Arieh
Verified User
PHP 5.5.19 released
The PHP development team announces the immediate availability of PHP 5.5.19. This release fixes several bugs and one CVE in the fileinfo extension. All PHP 5.5 users are encouraged to upgrade to this version.
For source downloads of PHP 5.5.19 please visit our downloads page, Windows binaries can be found on windows.php.net/download/. The list of changes is recorded in the ChangeLog.
Version 5.5.19
13 Nov 2014
Core:
Fixed bug #68095 (AddressSanitizer reports a heap buffer overflow in php_getopt()).
Fixed bug #68118 ($a->foo .= 'test'; can leave $a->foo undefined).
Fixed bug #68129 (parse_url() - incomplete support for empty usernames and passwords).
Fixed bug #68365 (zend_mm_heap corrupted after memory overflow in zend_hash_copy).
cURL:
Add CURL_SSLVERSION_TLSv1_0, CURL_SSLVERSION_TLSv1_1, and CURL_SSLVERSION_TLSv1_2 constants if supported by libcurl.
Fileinfo:
Fixed bug #66242 (libmagic: don't assume char is signed).
Fixed bug #68283 (fileinfo: out-of-bounds read in elf note headers). (CVE-2014-3710).
FPM:
Implemented FR #55508 (listen and listen.allowed_clients should take IPv6 addresses.
GD:
Fixed bug #65171imagescale() fails without height param
GMP:
Fixed bug #63595 (GMP memory management conflicts with other libraries using GMP).
Mysqli:
Fixed bug #68114 (linker error on some OS X machines with fixed width decimal support).
ODBC:
Fixed bug #68087 (ODBC not correctly reading DATE column when preceded by a VARCHAR column)
SPL:
Fixed bug #68128 (Regression in RecursiveRegexIterator)