forked from php/web-php
-
Notifications
You must be signed in to change notification settings - Fork 1
/
ChangeLog-4.php
3882 lines (3773 loc) · 247 KB
/
ChangeLog-4.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
855
856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
883
884
885
886
887
888
889
890
891
892
893
894
895
896
897
898
899
900
901
902
903
904
905
906
907
908
909
910
911
912
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
928
929
930
931
932
933
934
935
936
937
938
939
940
941
942
943
944
945
946
947
948
949
950
951
952
953
954
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
977
978
979
980
981
982
983
984
985
986
987
988
989
990
991
992
993
994
995
996
997
998
999
1000
<?php
$_SERVER['BASE_PAGE'] = 'ChangeLog-4.php';
include_once __DIR__ . '/include/prepend.inc';
include_once __DIR__ . '/include/changelogs.inc';
$MINOR_VERSIONS = ['4.4', '4.3', '4.2', '4.1', '4.0'];
changelog_header(4, $MINOR_VERSIONS);
?>
<a id="PHP_4_4"></a>
<section class="version" id="4.4.9"><!-- {{{ 4.4.9 -->
<h3>Version 4.4.9</h3>
<?php release_date("07-Aug-2008"); ?>
<ul>
<li>Updated PCRE to version 7.7.</li>
<li>Fixed overflow in memnstr().</li>
<li>Fixed crash in imageloadfont when an invalid font is given.</li>
<li>Fixed open_basedir handling issue in the curl extension.</li>
<li><?php bugfix(27421); ?> (mbstring.func_overload set in .htaccess becomes global).</li>
</ul>
<!-- }}} --></section>
<section class="version" id="4.4.8"><!-- {{{ 4.4.8 -->
<h3>Version 4.4.8</h3>
<?php release_date("03-Jan-2008"); ?>
<ul>
<li>Improved fix for MOPB-02-2007.</li>
<li>Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner.</li>
<li>Fixed integer overlow in str[c]spn().</li>
<li>Fixed regression in glob when open_basedir is on introduced by <?php bugl(41655); ?> fix.</li>
<li>Fixed money_format() not to accept multiple %i or %n tokens.</li>
<li>Added "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007.</li>
<li>Fixed INFILE LOCAL option handling with MySQL - now not allowed when open_basedir or safe_mode is active.</li>
<li>Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378).</li>
<li><?php bugfix(43010); ?> (Fixed regression in imagearc with two equivelent angles).</li>
<li><?php bugfix(41765); ?> (Recode crashes/does not work on amd64).</li>
<li><?php bugfix(41630); ?> (segfault when an invalid color index is present in the image data).</li>
<li><?php bugfix(41628); ?> (PHP settings leak between Virtual Hosts in Apache 1.3).</li>
<li><?php bugfix(38798); ?> (OpenSSL init corrected in php5 but not in php4).</li>
</ul>
<!-- }}} --></section>
<section class="version" id="4.4.7"><!-- {{{ 4.4.7 -->
<h3>Version 4.4.7</h3>
<?php release_date("03-May-2007"); ?>
<ul>
<li>Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation).</li>
<li>Fixed MOPB-32-2007 (Double free inside session_decode()).</li>
<li>Fixed MOPB-26-2007 (mb_parse_str() can be used to activate register_globals).</li>
<li>Fixed MOPB-24-2007 (Fixed unallocated memory access/double free in in array_user_key_compare()).</li>
<li>Fixed MOPB-22-2007 (PHP session_regenerate_id() Double Free Vulnerability).</li>
<li>Fixed MOPB-21-2007 (An open_basedir/safe_mode bypass inside the compress.bzip2 wraper).</li>
<li>Fixed MOPB-8-2007 (XSS in phpinfo()).</li>
<li>Fixed CVE-2007-1001 (GD wbmp used with invalid image size).</li>
<li>Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf function).</li>
<li><?php bugfix(41252); ?> (Calling mcrypt_generic without first calling mcrypt_generic_init crashes).</li>
<li><?php bugfix(40998); ?> (long session array keys are truncated).</li>
<li><?php bugfix(40915); ?> (addcslashes unexpected behavior with binary input).</li>
<li><?php bugfix(40831); ?> (cURL extension doesn't clean up the buffer of reused handle).</li>
<li><?php bugfix(40747); ?> (possible crash in session when save_path is out of open_basedir).</li>
<li><?php bugfix(38236); ?> (Binary data gets corrupted on multipart/formdata POST).</li>
<li>Fixed huge CPU usage in imagearc when used with large angles (libgd bug #74).</li>
<li>Fixed CRLF injection inside ftp_putcmd().</li>
</ul>
<!-- }}} --></section>
<section class="version" id="4.4.6"><!-- {{{ 4.4.6 -->
<h3>Version 4.4.6</h3>
<?php release_date("01-Mar-2007"); ?>
<ul>
<li>Updated PCRE to version 7.0.</li>
<li>Fixed segfault in ext/session when register_globals=On.</li>
<li><?php bugfix(40635); ?> (segfault in cURL extension).</li>
<li><?php bugfix(40611); ?> (possible cURL memory error).</li>
<li><?php bugfix(40578); ?> (imagettftext() multithreading issue).</li>
<li><?php bugfix(40502); ?> (ext/interbase compile failure).</li>
<li><?php bugfix(40286); ?> (PHP fastcgi with PHP_FCGI_CHILDREN don't kill children when parent is killed).</li>
</ul>
<!-- }}} --></section>
<section class="version" id="4.4.5"><!-- {{{ 4.4.5 -->
<h3>Version 4.4.5</h3>
<?php release_date("14-Feb-2007"); ?>
<ul>
<li>Upgraded PEAR to 1.5.0.</li>
<li>Updated PCRE to version 6.7.</li>
<li>Moved extensions to PECL: ext/ovrimos</li>
<li>Added a meta tag to phpinfo() output to prevent search engines from indexing the page.</li>
<li>Backported a fix in the configure tests to detect the "rounding fuzz".</li>
<li>Backported fix for ext/imap compilation failure with recent c-client versions.</li>
<li>Fixed missing open_basedir check inside chdir() function.</li>
<li><?php bugfix(40335); ?> (Compile fails when using GCC 4.1.1/binutils 2.17).</li>
<li><?php bugfix(39971); ?> (pg_insert/pg_update do not allow now() to be used for timestamp fields).</li>
<li><?php bugfix(39890); ?> (using autoconf 2.6x and --with-layout=GNU breaks PEAR install path).</li>
<li><?php bugfix(39819); ?> (Using $this not in object context can cause segfaults).</li>
<li><?php bugfix(39653); ?> (ext/dba doesn't check for db-4.5 and db-4.4 when db4 support is enabled).</li>
<li><?php bugfix(39583); ?> (ftp_put() does not change transfer mode to ASCII).</li>
<li><?php bugfix(39458); ?> (ftp_nlist() returns false on empty dirs).</li>
<li><?php bugfix(39354); ?> (Allow building of curl extension against libcurl 7.16.0).</li>
<li><?php bugfix(39034); ?> (curl_exec() with return transfer returns TRUE on empty files).</li>
<li><?php bugfix(38963); ?> (Fixed a possible open_basedir bypass in tempnam()).</li>
<li><?php bugfix(38882); ?> (ldap_connect causes segfault with newer versions of OpenLDAP).</li>
<li><?php bugfix(38859); ?> (parse_url() fails if passing '@' in passwd).</li>
<li><?php bugfix(38722); ?> (Calling undefined method prints insufficient error message).</li>
<li><?php bugfix(38534); ?> (segfault when calling setlocale() in userspace session handler).</li>
<li><?php bugfix(38450); ?> (constructor is not called for classes used in userspace stream wrappers).</li>
<li><?php bugfix(38378); ?> (wddx_serialize_value() generates no wellformed xml).</li>
<li><?php bugfix(37812); ?> (aggregate_methods_by_list fails to take certain methods).</li>
<li><?php bugfix(36975); ?> (natcasesort() causes array_pop() to misbehave).</li>
<li><?php bugfix(36248); ?> (CURLOPT_HEADERFUNCTION, couldn't set the function in the class).</li>
<li><?php bugfix(34066); ?> (recursive array_walk causes segfault).</li>
</ul>
There is a <a href="release_4_4_4.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.4.4"><!-- {{{ 4.4.4 -->
<h3>Version 4.4.4</h3>
<?php release_date("17-Aug-2006"); ?>
<ul>
<li>Fixed memory_limit on 64bit systems.</li>
<li>Fixed overflow on 64bit systems in str_repeat() and wordwrap().</li>
<li>Disabled CURLOPT_FOLLOWLOCATION in curl when open_basedir or safe_mode are enabled.</li>
<li>Fixed a memory corruption error with an invalid foreach() call.</li>
<li><?php bugfix(38431); ?> (xmlrpc_get_type() crashes PHP on objects).</li>
<li><?php bugfix(38377); ?> (session_destroy() gives warning after session_regenerate_id()).</li>
<li><?php bugfix(38322); ?> (reading past array in sscanf() leads to arbitary code execution).</li>
<li><?php bugfix(38278); ?> (session_cache_expire()'s value does not match phpinfo's session.cache_expire).</li>
<li><?php bugfix(38251); ?> (socket_select() and invalid arguments).</li>
<li><?php bugfix(38183); ?> (disable_classes=Foobar causes disabled class to be called Foo).</li>
<li><?php bugfix(38112); ?> (corrupted gif segfaults).</li>
