5.5.22 release

2026-03-23 23:02:13 +01:00 · 2015-02-19 13:50:43 +01:00
parent 90e5006c06
commit c2991fbb5a
6 changed files with 166 additions and 6 deletions
--- a/ChangeLog-5.php
+++ b/ChangeLog-5.php
@@ -8,6 +8,86 @@ site_header("PHP 5 ChangeLog", array("current" => "docs", "css" => array("change

 <h1>PHP 5 ChangeLog</h1>

+<section class="version" id="5.5.22"><!-- {{{ 5.5.22 -->
+<h3>Version 5.5.22</h3>
+<b>19-Feb-2015</b>
+<ul><li>Core:
+<ul>
+  <li><?php bugfix(67068); ?> (getClosure returns somethings that's not a closure).</li>
+  <li><?php bugfix(68925); ?> (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow).</li>
+  <li><?php bugfix(68942); ?> (Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273)</li>
+  <li>Added NULL byte protection to exec, system and passthru.</li>
+  <li>Removed support for multi-line headers, as the are deprecated by RFC 7230.</li>
+</ul></li>
+<li>Date:
+<ul>
+  <li><?php bugfix(45081); ?> (strtotime incorrectly interprets SGT time zone).</li>
+</ul></li>
+<li>Dba:
+<ul>
+  <li><?php bugfix(68711); ?> (useless comparisons).</li>
+</ul></li>
+<li>Enchant:
+<ul>
+  <li><?php bugfix(6855); ?> (heap buffer overflow in enchant_broker_request_dict()).</li>
+</ul></li>
+<li>Fileinfo:
+<ul>
+  <li><?php bugfix(68827); ?> (Double free with disabled ZMM).</li>
+</ul></li>
+<li>FPM:
+<ul>
+  <li><?php bugfix(66479); ?> (Wrong response to FCGI_GET_VALUES).</li>
+  <li><?php bugfix(68571); ?> (core dump when webserver close the socket).</li>
+</ul></li>
+<li>Libxml:
+<ul>
+  <li><?php bugfix(64938); ?> (libxml_disable_entity_loader setting is shared between threads).</li>
+</ul></li>
+<li>OpenSSL:
+<ul>
+  <li><?php bugfix(55618); ?> (use case-insensitive cert name matching).</li>
+</ul></li>
+<li>PDO_mysql:
+<ul>
+  <li><?php bugfix(68750); ?> (PDOMysql with mysqlnd does not allow the usage of named pipes).</li>
+</ul></li>
+<li>Phar:
+<ul>
+  <li><?php bugfix(68901); ?> (use after free).</li>
+</ul></li>
+<li>Pgsql:
+<ul>
+  <li><?php bugfix(65199); ?> (pg_copy_from() modifies input array variable).</li>
+</ul></li>
+<li>Sqlite3:
+<ul>
+  <li><?php bugfix(68260); ?> (SQLite3Result::fetchArray declares wrong required_num_args).</li>
+</ul></li>
+<li>Mysqli:
+<ul>
+  <li><?php bugfix(68114); ?> (linker error on some OS X machines with fixed width decimal support).</li>
+  <li><?php bugfix(68657); ?> (Reading 4 byte floats with Mysqli and libmysqlclient has rounding errors).</li>
+</ul></li>
+<li>Session:
+<ul>
+  <li><?php bugfix(68941); ?> (mod_files.sh is a bash-script).</li>
+  <li><?php bugfix(66623); ?> (no EINTR check on flock).</li>
+  <li><?php bugfix(68063); ?> (Empty session IDs do still start sessions).</li>
+</ul></li>
+<li>Standard:
+<ul>
+  <li><?php bugfix(65272); ?> (flock() out parameter not set correctly in windows).</li>
+  <li><?php bugfix(69033); ?> (Request may get env. variables from previous requests if PHP works as FastCGI).</li>
+</ul></li>
+<li>Streams:
+<ul>
+  <li>Fixed bug which caused call after final close on streams filter.</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
+
 <section class="version" id="5.4.38"><!-- {{{ 5.4.38 -->
 <h3>Version 5.4.38</h3>
 <b>19-Feb-2015</b>
--- a/archive/archive.xml
+++ b/archive/archive.xml
@@ -9,6 +9,7 @@
    <uri>http://php.net/contact</uri>
    <email>php-webmaster@lists.php.net</email>
  </author>
+  <xi:include href="entries/2015-02-19-1.xml"/>
  <xi:include href="entries/2015-02-18-1.xml"/>
  <xi:include href="entries/2015-01-22-3.xml"/>
  <xi:include href="entries/2015-01-22-2.xml"/>
--- a/archive/entries/2015-02-19-1.xml
+++ b/archive/entries/2015-02-19-1.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom">
+  <title>PHP 5.5.22 is available</title>
+  <id>http://php.net/archive/2015.php#id2015-02-19-1</id>
+  <published>2015-02-19T12:45:19+00:00</published>
+  <updated>2015-02-19T12:45:19+00:00</updated>
+  <category term="frontpage" label="PHP.net frontpage news"/>
+  <category term="releases" label="New PHP release"/>
+  <link href="http://php.net/index.php#id2015-02-19-1" rel="alternate" type="text/html"/>
+  <link href="http://php.net/archive/2015.php#id2015-02-19-1" rel="via" type="text/html"/>
+  <content type="xhtml">
+    <div xmlns="http://www.w3.org/1999/xhtml">
+     <p>The PHP development team announces the immediate availability of PHP
+     5.5.22. This release fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273.
+
+     All PHP 5.5 users are encouraged to upgrade to this version.
+     </p>
+
+     <p>For source downloads of PHP 5.5.22 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,
+     Windows binaries can be found on <a href="http://windows.php.net/download/">windows.php.net/download/</a>.
+     The list of changes is recorded in the <a href="http://www.php.net/ChangeLog-5.php#5.5.22">ChangeLog</a>.
+     </p>
+    </div>
+  </content>
+</entry>
--- a/include/releases.inc
+++ b/include/releases.inc
@@ -2,6 +2,39 @@
 $OLDRELEASES = array (
  5 => 
  array (
+    '5.5.21' => 
+    array (
+      'announcement' => 
+      array (
+        'English' => '/releases/5_5_21.php',
+      ),
+      'source' => 
+      array (
+        0 => 
+        array (
+          'filename' => 'php-5.5.21.tar.bz2',
+          'name' => 'PHP 5.5.21 (tar.bz2)',
+          'md5' => '8fe631ac52a3df9d6429faad81cf2562',
+          'date' => '22 Jan 2015',
+        ),
+        1 => 
+        array (
+          'filename' => 'php-5.5.21.tar.gz',
+          'name' => 'PHP 5.5.21 (tar.gz)',
+          'md5' => '63f8d358d651adef906f650175c796b1',
+          'date' => '22 Jan 2015',
+        ),
+        2 => 
+        array (
+          'filename' => 'php-5.5.21.tar.xz',
+          'name' => 'PHP 5.5.21 (tar.xz)',
+          'md5' => '79664ce44f7c93f355a25a3fe3dcc91b',
+          'date' => '22 Jan 2015',
+        ),
+      ),
+      'date' => '22 Jan 2015',
+      'museum' => false,
+    ),
    '5.6.4' => 
    array (
      'announcement' => 
--- a/include/version.inc
+++ b/include/version.inc
@@ -27,15 +27,15 @@ $PHP_5_6_MD5     = array(
                       "tar.xz"        => "541a480e1f8747219074c99f3e9edbcc",
 );
 /* PHP 5.5 Release */
-$PHP_5_5_RC = '5.5.22RC1'; // Current RC version (e.g., '5.6.7RC1') or false
+$PHP_5_5_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
 $PHP_5_5_RC_DATE = '5 Feb 2015';

