March 2023 Releases

March 23, 2023

Backported Fixes for ZendPHP 7.3.33.7, 7.2.34.15, and 7.1.33.19

- Intl:
 . Fixed bug #72809 (Locale::lookup() wrong result with canonicalize option)

Community Fixes for ZendPHP 8.2.4

- Core:
 . Fixed incorrect check condition in ZEND_YIELD. 
 . Fixed incorrect check condition in type inference.
 . Fix incorrect check in zend_internal_call_should_throw().
 . Fixed overflow check in OnUpdateMemoryConsumption.
 . Fixed bug GH-9916 (Entering shutdown sequence with a fiber suspended in a
   Generator emits an unavoidable fatal error or crashes).
 . Fixed bug GH-10437 (Segfault/assertion when using fibers in shutdown
   function after bailout). 
 . Fixed SSA object type update for compound assignment opcodes.
 . Fixed language scanner generation build. 
 . Fixed zend_update_static_property() calling zend_update_static_property_ex()
   misleadingly with the wrong return type. 
 . Fix bug GH-10570 (Fixed unknown string hash on property fetch with integer
   constant name). 
 . Fixed php_fopen_primary_script() call resulted on zend_destroy_file_handle()
   freeing dangling pointers on the handle as it was uninitialized. 

- Curl:
 . Fixed deprecation warning at compile time.
 . Fixed bug GH-10270 (Unable to return CURL_READFUNC_PAUSE in readfunc
   callback). 

- Date:
 . Fix GH-10447 ('p' format specifier does not yield 'Z' for 00:00). 
 . Fix GH-10152 (Custom properties of Date's child classes are not
   serialised). 

- FFI:
 . Fixed incorrect bitshifting and masking in ffi bitfield.

- Fiber:
 . Fixed assembly on alpine x86. 
 . Fixed bug GH-10496 (segfault when garbage collector is invoked inside of
   fiber). 

- FPM:
 . Fixed bug GH-10315 (FPM unknown child alert not valid). 
 . Fixed bug GH-10385 (FPM successful config test early exit).

- GMP:
 . Properly implement GMP::__construct(). 

- Intl:
 . Fixed bug GH-10647 (Spoolchecker isSuspicious/areConfusable methods
   error code's argument always returning NULL0. 

- JSON:
 . Fixed JSON scanner and parser generation build.
 

- MBString:
 . ext/mbstring: fix new_value length check.
 . Fix bug GH-10627 (mb_convert_encoding crashes PHP on Windows). 

- Opcache:
 . Fix incorrect page_size check.
 . Fix readonly modification check when using inc/dec operators on readonly
   property with JIT. 

- OpenSSL:
 . Fixed php_openssl_set_server_dh_param() DH params errors handling. 

- PDO OCI:
 . Fixed bug #60994 (Reading a multibyte CLOB caps at 8192 chars).
  

- PHPDBG:
 . Fixed bug GH-10715 (heap buffer overflow on --run option misuse).

- PGSQL:
 . Fix GH-10672 (pg_lo_open segfaults in the strict_types mode). 

- Phar:
 . Fix incorrect check in phar tar parsing.

- Random:
 . Fix GH-10390 (Do not trust arc4random_buf() on glibc).
 . Fix GH-10292 (Made the default value of the first param of srand() and
   mt_srand() unknown).

- Reflection:
 . Fixed bug GH-10623 (Reflection::getClosureUsedVariables opcode fix with
   variadic arguments).
 . Fix Segfault when using ReflectionFiber suspended by an internal function.
 

- Session:
 . Fixed ps_files_cleanup_dir() on failure code paths with -1 instead of 0 as
   the latter was considered success by callers.

- Standard:
 . Fixed bug GH-8086 (Introduce mail.mixed_lf_and_crlf INI).
 . Fixed bug GH-10292 (Made the default value of the first param of srand() and
   mt_srand() unknown).
 . Fix incorrect check in cs_8559_5 in map_from_unicode().
 . Fix bug GH-9697 for reset/end/next/prev() attempting to move pointer of
   properties table for certain internal classes such as FFI classes
 . Fix incorrect error check in browsecap for pcre2_match().

- Streams:
 . Fixed bug GH-10370 (File corruption in _php_stream_copy_to_stream_ex when
   using copy_file_range).
 . Fixed bug GH-10548 (copy() fails on cifs mounts because of incorrect
   copy_file_range() len). 