<li><?php bugfix(37265); ?> (Added missing safe_mode & open_basedir checks to imap_body()).</li>
<li><?php bugfix(29538); ?> (number_format and problem with 0).</li>
</ul>
There is a <a href="release_4_4_4.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.4.3"><!-- {{{ 4.4.3 -->
<h3>Version 4.4.3</h3>
<?php release_date("03-Aug-2006"); ?>
<ul>
<li>Added control character checks for cURL extension's open_basedir/safe_mode checks.</li>
<li>Added overflow checks to wordwrap() function.</li>
<li>Added a check for special characters in the session name.</li>
<li>Improved safe_mode check for the error_log() function.</li>
<li>Updated PCRE to version 6.6.</li>
<li>Fixed handling of extremely long paths inside tempnam() function.</li>
<li>Fixed XSS inside phpinfo() with long inputs.</li>
<li>Fixed a possible buffer overflow inside create_named_pipe() for Win32 systems in libmysql.c.</li>
<li><?php bugfix(37720); ?> (merge_php_config scrambles values).</li>
<li><?php bugfix(37569); ?> (WDDX incorrectly encodes high-ascii characters).</li>
<li><?php bugfix(37510); ?> (session_regenerate_id changes session_id() even on failure).</li>
<li><?php bugfix(37360); ?> (Memory errors with a corrupt GIF file).</li>
<li><?php bugfix(37348); ?> (Make PEAR install ignore open_basedir).</li>
<li><?php bugfix(37346); ?> (Crashes when using an invalid colormap format).</li>
<li><?php bugfix(37162); ?> (wddx does not build as a shared extension).</li>
<li><?php bugfix(37046); ?> (foreach breaks static scope).</li>
<li><?php bugfix(37045); ?> (Fixed check for special chars for http redirects).</li>
<li><?php bugfix(36857); ?> (Added support for partial content fetching to the HTTP streams wrapper).</li>
<li><?php bugfix(36776); ?> (node_list_wrapper_dtor segfault).</li>
<li><?php bugfix(36459); ?> (Incorrect adding PHPSESSID to links, which contains \r\n).</li>
<li><?php bugfix(36458); ?> (sleep() accepts negative values).</li>
<li><?php bugfix(36242); ?> (Possible memory corruption in stream_select()).</li>
<li><?php bugfix(36223); ?> (curl bypasses open_basedir restrictions).</li>
<li><?php bugfix(36205); ?> (Memory leaks on duplicate cookies).</li>
<li><?php bugfix(36148); ?> (unpack("H*hex", $data) is adding an extra character to the end of the string).</li>
<li><?php bugfix(36017); ?> (fopen() crashes PHP when opening a URL).</li>
</ul>
There is a <a href="release_4_4_3.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.4.2"><!-- {{{ 4.4.2 -->
<h3>Version 4.4.2</h3>
<?php release_date("11-Jan-2006"); ?>
<ul>
<li>Added missing safe_mode/open_basedir checks into cURL extension.</li>
<li>Backported missing imap_mailcompose() fixes from PHP 5.x.</li>
<li>Prevent header injection by limiting each header to a single line.</li>
<li>Fixed possible XSS inside error reporting functionality.</li>
<li>Fixed Apache 2 regression with sub-request handling on non-linux systems.</li>
<li><?php bugfix(35817); ?> (unpack() does not decode odd number of hexadecimal values).</li>
<li><?php bugfix(35735); ?> ($EGREP not defined in configure).</li>
<li><?php bugfix(35669); ?> (imap_mail_compose() crashes with multipart-multiboundary-email).</li>
<li><?php bugfix(35655); ?> (whitespace following end of heredoc is lost).</li>
<li><?php bugfix(35646); ?> (%{mod_php_memory_usage}n is not reset after exit).</li>
<li><?php bugfix(35594); ?> (Multiple calls to getopt() may result in a crash).</li>
<li><?php bugfix(35571); ?> (Fixed crash in Apache 2 SAPI when more then one php script is loaded via SSI include).</li>
<li><?php bugfix(35536); ?> (mysql_field_type() doesn't handle NEWDECIMAL).</li>
<li><?php bugfix(35410); ?> (wddx_deserialize() doesn't handle large ints as keys properly).</li>
<li><?php bugfix(35341); ?> (Fix for bug <?php bugl(33760); ?> breaks build with older curl).</li>
<li><?php bugfix(35278); ?> (Multiple virtual() calls crash Apache 2 php module).</li>
<li><?php bugfix(35257); ?> (Calling ob_flush after creating an ob callback causes segfault).</li>
<li><?php bugfix(35079); ?> (stream_set_blocking(true) toggles, not enables blocking).</li>
<li><?php bugfix(35078); ?> (configure does not find ldap_start_tls_s).</li>
<li><?php bugfix(35071); ?> (Wrong fopen mode used in GD safe-mode checks).</li>
<li><?php bugfix(35067); ?>, <?php bugfix(35063); ?> (key(),current() need to work by reference).</li>
<li><?php bugfix(35062); ?> (socket_read() produces warnings on non blocking sockets).</li>
<li><?php bugfix(35059); ?> (Apache2 crash with mod_rewrite).</li>
<li><?php bugfix(35009); ?> (ZTS: Persistent resource destruct crashes when extension is compiled as shared).</li>
<li><?php bugfix(34996); ?> (ImageTrueColorToPalette() crashes when ncolors is zero).</li>
<li><?php bugfix(34851); ?> (SO_RECVTIMEO and SO_SNDTIMEO socket options expect integer parameter on Windows).</li>
<li><?php bugfix(34830); ?> (the 5th argument of mb_send_mail does not work).</li>
<li><?php bugfix(34359); ?> (Possible crash inside fopen http wrapper).</li>
<li><?php bugfix(33963); ?> (mssql_bind() fails on input parameters).</li>
<li><?php bugfix(33760); ?> (cURL needs CRYPTO_callback functions to prevent locking).</li>
<li><?php bugfix(33720); ?> (mb_encode_mimeheader does not work for multibyte chars).</li>
<li><?php bugfix(33523); ?> (Memory leak in xmlrpc_encode_request()).</li>
<li><?php bugfix(33201); ?> (Crash when fetching some data types).</li>
<li><?php bugfix(33153); ?> (crash in mssql_next result).</li>
<li><?php bugfix(32009); ?> (crash when mssql_bind() is called more than once).</li>
<li><?php bugfix(31971); ?> (ftp_login fails on some SSL servers).</li>
<li><?php bugfix(30760); ?> (Remove MessageBox on win32 for E_CORE errors if display_startup_error is off).</li>
<li><?php bugfix(27678); ?> (number_format() crashes with large numbers).</li>
</ul>
There is a <a href="release_4_4_2.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.4.1"><!-- {{{ 4.4.1 -->
<h3>Version 4.4.1</h3>
<?php release_date("31-Oct-2005"); ?>
<ul>
<li>Added missing safe_mode checks for image* functions and cURL.</li>
<li>Added missing safe_mode/open_basedir checks for file uploads.</li>
<li>Fixed a memory corruption bug regarding included files.</li>
<li>Fixed possible INI setting leak via virtual() in Apache 2 sapi.</li>
<li>Fixed possible crash and/or memory corruption in import_request_variables().</li>
<li>Fixed potential GLOBALS overwrite via import_request_variables().</li>
<li>Fixed possible GLOBALS variable override when register_globals are ON.</li>
<li>Fixed possible register_globals toggle via parse_str().</li>
<li>Added "new_link" parameter to mssql_connect(). Bug <?php bugl(34369); ?>.</li>
<li><?php bugfix(34850); ?> (--program-suffix and --program-prefix not included in man page names).</li>
<li><?php bugfix(34790); ?> (preg_match_all(), named capturing groups, variable assignment/return => crash).</li>
<li><?php bugfix(34742); ?> (ftp wrapper failures caused from segmented command transfer).</li>
<li><?php bugfix(34704); ?> (Infinite recursion due to corrupt JPEG).</li>
<li><?php bugfix(34645); ?> (ctype corrupts memory when validating large numbers).</li>
<li><?php bugfix(34565); ?> (mb_send_mail does not fetch mail.force_extra_parameters).</li>
<li><?php bugfix(34557); ?> (php -m exits with "error" 1).</li>
<li><?php bugfix(34456); ?> (Possible crash inside pspell extension).</li>
<li><?php bugfix(34311); ?> (unserialize() crashes with chars above 191 dec).</li>
<li><?php bugfix(34307); ?> (on_modify handler not called to set the default value if setting from php.ini was invalid).</li>
<li><?php bugfix(34302); ?> (date('W') do not return leading zeros for week 1 to 9).</li>
<li><?php bugfix(34277); ?> (array_filter() crashes with references and objects).</li>
<li><?php bugfix(34191); ?> (ob_gzhandler does not enforce trailing \0).</li>
<li><?php bugfix(34156); ?> (memory usage remains elevated after memory limit is reached).</li>
<li><?php bugfix(34148); ?> (+,- and . not supported as parts of scheme).</li>
<li><?php bugfix(34137); ?> (assigning array element by reference causes binary mess). </li>
<li><?php bugfix(34068); ?> (Numeric string as array key not cast to integer in wddx_deserialize()).</li>
<li><?php bugfix(34064); ?> (arr[] as param to function is allowed only if function receives argument by reference).</li>
