>
+<li>WDDX:
+<ul>
+  <li><?php bugfix(74145); ?> (wddx parsing empty boolean tag leads to SIGSEGV).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
 <section class="version" id="5.6.30"><!-- {{{ 5.6.30 -->
 <h3>Version 5.6.30</h3>
 <b><?php release_date('19-Jan-2017'); ?></b>
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
    <uri>http://php.net/contact</uri>
    <email>php-webmaster@lists.php.net</email>
  </author>
+  <xi:include href="entries/2017-07-06-4.xml"/>
  <xi:include href="entries/2017-07-06-3.xml"/>
  <xi:include href="entries/2017-07-06-2.xml"/>
  <xi:include href="entries/2017-07-06-1.xml"/>
--- a/archive/entries/2017-07-06-4.xml
+++ b/archive/entries/2017-07-06-4.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom">
+  <title>PHP 5.6.31 Released</title>
+  <id>http://php.net/archive/2017.php#id2017-07-06-4</id>
+  <published>2017-07-06T15:03:21-07:00</published>
+  <updated>2017-07-06T15:03:21-07:00</updated>
+  <category term="frontpage" label="PHP.net frontpage news"/>
+  <category term="releases" label="New PHP release"/>
+  <link href="http://php.net/index.php#id2017-07-06-4" rel="alternate" type="text/html"/>
+  <link href="http://php.net/archive/2017.php#id2017-07-06-4" rel="via" type="text/html"/>
+  <content type="xhtml">
+    <div xmlns="http://www.w3.org/1999/xhtml">
+     <p>The PHP development team announces the immediate availability of PHP
+     5.6.31. This is a security release. Several security bugs were fixed in
+     this release.
+
+     All PHP 5.6 users are encouraged to upgrade to this version.</p>
+
+     <p>For source downloads of PHP 5.6.31 please visit our <a href="http://www.php.net/downloads.php">downloads pag$
+     Windows source and binaries can be found on <a href="http://windows.php.net/download/">windows.php.net/download$
+     The list of changes is recorded in the <a href="http://www.php.net/ChangeLog-5.php#5.6.31">ChangeLog</a>.
+     </p>
+    </div>
+  </content>
+</entry>
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -1,9 +1,8 @@
 <?php
-
 $OLDRELEASES = array (
  7 => 
  array (
-    '7.1.6' =>
+    '7.1.6' => 
    array (
      'announcement' => 
      array (
@@ -69,7 +68,7 @@ $OLDRELEASES = array (
      'date' => '08 Jun 2017',
      'museum' => false,
    ),
-    '7.1.5' =>
+    '7.1.5' => 
    array (
      'announcement' => 
      array (
@@ -930,6 +929,39 @@ $OLDRELEASES = array (
  ),
  5 => 
  array (
+    '5.6.30' => 
+    array (
+      'announcement' => 
+      array (
+        'English' => '/releases/5_6_30.php',
+      ),
+      'source' => 
+      array (
+        0 => 
+        array (
+          'filename' => 'php-5.6.30.tar.bz2',
+          'name' => 'PHP 5.6.30 (tar.bz2)',
+          'sha256' => 'a105c293fa1dbff118b5b0ca74029e6c461f8c78f49b337a2a98be9e32c27906',
+          'date' => '19 Jan 2017',
+        ),
+        1 => 
+        array (
+          'filename' => 'php-5.6.30.tar.gz',
+          'name' => 'PHP 5.6.30 (tar.gz)',
+          'sha256' => '8bc7d93e4c840df11e3d9855dcad15c1b7134e8acf0cf3b90b932baea2d0bde2',
+          'date' => '19 Jan 2017',
+        ),
+        2 => 
+        array (
+          'filename' => 'php-5.6.30.tar.xz',
+          'name' => 'PHP 5.6.30 (tar.xz)',
+          'sha256' => 'a363185c786432f75e3c7ff956b49c3369c3f6906a6b10459f8d1ddc22f70805',
+          'date' => '19 Jan 2017',
+        ),
+      ),
+      'date' => '19 Jan 2017',
+      'museum' => false,
+    ),
    '5.6.29' => 
    array (
      'announcement' => 
--- a/include/version.inc
+++ b/include/version.inc
@@ -44,12 +44,12 @@ $PHP_7_0_SHA256     = array(
 $PHP_5_6_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
 $PHP_5_6_RC_DATE = "05 Jan 2017";

-$PHP_5_6_VERSION         = "5.6.30";
-$PHP_5_6_DATE            = "19 Jan 2017";
+$PHP_5_6_VERSION         = "5.6.31";
+$PHP_5_6_DATE            = "06 Jul 2017";
 $PHP_5_6_SHA256     = array(
-                       "tar.bz2"       => "a105c293fa1dbff118b5b0ca74029e6c461f8c78f49b337a2a98be9e32c27906",
-                       "tar.gz"        => "8bc7d93e4c840df11e3d9855dcad15c1b7134e8acf0cf3b90b932baea2d0bde2",
-                       "tar.xz"        => "a363185c786432f75e3c7ff956b49c3369c3f6906a6b10459f8d1ddc22f70805",
+                       "tar.bz2"       => "8f397169cb65f0539f3bcb04060f97770d73e19074a37bd2c58b98ebf6ecb10f",
+                       "tar.gz"        => "6687ed2f09150b2ad6b3780ff89715891f83a9c331e69c90241ef699dec4c43f",
+                       "tar.xz"        => "c464af61240a9b7729fabe0314cdbdd5a000a4f0c9bd201f89f8628732fe4ae4",
 );

 /* PHP 5.5 Release */
--- a/releases/5_6_31.php
+++ b/releases/5_6_31.php
@@ -0,0 +1,22 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_6_31.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.6.31 Release Announcement");
+?>
+
+     <h1>PHP 5.6.31 Release Announcement</h1>
+     
+     <p>The PHP development team announces the immediate availability of PHP
+     5.6.31. This is a security release. Several security bugs were fixed in
+     this release.
+     
+     All PHP 5.6 users are encouraged to upgrade to this version.
+     </p>
+     
+     <p>For source downloads of PHP 5.6.31 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,
+     Windows source and binaries can be found on <a href="http://windows.php.net/download/">windows.php.net/download/</a>.
+     The list of changes is recorded in the <a href="http://www.php.net/ChangeLog-5.php#5.6.31">ChangeLog</a>.
+     </p>
+
+<?php site_footer(); ?>