- Tidy:
 . Fix memory leaks when attempting to open a non-existing file or a file over
   4GB.
 . Add missing error check on tidyLoadConfig.

- Zlib:
 . Fixed output_handler directive value's length which counted the string
   terminator.

Community Fixes for ZendPHP 8.1.17

- Core:
 . Fixed incorrect check condition in ZEND_YIELD.
 . Fixed incorrect check condition in type inference.
 . Fixed overflow check in OnUpdateMemoryConsumption. 
 . Fixed bug GH-9916 (Entering shutdown sequence with a fiber suspended in a
   Generator emits an unavoidable fatal error or crashes).
 . Fixed bug GH-10437 (Segfault/assertion when using fibers in shutdown
   function after bailout).
 . Fixed SSA object type update for compound assignment opcodes. (nielsdos)
 . Fixed language scanner generation build.
 . Fixed zend_update_static_property() calling zend_update_static_property_ex()
   misleadingly with the wrong return type.
 . Fix bug GH-10570 (Fixed unknown string hash on property fetch with integer
   constant name).
 . Fixed php_fopen_primary_script() call resulted on zend_destroy_file_handle()
   freeing dangling pointers on the handle as it was uninitialized.

- Curl:
 . Fixed deprecation warning at compile time.
 . Fixed bug GH-10270 (Unable to return CURL_READFUNC_PAUSE in readfunc
   callback).

- Date:
 . Fix GH-10447 ('p' format specifier does not yield 'Z' for 00:00).

- FFI:
 . Fixed incorrect bitshifting and masking in ffi bitfield.

- Fiber:
 . Fixed assembly on alpine x86. 
 . Fixed bug GH-10496 (segfault when garbage collector is invoked inside of
   fiber). 

- FPM:
 . Fixed bug GH-10315 (FPM unknown child alert not valid). 
 . Fixed bug GH-10385 (FPM successful config test early exit).

- Intl:
 . Fixed bug GH-10647 (Spoolchecker isSuspicious/areConfusable methods
   error code's argument always returning NULL0. 

- JSON:
 . Fixed JSON scanner and parser generation build.
 

- MBString:
 . ext/mbstring: fix new_value length check. 
 . Fix bug GH-10627 (mb_convert_encoding crashes PHP on Windows).

- Opcache:
 . Fix incorrect page_size check.

- OpenSSL:
 . Fixed php_openssl_set_server_dh_param() DH params errors handling.

- PDO OCI:
 . Fixed bug #60994 (Reading a multibyte CLOB caps at 8192 chars).

- PHPDBG:
 . Fixed bug GH-10715 (heap buffer overflow on --run option misuse). 

- PGSQL:
 . Fix GH-10672 (pg_lo_open segfaults in the strict_types mode).

- Phar:
 . Fix incorrect check in phar tar parsing. 

- Reflection:
 . Fixed bug GH-10623 (Reflection::getClosureUsedVariables opcode fix with
   variadic arguments).
 . Fix Segfault when using ReflectionFiber suspended by an internal function.

- Session:
 . Fixed ps_files_cleanup_dir() on failure code paths with -1 instead of 0 as
   the latter was considered success by callers.

- Standard:
 . Fixed bug GH-10292 (Made the default value of the first param of srand() and
   mt_srand() unknown).
 . Fix incorrect check in cs_8559_5 in map_from_unicode().
 . Fix bug GH-9697 for reset/end/next/prev() attempting to move pointer of
   properties table for certain internal classes such as FFI classes
 . Fix incorrect error check in browsecap for pcre2_match().

- Tidy:
 . Fix memory leaks when attempting to open a non-existing file or a file over
   4GB.
 . Add missing error check on tidyLoadConfig.

- Zlib:
 . Fixed output_handler directive value's length which counted the string
   terminator.

March 1, 2023

Backported Fixes for PHP Versions 7.4.33.2, 7.3.33.6, 7.2.34.14, and 7.1.33.18

- Core: 
 . Fixed bug #81744 (Password_verify() always return true with some hash).
   (CVE-2023-0567)
 . Fixed bug #81746 (1-byte array overrun in common path resolve code).
   (CVE-2023-0568)

- FPM:
 . Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when parsing multipart
   request body). (CVE-2023-0662)