<li><?php bugfix(33989); ?> (extract($GLOBALS,EXTR_REFS) crashes PHP).</li>
<li><?php bugfix(33987); ?> (php script as ErrorDocument causes crash in Apache 2). </li>
<li><?php bugfix(33940); ?> (array_map() fails to pass by reference when called recursively).</li>
<li><?php bugfix(33690); ?> (Crash setting some ini directives in httpd.conf).</li>
<li><?php bugfix(33673); ?> (Added detection for partially uploaded files).</li>
<li><?php bugfix(33648); ?> (Using --with-regex=system causes compile failure).</li>
<li><?php bugfix(33558); ?> (Warning with nested calls to functions returning by reference).</li>
<li><?php bugfix(33383); ?> (crash when retrieving empty LOBs).</li>
<li><?php bugfix(33156); ?> (cygwin version of setitimer doesn't accept ITIMER_PROF).</li>
<li><?php bugfix(32937); ?> (open_basedir looses trailing / in the limiter).</li>
<li><?php bugfix(32589); ?> (possible crash inside imap_mail_compose() function).</li>
<li><?php bugfix(32179); ?> (xmlrpc_encode() segfaults with recursive references).</li>
<li><?php bugfix(32160); ?> (copying a file into itself leads to data loss).</li>
<li><?php bugfix(31158); ?> (array_splice on $GLOBALS crashes).</li>
<li><?php bugfix(29983); ?> (PHP does not explicitly set mime type & charset).</li>
<li><?php bugfix(29253); ?> (array_diff with $GLOBALS argument fails).</li>
<li><?php bugfix(21306); ?> (ext/sesssion: catch bailouts of write handler during RSHUTDOWN).</li>
</ul>
There is a <a href="release_4_4_1.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.4.0"><!-- {{{ 4.4.0 -->
<h3>Version 4.4.0</h3>
<?php release_date("11-Jul-2005"); ?>
<ul>
<li>Added man pages for "phpize" and "php-config" scripts.</li>
<li>Added support for .cc files in extensions.</li>
<li>Added the sorting flag SORT_LOCALE_STRING to the sort() functions which makes them sort based on the current locale.</li>
<li>Changed sha1_file() and md5_file() functions to use streams instead of low level IO.</li>
<li>Fixed memory corruptions when using references in a wrong way.</li>
<li>Fixed memory corruption in pg_copy_from() in case the as_null parameter was passed.</li>
<li>Fixed memory corruption in stristr().</li>
<li><?php bugfix(32685); ?>, <?php bugfix(29423); ?> (Segfault when using assignment by reference within function).</li>
<li><?php bugfix(33242); ?> (Mangled error message when stream fails).</li>
<li><?php bugfix(33222); ?> (segfault when CURL handle is closed in a callback).</li>
<li><?php bugfix(33214); ?> (odbc_next_result does not signal SQL errors with 2-statement SQL batches).</li>
<li><?php bugfix(33210); ?> (relax jpeg recursive loop protection).</li>
<li><?php bugfix(33200); ?> (preg_replace(): magic_quotes_sybase=On makes 'e' modifier misbehave).</li>
<li><?php bugfix(33150); ?> (shtool: insecure temporary file creation).</li>
<li><?php bugfix(33072); ?> (Add a safemode/open_basedir check for runtime save_path change).</li>
<li><?php bugfix(33070); ?> (Improved performance of bzdecompress() by several orders of magnitude).</li>
<li><?php bugfix(33057); ?> (Don't send extraneous entity-headers on a 304 as per RFC 2616 section 10.3.5).</li>
<li><?php bugfix(33019); ?> (socket errors cause memory leaks in php_strerror()).</li>
<li><?php bugfix(33017); ?> ("make distclean" gives an error with VPATH build).</li>
<li><?php bugfix(33013); ?> ("next month" was handled wrong while parsing dates).</li>
<li><?php bugfix(32974); ?> (pcntl calls malloc() from a signal handler).</li>
<li><?php bugfix(32944); ?> (Disabling session.use_cookies doesn't prevent reading session cookies).</li>
<li><?php bugfix(32936); ?> (http redirects URLs are not checked for control chars).</li>
<li><?php bugfix(32932); ?> (Oracle LDAP: ldap_get_entries invalid pointer).</li>
<li><?php bugfix(32904); ?> (pg_get_notify() ignores result_type parameter).</li>
<li><?php bugfix(32813); ?> (parse_url() does not handle scheme-only urls properly).</li>
<li><?php bugfix(32810); ?> (temporary files not using plain file wrapper).</li>
<li><?php bugfix(32802); ?> (General cookie overrides more specific cookie).</li>
<li><?php bugfix(32800); ?>, <?php bugfix(32830); ?> (ext/odbc: Problems with 64bit systems).</li>
<li><?php bugfix(32773); ?> (GMP functions break when second parameter is 0).</li>
<li><?php bugfix(32742); ?> (segmentation fault when the stream with a wrapper is not closed).</li>
<li><?php bugfix(32730); ?> (ext/crack.c fails to compile with cracklib-2.8.3).</li>
<li><?php bugfix(32670); ?> (foreach() does not issue warning on unset array arg).</li>
<li><?php bugfix(32699); ?> (pg_affected_rows() was defined when it was not available).</li>
<li><?php bugfix(32682); ?> (ext/mssql: Error on module shutdown when called from activescript).</li>
<li><?php bugfix(32647); ?> (Using register_shutdown_function() with invalid callback can crash PHP).</li>
<li><?php bugfix(32591); ?> (ext/mysql: Unsatisfied symbol: ntohs with HP-UX).</li>
<li><?php bugfix(32589); ?> (Possible crash inside imap_mail_compose, with charsets).</li>
<li><?php bugfix(32587); ?> (Apache2: errors sent to error_log do not include timestamps).</li>
<li><?php bugfix(32567); ?> (ext/gmp fails to compile in threadsafe mode).</li>
<li><?php bugfix(32538); ?> (ext/swf/swf.c does not compile with gcc-3.4.x or newer).</li>
<li><?php bugfix(32530); ?> (chunk_split() does not append endstr if chunklen is longer then the original string).</li>
<li><?php bugfix(32491); ?> (File upload error - unable to create a temporary file).</li>
<li><?php bugfix(32311); ?> (mb_encode_mimeheader() does not properly escape characters).</li>
<li><?php bugfix(32245); ?> (xml_parser_free() in a function assigned to the xml parser gives a segfault).</li>
<li><?php bugfix(32116); ?> (mysql compressed connection doesn't work under windows).</li>
<li><?php bugfix(31887); ?> (ISAPI: Custom 5xx error does not return correct HTTP response message).</li>
<li><?php bugfix(31583); ?> (php_std_date() uses short day names in non-y2k_compliance mode).</li>
<li><?php bugfix(31213); ?> (Sideeffects caused by fix of bug <?php bugfix(29493); ?>).</li>
<li><?php bugfix(30052); ?> (Crash on shutdown after odbc_pconnect()).</li>
<li><?php bugfix(29975); ?> (memory leaks when set_error_handler() is used inside error handler).</li>
<li><?php bugfix(29944); ?> (Function defined in switch, crashes).</li>
<li><?php bugfix(29338); ?> (unencoded spaces get ignored after certain tags).</li>
<li><?php bugfix(28605); ?> (Need to use -[m]ieee option for Alpha CPUs).</li>
<li><?php bugfix(28377); ?> (debug_backtrace is intermittently passing args).</li>
</ul>
There is a <a href="release_4_4_0.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<a id="PHP_4_3"></a>
<section class="version" id="4.3.11"><!-- {{{ 4.3.11 -->
<h3>Version 4.3.11</h3>
<?php release_date("31-Mar-2005"); ?>
<ul>
<li>Added Oracle Instant Client support</li>
<li>Added checks for negative values to gmp_sqrt(), gmp_powm(), gmp_sqrtrem() and gmp_fact() to prevent SIGFPE</li>
<li>Changed phpize not to require libtool</li>
<li>Updated bundled libmbfl library (used for multibyte functions)</li>
<li>Fixed several leaks in ext/browscap and sapi/embed</li>
<li>Fixed several leaks in ext/filepro</li>
<li>Fixed build system to always use bundled libtool files</li>
<li>Fixed MacOSX shared extensions crashing on Apache startup</li>
<li><?php bugfix(32373); ?> (segfault in bzopen() if supplied path to non-existent file).</li>
<li><?php bugfix(32340); ?> (insert_before($node,NULL) does not return).</li>
<li><?php bugfix(32200); ?> (Prevent using both --with-apxs2 and --with-apxs2filter).</li>
<li><?php bugfix(32114); ?> (DOM crashing when attribute appended to Document).</li>
<li><?php bugfix(32063); ?> (mb_convert_encoding ignores named entity 'alpha').</li>
<li><?php bugfix(31960); ?> (msql_fetch_row() and msql_fetch_array() dropping columns with NULL values).</li>
<li><?php bugfix(31936); ?> (set_h_errno() is redefined incompatibly).</li>
<li><?php bugfix(31911); ?> (mb_decode_mimeheader() is case-sensitive to hex escapes).</li>
<li><?php bugfix(31858); ?> (--disable-cli does not force --without-pear).</li>
<li><?php bugfix(31842); ?> (*date('r') does not return RFC2822 conforming date string).</li>
<li><?php bugfix(31797); ?> (exif_read_data() uses too low nesting limit).</li>
