Updated PHP from 7.4.22 to 7.4.26

  • Core
    • Fixed bug #81518 (Header injection via default_mimetype / default_charset).
  • Date
    • Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2)
  • MBString
    • Fixed bug #76167 (mbstring may use pointer from some previous request)
  • MySQLi
    • Fixed bug #81494 (Stopped unbuffered query does not throw error)
  • PCRE
    • Fixed bug #81424 (PCRE2 10.35 JIT performance regression)
  • Streams
    • Fixed bug #54340 (Memory corruption with user_filter)
  • XML
    • Fixed bug #79971 (special character is breaking the path in xml function). (CVE-2021-21707)

Updated PHP from 7.3.29 to 7.3.33

  • XML
    • Fix #79971: special character is breaking the path in xml function. (CVE-2021-21707)

Updated PHP from 7.2.34.4 to 7.2.34.8

  • XML
    • Fix #79971: special character is breaking the path in xml function.

Updated PHP from 7.1.33.8 to 7.1.33.12

  • XML
    • Fix #79971: special character is breaking the path in xml function.