Version 5.5.13
29 May 2014
CLI server:
Fixed bug #67079 (Missing MIME types for XML/XSL files).
COM:
Fixed bug #66431 (Special Character via COM Interface (CP_UTF8)).
Core:
Fixed bug #65701 (copy() doesn't work when destination filename is created by tempnam()).
Fixed bug #67072 (Echoing unserialized "SplFileObject" crash).
Fixed bug #67245 (usage of memcpy() with overlapping src and dst in zend_exceptions.c).
Fixed bug #67247 (spl_fixedarray_resize integer overflow).
Fixed bug #67249 (printf out-of-bounds read).
Fixed bug #67250 (iptcparse out-of-bounds read).
cURL:
Fixed bug #64247 (CURLOPT_INFILE doesn't allow reset).
Date:
Fixed bug #67118 (DateTime constructor crash with invalid data).
Fixed bug #67251 (date_parse_from_format out-of-bounds read).
Fixed bug #67253 (timelib_meridian_with_check out-of-bounds read).
DOM:
Fixed bug #67081 (DOMDocumentType->internalSubset returns entire DOCTYPE tag, not only the subset).
Fileinfo:
Fixed bug #66307 (Fileinfo crashes with powerpoint files).
Fixed bug #67327 (CDF infinite loop in nelements DoS) (CVE-2014-0238).
Fixed bug #67328 (numerous file_printf calls resulting in performance degradation) (CVE-2014-0237).
FPM:
Fixed bug #66908 (php-fpm reload leaks epoll_create() file descriptor).
GD:
Fixed bug #67248 (imageaffinematrixget missing check of parameters).
PCRE:
Fixed bug #67248 Ungreedy and min/max quantifier bug, applied patch from the upstream.
Phar:
Fixed bug #64498 ($phar->buildFromDirectory can't compress file with an accent in its name).