<li><?php bugfix(31796); ?> (readline completion handler does not handle empty return values).</li>
<li><?php bugfix(31792); ?> (getrusage() does not provide ru_nswap value).</li>
<li><?php bugfix(31754); ?> (dbase_open() fails for mode = 1).</li>
<li><?php bugfix(31705); ?> (parse_url() does not recognize http://foo.com#bar).</li>
<li><?php bugfix(31684); ?> (dio_tcsetattr(): misconfigured termios settings).</li>
<li><?php bugfix(31699); ?> (unserialize() float problem on non-English locales).</li>
<li><?php bugfix(31623); ?> (OCILogin does not support password grace period).</li>
<li><?php bugfix(31580); ?> (fgetcsv() problematic with "" escape sequences).</li>
<li><?php bugfix(31527); ?> (crash in msg_send() when non-string is stored without being serialized).</li>
<li><?php bugfix(31514); ?> (open_basedir uses path_translated rather then cwd for . translation).</li>
<li><?php bugfix(31480); ?> (Possible infinite loop in imap_mail_compose()).</li>
<li><?php bugfix(31479); ?> (Fixed crash in chunk_split(), when chunklen > strlen).</li>
<li><?php bugfix(31465); ?> (False warning in unpack() when working with *).</li>
<li><?php bugfix(31454); ?> (session_set_save_handler crashes PHP when supplied non-existent object ref).</li>
<li><?php bugfix(31444); ?> (Memory leak in zend_language_scanner.c).</li>
<li><?php bugfix(31442); ?> (unserialize broken on 64-bit systems).</li>
<li><?php bugfix(31440); ?> ($GLOBALS can be overwritten via GPC when register_globals is enabled).</li>
<li><?php bugfix(31413); ?> (curl POSTFIELDS crashes on 64-bit platforms).</li>
<li><?php bugfix(31396); ?> (compile fails with gd 2.0.33 without freetype).</li>
<li><?php bugfix(31371); ?> (highlight_file() trims new line after heredoc).</li>
<li><?php bugfix(31270); ?> (missing safe_mode/open_basedir check in swf_openfile()).</li>
<li><?php bugfix(31174); ?> (compile warning in url.c).</li>
<li><?php bugfix(31159); ?> (COM object access is not working).</li>
<li><?php bugfix(31142); ?> (imap_mail_compose() fails to generate correct output).</li>
<li><?php bugfix(31398); ?> (When magic_guotes_gpc are enabled filenames with ' get cutoff).</li>
<li><?php bugfix(31288); ?> (Possible crash in mysql_fetch_field(), if mysql_list_fields() was not called previously).</li>
<li><?php bugfix(31120); ?> (mssql_query returns false on successful inserts and stored procedures).</li>
<li><?php bugfix(31107); ?>, <?php bugfix(31110); ?>, <?php bugfix(31111); ?>, <?php bugfix(31249); ?> (Compile failure of zend_strtod.c).</li>
<li><?php bugfix(31106); ?> (Fixed crash in overloaded objects).</li>
<li><?php bugfix(31103); ?> (Better error message when c-client cannot be found).</li>
<li><?php bugfix(31101); ?> (missing kerberos header file path with --with-openssl).</li>
<li><?php bugfix(31072); ?> (var_export() does not output an array element with an empty string key).</li>
<li><?php bugfix(31060); ?> (imageftbbox() does not use linespacing parameter).</li>
<li><?php bugfix(31056); ?> (php_std_date() returns invalid formatted date if y2k_compliance is On).</li>
<li><?php bugfix(31055); ?> (apache2filter: per request leak proportional to the full path of the request URI).</li>
<li><?php bugfix(30726); ?> (-.1 like numbers are not being handled correctly).</li>
<li><?php bugfix(30609); ?> (cURL functions bypass open_basedir).</li>
<li><?php bugfix(30573); ?> (compiler warnings in libmbfl due to invalid type cast).</li>
<li><?php bugfix(30549); ?> (incorrect character translations for some ISO8859 charsets).</li>
<li><?php bugfix(30446); ?> (apache2handler: virtual() includes files out of sequence)</li>
<li><?php bugfix(30430); ?> (odbc_next_result() doesn't bind values and that results in segfault).</li>
<li><?php bugfix(30120); ?> (imagettftext() and imagettfbbox() accept too many parameters).</li>
<li><?php bugfix(29733); ?> (printf() handles repeated placeholders wrong).</li>
<li><?php bugfix(29424); ?> (width and height inverted for JPEG2000 files).</li>
<li><?php bugfix(28976); ?> (mail(): use "From:" from headers if sendmail_from is empty).</li>
<li><?php bugfix(28930); ?> (PHP sources pick wrong header files generated by bison).</li>
<li><?php bugfix(28804); ?> (ini-file section parsing pattern is buggy).</li>
<li><?php bugfix(28803); ?> (enabled debug causes bailout errors with CLI on AIX because of fflush() called on already closed filedescriptor).</li>
<li><?php bugfix(28451); ?> (corrupt EXIF headers have unlimited recursive IFD directory entries).</li>
<li><?php bugfix(28220); ?> (mb_strwidth() returns wrong width values for some handful chars).</li>
<li><?php bugfix(28086); ?> (crash inside overload() function).</li>
<li><?php bugfix(28074); ?> (FastCGI: stderr should be written in a FCGI stderr stream).</li>
<li><?php bugfix(28067); ?> (partially incorrect utf8 to htmlentities mapping).</li>
<li><?php bugfix(27633); ?> (Double \r problem on ftp_get in ASCII mode on Win32).</li>
<li><?php bugfix(18613); ?> (Multiple OUs in x509 certificate not handled properly).</li>
<li><?php bugfix(7782); ?> (Cannot use PATH_INFO fully with php isapi).</li>
</ul>
There is a <a href="release_4_3_11.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.3.10"><!-- {{{ 4.3.10 -->
<h3>Version 4.3.10</h3>
<?php release_date("14-Dec-2004"); ?>
<ul>
<li>Added the %F modifier to *printf to render a non-locale-aware representation of a float with the . as decimal separator.</li>
<li>Fixed a bug in addslashes() handling of the '\0' character.</li>
<li>Backported Marcus' foreach() speedup patch from PHP 5.x.</li>
<li>Fixed potential problems with unserializing invalid serialize data.</li>
<li><?php bugfix(31034); ?> (Problem with non-existing iconv header file).</li>
<li><?php bugfix(31024); ?> (Crash in fgetcsv() with negative length).</li>
<li><?php bugfix(31019); ?> (Logic error mssql library checking).</li>
<li><?php bugfix(30995); ?> (snmp extension does not build with net-snmp 5.2).</li>
<li><?php bugfix(30990); ?> (allow popen() on *NIX to accept 'b' flag).</li>
<li><?php bugfix(30826); ?> (Certain reference relations cannot be unserialized properly).</li>
<li><?php bugfix(30750); ?> (Meaningful error message when upload directory is not accessible).</li>
<li><?php bugfix(30739); ?> (imagefill does not set back alphablending mode).</li>
<li><?php bugfix(30672); ?> (Problem handling exif data in jpeg images at unusual places).</li>
<li><?php bugfix(30658); ?> (Ensure that temporary files created by GD are removed).</li>
<li><?php bugfix(30654); ?> (oci8 persistent connection is deleted from hash if there was exclusive connection with the same credentials).</li>
<li><?php bugfix(30613); ?> (Prevent infinite recursion in url redirection).</li>
<li><?php bugfix(30587); ?> (array_multisort doesn't separate zvals before changing them).</li>
<li><?php bugfix(30475); ?> (curl_getinfo() may crash in some situations).</li>
<li><?php bugfix(30442); ?> (segfault when parsing ?getvariable[][ ).</li>
<li><?php bugfix(30388); ?> (rename across filesystems loses ownership and permission info).</li>
<li><?php bugfix(30282); ?> (segfault when using unknown/unsupported session.save_handler and/or session.serialize_handler).</li>
<li><?php bugfix(30281); ?> (Prevent non-wbmp images from being detected as such).</li>
<li><?php bugfix(30276); ?> (Possible crash in ctype_digit on large numbers).</li>
<li><?php bugfix(30229); ?> (imagerectangle and imagefilledrectangle do work well with alpha channel, corners are drawn twice).</li>
<li><?php bugfix(30224); ?> (Sybase date strings are sometimes not null terminated).</li>
<li><?php bugfix(30133); ?> (get_current_user() crashes on Windows).</li>
<li><?php bugfix(30057); ?> (did not detect IPV6 on FreeBSD 4.1).</li>
<li><?php bugfix(30027); ?> (Possible crash inside ftp_get()).</li>
<li><?php bugfix(29805); ?> (HTTP Authentication Issues).</li>
<li><?php bugfix(29418); ?> (double free when openssl_csr_new fails)..</li>
<li><?php bugfix(28598); ?> (Lost support for MS Symbol fonts).</li>
<li><?php bugfix(28325); ?> (Circular references not properly serialized).</li>
<li><?php bugfix(28228); ?> (NULL decimal separator is not being handled correctly).</li>
<li><?php bugfix(27469); ?> (serialize() objects of incomplete class).</li>
</ul>
There is a <a href="release_4_3_10.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.3.9"><!-- {{{ 4.3.9 -->