-$PHP_5_5_VERSION         = "5.5.21";
-$PHP_5_5_DATE            = "22 Jan 2015";
+$PHP_5_5_VERSION         = "5.5.22";
+$PHP_5_5_DATE            = "19 Feb 2015";
 $PHP_5_5_MD5     = array(
-                       "tar.bz2"       => "8fe631ac52a3df9d6429faad81cf2562",
-                       "tar.gz"        => "63f8d358d651adef906f650175c796b1",
-                       "tar.xz"        => "79664ce44f7c93f355a25a3fe3dcc91b",
+                       "tar.bz2"       => "cd5a6321d71897dec26e29e795926669",
+                       "tar.gz"        => "89caa2614a7e0e7a41796d61869037ca",
+                       "tar.xz"        => "fb1704131d495f5b3e6ab3b087a8dbe6",
 );
 /* PHP 5.4 Release */
 $PHP_5_4_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
--- a/releases/5_5_22.php
+++ b/releases/5_5_22.php
@@ -0,0 +1,21 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_5_22.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.5.22 Release Announcement");
+?>
+
+<h1>PHP 5.5.22 Release Announcement</h1>
+
+     <p>The PHP development team announces the immediate availability of PHP
+     5.5.22. This release fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273.
+
+     All PHP 5.5 users are encouraged to upgrade to this version.
+     </p>
+
+     <p>For source downloads of PHP 5.5.22 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,
+     Windows binaries can be found on <a href="http://windows.php.net/download/">windows.php.net/download/</a>.
+     The list of changes is recorded in the <a href="http://www.php.net/ChangeLog-5.php#5.5.22">ChangeLog</a>.
+     </p>
+
+<?php site_footer(); ?>