<h3>Version 4.3.9</h3>
<?php release_date("22-Sep-2004"); ?>
<ul>
<li>GPC input processing fixes.</li>
<li>Implemented periodic PCRE compiled regexp cache cleanup, to avoid memory exhaustion.</li>
<li>Fixed bug with raw_post_data not getting set.</li>
<li>Fixed a file-descriptor leak with phpinfo() and other 'special' URLs.</li>
<li>Rewritten UNIX and Windows install help files.</li>
<li>Updated PCRE to provide better error handling in certain cases.</li>
<li>NSAPI: added "bucket" parameter to list of non-php.ini-keys of php4_execute for doing performance stats without warnings in server-log.</li>
<li>Fixed leap year checking with idate().</li>
<li>Fixed strip_tags() to correctly handle '\0' characters.</li>
<li>Fixed funny forking effect in FastCGI when PHP_FCGI_CHILDREN was not set.</li>
<li><?php bugfix(30050); ?> (Possible crash inside php_shutdown_config()).</li>
<li><?php bugfix(29882); ?> (isset crashes on arrays).</li>
<li><?php bugfix(29753); ?> (mcal_fetch_event() allows 2nd argument to be optional).</li>
<li><?php bugfix(29727); ?> (Added missing CURL authentication directives).</li>
<li><?php bugfix(29719); ?> (fgetcsv() has problem parsing strings ending with escaped enclosures).</li>
<li><?php bugfix(29607); ?> (highlighting code with HEREDOC produces invalid output).</li>
<li><?php bugfix(29599); ?> (domxml_error segfaults another apache module).</li>
<li><?php bugfix(29594); ?> (Use PHP's own tmpfile() implementation).</li>
<li><?php bugfix(29581); ?> (Typo inside php.ini comments for mysql.trace_mode).</li>
<li><?php bugfix(29493); ?> (extract(array, EXTR_REFS) misbehaves with elements referred twice or more times).</li>
<li><?php bugfix(29443); ?> (Sanity check for wbmp detection).</li>
<li><?php bugfix(29369); ?> (Uploaded files with ' or " in their names get their names truncated at those characters).</li>
<li><?php bugfix(29349); ?> (imagecreatefromstring() crashes with external GD library).</li>
<li><?php bugfix(29333); ?> (output_buffering+trans_sess_id can corrupt output).</li>
<li><?php bugfix(29226); ?> (ctype_* functions missing validation of numeric string representations).</li>
<li><?php bugfix(29209); ?> (imap_fetchbody() doesn't check message index).</li>
<li><?php bugfix(29116); ?> (Zend constant warning uses memory after free).</li>
<li><?php bugfix(29114); ?> (Potential double free in php_stat).</li>
<li><?php bugfix(29075); ?> (strnatcmp() incorrectly handles whitespace).</li>
<li><?php bugfix(29049); ?> (array sorting via user function/method does not validate it).</li>
<li><?php bugfix(29038); ?> (extract() with EXTR_PREFIX_SAME prefixes empty strings).</li>
<li><?php bugfix(29034); ?> (wordwrap() returns a boolean when passed empty string).</li>
<li><?php bugfix(28974); ?> (overflow in array_slice(), array_splice(), substr, substr_replace(), strspn(), strcspn()).</li>
<li><?php bugfix(28897); ?> (ibase: -1 returned as -0.000 for 64-bit scaled int).</li>
<li><?php bugfix(28879); ?> (Implicit/Explicit array creation inconsistency when using Resources, Arrays, or Objects as indices).</li>
<li><?php bugfix(28878); ?> (Setting of inikey's in obj.conf fails).</li>
<li><?php bugfix(28868); ?> (Internal wrapper registry not thread safe).</li>
<li><?php bugfix(28818); ?> (Apache 2 sapis do not export st_dev).</li>
<li><?php bugfix(28800); ?> (strings beginning with "inf" improperly converted).</li>
<li><?php bugfix(28723); ?> (Fixed mbstring config.m4 to work on OSes where test command does not support -e parameter).</li>
<li><?php bugfix(28692); ?> (\0 in Authenticate header passed via safe_mode).</li>
<li><?php bugfix(28670); ?> (WWW-Authentication header mangling with PCRE in safe_mode adds extra spaces).</li>
<li><?php bugfix(28668); ?> (glob() does not work with relative paths on Windows).</li>
<li><?php bugfix(28649); ?> (Proper glob() return value on Linux when there are no matches).</li>
<li><?php bugfix(28633); ?> (sprintf incorrectly adding padding to floats).</li>
<li><?php bugfix(28627); ?> (When multiple MySQL links are used default link is leaked).</li>
<li><?php bugfix(28525); ?> (gmp_powm() does not work with hexadecimal string modulo represented as a string).</li>
<li><?php bugfix(28512); ?> (Allocate enough space to store MSSQL data).</li>
<li><?php bugfix(28466); ?> (mbstring_convert_variables() array separation problem).</li>
<li><?php bugfix(28175); ?> (Allow bundled GD to compile against freetype 2.1.2).</li>
</ul>
There is a <a href="release_4_3_9.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.3.8"><!-- {{{ 4.3.8 -->
<h3>Version 4.3.8</h3>
<?php release_date("13-Jul-2004"); ?>
<ul>
<li>Fixed strip_tags() to correctly handle '\0' characters. (Stefan)</li>
<li>Improved stability during startup when memory_limit is used. (Stefan)</li>
<li>Replace alloca() with emalloc() for better stack protection. (Ilia)</li>
<li>Added missing safe_mode checks inside ftok and itpc. (Ilia)</li>
<li><?php bugfix(28963); ?> Fixed address allocation routine in IMAP extension. (Ilia)</li>
<li><?php bugfix(28632); ?> Prevent open_basedir bypass via MySQL's LOAD DATA LOCAL. (Ilia)</li>
</ul>
There is a <a href="release_4_3_8.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.3.7"><!-- {{{ 4.3.7 -->
<h3>Version 4.3.7</h3>
<?php release_date("03-Jun-2004"); ?>
<ul>
<li>Upgraded bundled GD library to 2.0.23. (Ilia)</li>
<li>Changed user error handler mechanism to relay to built-in error handler if it returns false. (Andrei)</li>
<li>Fixed command line escaping routines for win32. (Ilia)</li>
<li>Fixed problems with *printf() functions and '%f' formatting. (Marcus)</li>
<li>Fixed possible crash inside pg_copy_(to|from) function if delimiter is more then 1 character long. (Ilia)</li>
<li>Fixed crash inside cpdf_place_inline_image() when working with true-color images. (Ilia)</li>
<li>Fixed handling of return values from stored procedures in mssql_execute() with multiple result sets returned. (Frank)</li>
<li>Fixed logic bug in session_register() which allowed registering _SESSION and/or HTTP_SESSION_VARS. (Sara)</li>
<li><?php bugfix(28597); ?> (xmlrpc_encode_request() incorrectly encodes chars in 200-210 range). (fernando dot nemec at folha dot com dot br, Ilia)</li>
<li><?php bugfix(28569); ?> (informix connection id is not thread safe). (novicky at aarongroup dot cz, Ard)</li>
<li><?php bugfix(28564); ?> (Problem building informix as a shared extension). (roques at mti dot ag, Ilia)</li>
<li><?php bugfix(28508); ?> (Do not make hypot() available if not supported by libc). (Ilia)</li>
<li><?php bugfix(28506); ?> (Allow negative start angle in imagearc and imagefilledarc). (Pierre)</li>
<li><?php bugfix(28456); ?> (Problem with enclosed / in uploaded files). (Antony)</li>
<li><?php bugfix(28386); ?> (wordwrap() wraps lines 1 character too soon). (Ilia)</li>
<li><?php bugfix(28374); ?> (Possible unterminated loop inside _php_pgsql_trim_message()). (Ilia)</li>
<li><?php bugfix(28355); ?> (glob() does not return error on Linux when it does not have permission to open the directory). (Ilia)</li>
<li><?php bugfix(28289); ?> (incorrect resolving of relative paths by glob() in windows). (Ilia)</li>
<li><?php bugfix(28229); ?> (run-tests tripped up by spaces in names). (Marcus)</li>
<li><?php bugfix(28228); ?> (number_format() does not allow empty decimal separator). (Ilia)</li>
<li><?php bugfix(28196); ?> (missing error constants in cURL extension). (Ilia)</li>
<li><?php bugfix(28187); ?> (parse_url() not handling embedded IPv6 in URLs). (Sara)</li>
<li><?php bugfix(28175); ?> (build problem for people using FreeType 2.1.0-2.1.2). (Ilia)</li>
<li><?php bugfix(28147); ?> (Crash with drawing anti-aliased lines). (Derick)</li>
<li><?php bugfix(28122); ?> (dba_open db3: Permission denied). (Marcus)</li>
<li><?php bugfix(28112); ?> (sqlite_query() crashing apache on malformed query). (Ilia, Marcus)</li>
<li><?php bugfix(28055); ?> (timeout duration too long in feof()/pfsockopen() liveness checks). (Wez)</li>
<li><?php bugfix(28087); ?> (Do not force mysql.trace_mode to 0 on every request). (Ilia)</li>
<li><?php bugfix(28042); ?> (greek letters in html to entity mapping not correct). (Derick)</li>
<li><?php bugfix(28007); ?> (compile mssql extension with old versions of FreeTDS fails). (Frank)</li>
<li><?php bugfix(27995); ?> (imagefilltoborder() stops the fill process prematurely). (Ilia)</li>
<li><?php bugfix(27810); ?> (don't use php's pemalloc in ext/pcre). (Joe Orton)</li>
<li><?php bugfix(23220); ?> (SSL: fatal protocol error when talking to IIS). (Wez)</li>
</ul>
There is a <a href="release_4_3_7.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.3.6"><!-- {{{ 4.3.6 -->
<h3>Version 4.3.6</h3>
<?php release_date("15-Apr-2004"); ?>
<ul>
<li>Updated bundled PDFLib library to version 5.0.3p1 in Windows distribution. (Edin)</li>
<li>Synchronized bundled GD library with GD 2.0.22. (Ilia)</li>
<li>Fixed a crash in multi-threaded environments when a thread is shutdown by the web server. (Stas)</li>
<li>Fixed a bug that prevented building of the GD extension against external GD lib 1.X. (Ilia, Edin, Nick Talbott).</li>
<li><?php bugfix(27963); ?> (Session lifetime setting may leak between requests). (Ilia)</li>
<li><?php bugfix(27849); ?> (configure craps out on trivial syntax error). (Derick)</li>
<li><?php bugfix(27822); ?> (is_resource() returns TRUE for closed resources). (Derick)</li>
<li><?php bugfix(27819); ?> (problems returning reference to a reference parameter). (Ilia)</li>
<li><?php bugfix(27809); ?> (ftp_systype returns null on some ftp servers). (Ilia)</li>
<li><?php bugfix(27802); ?> (default number of children to 8 when PHP_FCGI_CHILDREN is not defined). (Ilia)</li>
<li><?php bugfix(27780); ?> (strtotime(+1 xxx) returns a wrong date/time). (Derick)</li>
<li><?php bugfix(27769); ?> (domxml_xmltree crashes). (Rob)</li>
<li><?php bugfix(27764); ?> (Get return value from a stored procedure not returning any result sets). (Frank)</li>
<li><?php bugfix(27762); ?> (SCO Openserver doesn't have S_ISSOCK). (Wez)</li>
<li><?php bugfix(27743); ?> (Make sure Money types are converted and returned correctly). (Frank)</li>
<li><?php bugfix(27732); ?> (Fixed compilation bug inside php_sab_info.h). (Ilia)</li>
<li><?php bugfix(27731); ?> (error_reporting() inside @ block fails to set error_reporting level). (Ilia)</li>
<li><?php bugfix(27719); ?> (mktime issues on and around DST changeover). (Rasmus)</li>
<li><?php bugfix(27717); ?> (Test Failures when compiled on 64-bit mode). (Ard, Derick)</li>
<li><?php bugfix(27687); ?> (Bug Adding Default Charset to 'text/*' Content-Type Header). (Marcus)</li>
<li><?php bugfix(27663); ?> (compile failure with cURL 7.11.1). (Ilia)</li>
<li><?php bugfix(27646); ?> (Cannot serialize/unserialize non-finite numeric values). (Marcus)</li>
<li><?php bugfix(26757); ?> (session.save_path default is bogus for win32). (Wez)</li>
<li><?php bugfix(26589); ?> (Crash inside mssql extension when selecting many columns of type money). (Frank)</li>
<li><?php bugfix(25547); ?> (error_handler and array index with function call). cschneid at cschneid dot com)</li>
</ul>
There is a <a href="release_4_3_6.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.3.5"><!-- {{{ 4.3.5 -->
<h3>Version 4.3.5</h3>
<?php release_date("26-Mar-2004"); ?>
<ul>
<li>Fixed possible crash using an invalid color index with a palette image in imagecolortransparent (Pierre)</li>
<li>Fixed php-cgi to not ignore command-line switches when run in a web context. This fixes our test cases allowing INI with GET sections to work (Rasmus)</li>
<li>Fixed getopt() so it works without $_SERVER (Rasmus, bfrance)</li>
<li>Fixed crash in php_ini_scanned_files() when no additional INI files were actually parsed. (Jon)</li>
<li>Fixed possible crashes inside socket extension, due to missing check inside allocation functions. (Ilia)</li>
<li>Fixed zero bytes memory allocation when no extra ini files are found in the --with-config-file-scan-dir specified directory. (Eric Colinet, Derick)</li>
<li>Changed "allow_url_fopen" php.ini option to be PHP_INI_SYSTEM. (Sara)</li>
<li>Improved the sybase_ct module: (Timm)
<ul>
<li>Added ability to define a message handler not only globally, but also per connection.</li>
<li>Added "sybct.packet_size" php.ini option.</li>
<li>Changed "sybct.login_timeout" php.ini option changeable at runtime.</li>
<li>Fixed memory leak in sybase_set_message_handler().</li>
</ul></li>
<li>Synchronized bundled GD library with GD 2.0.17</li>
<li>Upgraded PCRE library to version 4.5. (Andrei)</li>
<li>Updated bundled PostgreSQL library to version 7.4 in Windows distribution. (Edin)</li>
<li>Added support for --program-prefix and --program-suffix configure options. (Jani)</li>
<li>Added a warning when creating temp stream fails with ftp_(n)list(). (Sara)</li>
<li>Fixed header handler in NSAPI SAPI module (header->replace was ignored, send_default_content_type now sends value from php.ini). (Uwe Schindler)</li>
<li><?php bugfix(27633); ?> (Incorrect EOL translation by ftp_get() in ASCII mode). (Ilia)</li>
<li><?php bugfix(27600); ?> (GCC 3.0.4 does not like __attribute__ directive). (Sascha)</li>
<li><?php bugfix(27590); ?> (crash during shutdown when freeing persistent resources in ZTS mode). (Ilia)</li>
<li><?php bugfix(27582); ?> (possible crashes in imagefilltoborder()). (Pierre)</li>
<li><?php bugfix(27580); ?> (pre-initialization errors in ap2 handler are not being written to vhost error log). (Ilia)</li>
<li><?php bugfix(27559); ?> (Corrected open_basedir resolving logic). (Ilia)</li>
<li><?php bugfix(27530); ?> (broken http auth when safe_mode is on and PCRE is disabled). (Ilia)</li>
<li><?php bugfix(27509); ?> (broken getaddrinfo() causes fsockopen() error). (Sara)</li>
<li><?php bugfix(27505); ?> (htmlentities() does not handle BIG5 correctly). (Ilia, ywliu at hotmail dot com)</li>
<li><?php bugfix(27498); ?> (bogus safe_mode error on nonexistent directories for chdir() and opendir() functions). (Ilia)</li>
<li><?php bugfix(27460); ?> (base64_decode() does not handle extra padding). (Ilia, naish at klanen dot net)</li>
<li><?php bugfix(27443); ?> (defined() returns wrong type). (Derick)</li>
<li><?php bugfix(27437); ?> (wrong freetype include inside GD library). (Ilia)</li>
<li><?php bugfix(27424); ?> (headers missing on flush() in apache 2 SAPIs). (Ilia)</li>
<li><?php bugfix(27421); ?> (mbstring.func_overload should be system ini setting). (Ilia)</li>
<li><?php bugfix(27384); ?> (unpack() misbehaves with 1 char string). (GeorgeS)</li>
<li><?php bugfix(27383); ?> (Potential crash inside fopen_wrapper, while parsing response code). (Ilia)</li>
<li><?php bugfix(27354); ?> (Modulus operator crashes PHP). (Derick)</li>
<li><?php bugfix(27341); ?> (HEAD requests fail to return data). (Ilia)</li>
<li><?php bugfix(27337); ?> (missing sapi_shutdown() in sapi/isapi causes memory leak). (Jani, msisolak at yahoo dot com)</li>
<li><?php bugfix(27328); ?> (ftp extension relies on 32-bit longs). (Sara)</li>
<li><?php bugfix(27300); ?> (Improved regex for pg_convert()). (benjcarson at digitaljunkies dot ca, Ilia)</li>
<li><?php bugfix(27295); ?> (memory leak inside sscanf()). (Ilia)</li>
<li><?php bugfix(27293); ?> (two crashes inside image2wbmp()). (Ilia)</li>
<li><?php bugfix(27291); ?> (get_browser matches browscap.ini patterns incorrectly). (Jay)</li>
<li><?php bugfix(27278); ?> (*printf() functions treat arguments as if passed by reference). (Ilia)</li>
<li><?php bugfix(27238); ?> (iptcparse() function misses some fields). (Pierre)</li>
<li><?php bugfix(27235); ?> (Interbase NUMERIC x.0 field returns empty string on 0). (Ard)</li>
<li><?php bugfix(27196); ?> (Missing content_length initialization in apache 2 sapis). (Ilia, pdoru at kappa dot ro)</li>
<li><?php bugfix(27183); ?> (userland stream wrapper segfaults on stream_write). (Moriyoshi)</li>
<li><?php bugfix(27175); ?> (tzset() is not being called by PHP on startup). (Ilia, sagawa at sohgoh dot net)</li>
<li><?php bugfix(27172); ?> (Possible floating point exception in gmp_powm()). (Ilia)</li>
<li><?php bugfix(27171); ?> (crash inside gmp_hamdist()). (Jani)</li>
<li><?php bugfix(27157); ?> (Compile Failure on Solaris 8). (Timm)</li>
<li><?php bugfix(27149); ?> (broken CLOB support in oci8 extension). (Antony)</li>
<li><?php bugfix(27135); ?> (Possible crash inside mb_strlen()). (Moriyoshi)</li>
<li><?php bugfix(27104); ?> (CLI/CGI SAPI module variable name conflict). (Marcus)</li>
<li><?php bugfix(27058); ?> (crash in sybase_connect() with 2 arguments). (Ilia)</li>
<li><?php bugfix(27056); ?> (ints used instead of longs inside some GD functions). (Ilia)</li>
<li><?php bugfix(27040); ?> (passing an array of form-fields to CURLOPT_POSTFIELDS does not work). (Ilia, Jani)</li>
<li><?php bugfix(27037); ?> (fixed possible crash in apache2handler output code). (Ilia)</li>
<li><?php bugfix(27026); ?> (Added "cgi.nph" php.ini option to allow forcing of the 'Status: 200' header that is not normally needed). (Ilia)</li>
<li><?php bugfix(27011); ?> (64bit int/long confusion in preg_match*() functions). (Ilia)</li>
<li><?php bugfix(27007); ?> (missing connection closure when connect fails in pgsql). (Ilia)</li>
<li><?php bugfix(26974); ?> (rename() doesn't check the destination file against safe_mode/open_basedir). (Ilia)</li>
<li><?php bugfix(26973); ?> (*printf() '+' modifier broken). (Jani)</li>
<li><?php bugfix(26969); ?> (--with-openssl=shared build fails). (Jani)</li>
<li><?php bugfix(26968); ?> (Segfault with Interbase module built as shared). (Ard)</li>
<li><?php bugfix(26949); ?> (rand(min,max) always returns min when ZTS enabled). (Jani)</li>
<li><?php bugfix(26937); ?> (Warning in xml.c). (Jani)</li>
<li><?php bugfix(26927); ?> (preg_quote() does not escape \0). (Ilia)</li>
<li><?php bugfix(26923); ?> (ext/imap: pam and crypt libraries missing when build as shared extension). (Jani)</li>
<li><?php bugfix(26909); ?> (crash in imap_mime_header_decode() when no encoding is used). (Ilia)</li>
<li><?php bugfix(26896); ?> (ext/ftp does not work as shared extension). (Jani)</li>
<li><?php bugfix(26892); ?> (ORA-21301 in ocinewcollection() call). (Antony)</li>
<li><?php bugfix(26878); ?> (problem with multiple references to the same variable with different types). (Ilia)</li>
<li><?php bugfix(26864); ?> (pg_(update|delete) ignore PGSQL_DML_EXEC option). (Ilia)</li>
<li><?php bugfix(26862); ?> (ob_flush() followed by output_reset_rewrite_vars() may result in data loss). (Ilia, scottmacvicar at ntlworld dot com)</li>
<li><?php bugfix(26847); ?> (memory leak in mail() when to/subject contain only spaces). (Ilia)</li>
<li><?php bugfix(26814); ?> (When included file has a parse error, terminate script execution). (Ilia)</li>
<li><?php bugfix(26777); ?> (ext/interbase: Let DB handle NULL params). (Ard)</li>
<li><?php bugfix(26772); ?>, <?php bugl(26967); ?> (file operations return NULL instead of FALSE). (Wez, Ilia)</li>
<li><?php bugfix(26758); ?> (FastCGI exits immediately with status 255). (Ilia, tcarter at noggin dot com dot au)</li>
<li><?php bugfix(26755); ?> (CLI now overrides php.ini settings and switches off output buffering). (Edin)</li>
<li><?php bugfix(26753); ?> (zend_fetch_list_dtor_id() doesn't check NULL strings). (Jani, Markus dot Lidel at shadowconnect dot com)</li>
<li><?php bugfix(26752); ?> (Silent unterminated loop when length parameter for fgets(), fread() and fgetss() is 0). (Ilia)</li>
<li><?php bugfix(26751); ?> (PHP can't find the MySQL socket on a case sensitive file system). (Derick)</li>
<li><?php bugfix(26703); ?> (Certain characters inside strings incorrectly treated as keywords). (vrana [at] php [dot] net, Ilia)</li>
<li><?php bugfix(26699); ?> (mbstring doesn't identify "binary" as a valid encoding). (nirva-php at ishiboo dot com, Moriyoshi)</li>
<li><?php bugfix(26667); ?> (Added safety checks to ip2long()). (Ilia)</li>
<li><?php bugfix(26653); ?> (open_basedir incorrectly resolved on win32). (Ilia, scottmacvicar at ntlworld dot com)</li>
<li><?php bugfix(26639); ?> (mb_convert_variables() clutters variables beyond the references). (Moriyoshi)</li>
<li><?php bugfix(26635); ?> (fixed look up for fonts in the current directory w/ZTS). (Ilia)</li>
<li><?php bugfix(26625); ?> (pg_convert sets NULL incorrectly for character data types). (Ilia)</li>
<li><?php bugfix(26604); ?> (Apache2 SAPIs implicitly disable Keep-Alive). (Ilia)</li>
<li><?php bugfix(26595); ?> (ext/domxml: XSLT_NAMESPACE undeclared). (Christian)</li>
<li><?php bugfix(26565); ?> (strtotime("this month") resolving to the wrong month). (Jani)</li>
<li><?php bugfix(26564); ?> (ncurses5 has headers in PREFIX/include/ncurses/). (Jani)</li>
<li><?php bugfix(26548); ?> (ext/session: Malformed HTTP dates headers). (Derick)</li>
<li><?php bugfix(26531); ?> (ext/domxml: get_elements_by_tag_name() wildcard fails). (Rob Richards)</li>
<li><?php bugfix(26488); ?> (Missing declaration of CRTSCTS in ext/dio/dio.c). (Jani)</li>
<li><?php bugfix(26467); ?> (flock() does not force the "wouldblock" parameter to be passed by reference). (Wez)</li>
<li><?php bugfix(26463); ?> (Incorrect handling of semicolons after heredoc). (Ilia)</li>
<li><?php bugfix(26462); ?> (phpize + ext/bcmath -> compile error). (Jani)</li>
<li><?php bugfix(26461); ?> (-lssl missing from LIBS). (Jani)</li>
<li><?php bugfix(26458); ?> (var_dump(), var_export(), debug_zval_dump() not binary safe for array keys). (Ilia)</li>
<li><?php bugfix(26447); ?> (--with-openssl=shared causes compile errors). (Jani)</li>
<li><?php bugfix(26446); ?> (domxml_open_file() returns an empty error-Array). (Rob)</li>
<li><?php bugfix(26440); ?> (MFH missing context options). (Ilia)</li>
<li><?php bugfix(26438); ?> (error in thttpd SAPI installation). (Jani)</li>
<li><?php bugfix(26415); ?> (Updated bundled OpenSSL DLLs in the Windows distribution to 0.9.7c). (Edin)</li>
<li><?php bugfix(26407); ?> (Result set fetching broken around transactions). (Timm)</li>
<li><?php bugfix(26391); ?> (parse_url() destroys strings that contain a character in range of \x80-\xff)). (Moriyoshi)</li>
<li><?php bugfix(26384); ?> (crash in domxslt->process()). (Christian)</li>
<li><?php bugfix(26381); ?> (rand() without srand() doesn't work with certain php.ini). (Jani)</li>
<li><?php bugfix(26376); ?> (typo in ext/odbc/config.m4: DBMaker test fails). (Jani)</li>
<li><?php bugfix(26355); ?> (flock() doesn't initialize the wouldblock argument). (Ilia)</li>
<li><?php bugfix(26309); ?> (Fixed argument parsing for imageftbbox()). (Ilia)</li>
<li><?php bugfix(26304); ?> (Unexpected data loss when opening dba file). (Marcus)</li>
<li><?php bugfix(26285); ?> (escapeshellarg() uses wrong quotes on windows). (Ilia)</li>
<li><?php bugfix(26267); ?> (gmp_random() leaks memory and does not produce random numbers). (Jani)</li>
<li><?php bugfix(26253); ?> (ext/tokenizer: build as shared extension fails). (Jani)</li>
<li><?php bugfix(26235); ?> (yp_first/yp_next do not specify correct key length). (Ilia)</li>
<li><?php bugfix(26216); ?> ("getimagesize(): stream does not support seeking" when using remote files). (Marcus)</li>
<li><?php bugfix(26201); ?> (crash in ibase_trans() on invalid link handle). (Ilia)</li>
<li><?php bugfix(26198); ?> (strtotime() handling of M/F Y date format). (Ilia)</li>
<li><?php bugfix(26194); ?> (iconv() not properly defined with libiconv). (Steph, Frank, Moriyoshi)</li>
<li><?php bugfix(26176); ?> (Fixed handling of numeric keys in INI files). (Ilia)</li>
<li><?php bugfix(26168); ?> (shtool availability check in phpize). (robbat2 at gentoo dot org, Ilia)</li>
<li><?php bugfix(26148); ?> (Print the notice before modifying variable on type mismatch). (morten-bugs dot php dot net at afdelingp dot dk, Ilia)</li>
<li><?php bugfix(26128); ?> (mbstring prints out wrong information on phpinfo()). (Moriyoshi)</li>
<li><?php bugfix(26113); ?> (remove leftover local file when ftp_get/ftp_nb_get fails). (Ilia)</li>
<li><?php bugfix(26105); ?> (Compile failure on GCC version 3.0.X). (Ilia)</li>
<li><?php bugfix(26103); ?> (ext/mime_magic causes compile failure in ext/mssql). (Jani)</li>
<li><?php bugfix(26097); ?> (gdImageColorClosestAlpha() returns incorrect results). (sprice at wisc dot edu, Ilia)</li>
<li><?php bugfix(26042); ?> (memory leak if mcrypt_generic_deinit() is not called after every mcrypt_generic_init() call). (Ilia)</li>
<li><?php bugfix(26025); ?> (Segfault on glob() without GLOB_NOCHECK or GLOB_NOMAGIC under *BSD platforms). (Moriyoshi)</li>
<li><?php bugfix(26005); ?> (Random "cannot change the session ini settings" errors). (Jani, jsnajdr at kerio dot com)</li>
<li><?php bugfix(26003); ?> (Make fgetcsv() binary safe). (Ilia, Moriyoshi)</li>
<li><?php bugfix(25963); ?> (PostgreSQL error message include \n characters). (Marcus, Ilia)</li>
<li><?php bugfix(25939); ?> (feof() not working correctly for sockets). (Wez)</li>
<li><?php bugfix(25916); ?> (get_browser() -> PHP Fatal error: Nesting level too deep - recursive dependency?). (Uwe Schindler)</li>
<li><?php bugfix(25794); ?> (Cannot open existing hash db3 file with write" ext/dba). (Marcus)</li>
<li><?php bugfix(25753); ?> (php.ini settings "leak" from vhosts/.htaccess files). (Patch by: rover at tob dot ru)</li>
<li><?php bugfix(25694); ?> (round() and number_format() give inconsistent results). (Ilia)</li>
<li><?php bugfix(25664); ?> (calling ITypeInfo::Invoke with bogus params). (Wez)</li>
<li><?php bugfix(25581); ?> (getimagesize () return incorrect values on bitmap (os2) files). (Marcus)</li>
<li><?php bugfix(25329); ?> (sqlite_create_function with method and reference to $this). (Marcus).</li>
<li><?php bugfix(24773); ?> (unsetting string as array causes a crash). (Sara)</li>
<li><?php bugfix(24773); ?> (Unsetting string offsets crashes PHP). (Moriyoshi, Sara)</li>
<li><?php bugfix(24582); ?> (extensions can't be loaded dynamically in Solaris/iPlanet). (Jani)</li>
<li><?php bugfix(23467); ?> (date('T') outputs incorrect Time Zone). (Jani, scottmacvicar at ntlworld dot com)</li>
<li><?php bugfix(22403); ?> (PHP crashes when executing a sql procedure without parameters). (Timm)</li>
<li><?php bugfix(22127); ?> (Invalid response code when force-cgi-redirect safety mechanism is triggered). (Ilia, scottmacvicar at ntlworld dot com)</li>
<li><?php bugfix(21760); ?> (Use of uninitialized pointer inside php_read()). (Ilia, uce at ftc dot gov)</li>
<li><?php bugfix(21513); ?> (shutdown functions not executed if timed out). (Zeev)</li>
<li><?php bugfix(21070); ?> (ftp_genlist/ANSI-tmpfile() fail w/ some platform). (Sara)</li>
</ul>
There is a <a href="release_4_3_5.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.3.4"><!-- {{{ 4.3.4 -->
<h3>Version 4.3.4</h3>
<?php release_date("03-Nov-2003"); ?>
<ul>
<li>Made MCVE extension available on win32. (Jani)</li>
<li>Upgraded bundled libfcgi and made FastCGI support viable on Win32. (Sascha)</li>
<li>Added apache_get_version() function. (Ilia)</li>
<li>Fixed disk_total_space() and disk_free_space() under FreeBSD. (Jon Parise)</li>
<li>Fixed crash bug when non-existing save/serializer handler was used. (Jani)</li>
<li>Fixed memory leak in gethostbynamel() if an error occurs. (Sara)</li>
<li>Fixed FastCGI being unable to bind to a specific IP. (Sascha)</li>
<li>Fixed multibyte regex engine to properly handle ".*" pattern under POSIX compatible mode. (K.Kosako <kosako at sofnec.co.jp>, Moriyoshi)</li>
<li><?php bugfix(25955); ?> (Compile failure on MacOSX 10.3 Panther). (Marko, Dan)</li>
<li><?php bugfix(25923); ?> (mail() modifies the to & subject arguments). (Ilia)</li>
<li><?php bugfix(25922); ?> (Crash in error handler when 5th argument is modified). (Ilia) </li>
<li><?php bugfix(25918); ?> (Possible crash in mime_content_type()). (Ilia)</li>
<li><?php bugfix(25900); ?> (document->get_elements_by_tag_name with default xmlns). (Rob)</li>
<li><?php bugfix(25895); ?> (Incorrect detection of safe_mode limited ini options). (Ilia)</li>
<li><?php bugfix(25888); ?> (Crash of php.exe when xpath_eval of a namespace). (Rob)</li>
<li><?php bugfix(25836); ?> (last key of multi-dimensional array passed via GPC not being escaped when magic_quotes_gpc is on). (Ilia)</li>
<li><?php bugfix(25825); ?> (tzset() was not called to reset libc environment on request shutdown). (Wez)</li>
<li><?php bugfix(25814); ?> (Make flock() return correct value when 3rd argument is used). (Ilia)</li>
<li><?php bugfix(25800); ?> (parse_url() could not parse urls with empty port). (Ilia)</li>
<li><?php bugfix(25780); ?> (ext/session: invalid "session.cookie_lifetime" makes session_start() to crash in win32). (Jani)</li>
<li><?php bugfix(25777); ?> (Do not rtrim() of text fields fetched from mssql). (Ilia)</li>
<li><?php bugfix(25764); ?> (ldap_get_option() crashes with unbound ldap link). (Jani)</li>
<li><?php bugfix(25758); ?> (var_export does not escape ' & \ inside array keys). (Ilia)</li>
<li><?php bugfix(25752); ?> (ext/ncurses: ncurses.h instead of curses.h with BSD). (Jani)</li>
<li><?php bugfix(25746); ?> (Do not bail out when unable to chdir original dir on systems with broken getcwd()). (Ilia)</li>
<li><?php bugfix(25745); ?> (ctype functions fail with non-ascii characters). (Moriyoshi)</li>
<li><?php bugfix(25744); ?> (make ZTS build of ext/sybase compile). (Ilia)</li>
<li><?php bugfix(25738); ?> (alloca() related issues on the Darwin platform). (Moriyoshi)</li>
<li><?php bugfix(25708); ?> (extract($GLOBALS, EXTR_REFS) mangles $GLOBALS). (Moriyoshi)</li>
<li><?php bugfix(25707); ?> (html_entity_decode() over-decodes &lt;). (Moriyoshi)</li>
<li><?php bugfix(25703); ?> (openssl configure check failed). (Jani)</li>
<li><?php bugfix(25701); ?> (On flush() set headers_sent in apache2handler). (Ilia)</li>
<li><?php bugfix(25671); ?> (str_replace() corrupts subarrays). (Sara)</li>
<li><?php bugfix(25669); ?> (eregi() with non-ascii characters). (Moriyoshi)</li>
<li><?php bugfix(25665); ?> (var_dump() hangs on Nan and INF). (Ilia)</li>
<li><?php bugfix(25648); ?> (xslt_set_encoding() not detected correctly). (Jani)</li>
<li><?php bugfix(25636); ?> (SNMP Session not closed on success). (Ilia, patch by: nesslage at mwsc dot edu)</li>
<li><?php bugfix(25635); ?> (Make "make tests" to fail due to invalid include_path). (Ilia)</li>
<li><?php bugfix(25604); ?> (HAVE_SNMP_PARSE_OID undefined with phpize build). (Jani)</li>
<li><?php bugfix(25583); ?> (Incorrect handling of paths starting with "/" on win32 inside glob() function). (Ilia)</li>
<li><?php bugfix(25570); ?> (Possible crash in apache2handler when zend_bailout called outside of zend_try {} block). (Ilia)</li>
<li><?php bugfix(25558); ?> (ext/dbase: reverted fix for bug <?php bugl(23463); ?>). (Vlad)</li>
<li><?php bugfix(25530); ?> (checkdate() incorrectly handles floats). (Ilia)</li>
<li><?php bugfix(25525); ?> (ldap_explode_dn() crashes when passed invalid dn). (Sara, patch by: mikael dot suvi at trigger dot ee)</li>
<li><?php bugfix(25504); ?> (pcre_match_all() crashes when passed only 2 parameters). (Jani)</li>
<li><?php bugfix(25483); ?> (ext/informix: bogus -469 error from ifx_query()). (Jani, patch by: denisov at kubsu dot ru)</li>
<li><?php bugfix(25463); ?> (ext/cpdf: compile failure with bundled GD)</li>
<li><?php bugfix(25429); ?> (fix copying of stdin using copy() function). (Ilia)</li>
<li><?php bugfix(25424); ?> (ext/informix: lvarchar not supported in win32). (Jani)</li>
<li><?php bugfix(25404); ?> (ext/pgsql: open transactions not closed when script ends). (Marcus)</li>
<li><?php bugfix(25385); ?> (ob_gzhandler(): typo in sapi_add_header_ex() call). (Jani)</li>
<li><?php bugfix(25378); ?> (unserialize() crashes with invalid data). (Jani)</li>
<li><?php bugfix(25372); ?> (sscanf() does not work with %X). (Jani)</li>
<li><?php bugfix(25348); ?> ("make install" fails with --enable-short-tags). (Jani)</li>
<li><?php bugfix(25343); ?> (is_dir() gives warning on FreeBSD). (Jani)</li>
<li><?php bugfix(25333); ?> (Possible body corruption & crash in win32 mail()). (Ilia)</li>
<li><?php bugfix(25316); ?> (Possible infinite loop inside _php_stream_write()). (Ilia)</li>
<li><?php bugfix(25314); ?> (FTP_ASCII mode behaving like binary from Win->Unix). (Sara)</li>
<li><?php bugfix(25308); ?> (php -m crashes when zend extensions are loaded). (Stas)</li>
<li><?php bugfix(25307); ?> (Crash with WDDX serializer). (Sascha, Jani)</li>
<li><?php bugfix(25295); ?> (QNX6: php_ini.c:414: 'alphasort' undeclared). (Jani)</li>
<li><?php bugfix(25294); ?> (ext/ftp: NLST failure leads to crash on exit). (Sara, Rob)</li>
<li><?php bugfix(25293); ?> (Output correct EOL to error_log). (Ilia)</li>
<li><?php bugfix(25239); ?> (ftp_fopen_wrapper not RFC compliant). (Sara)</li>
<li><?php bugfix(25218); ?> ("deflate" compressed pages had a gzip header). (Stefan)</li>
<li><?php bugfix(25211); ?> (image.c compile failure with AIX). (Marcus)</li>
<li><?php bugfix(25166); ?> (WDDX serializer handler missing in win32). (Jani)</li>
<li><?php bugfix(25109); ?> (Possible crash when fetching field names in pgsql). (Ilia)</li>
<li><?php bugfix(25106); ?> (Added more stringent checks on bzopen() mode). (Ilia)</li>
<li><?php bugfix(25070); ?> (unlock session files on win32 before closing them). (Ilia)</li>
<li><?php bugfix(24402); ?> (Compile failure with gettext 0.12.x). (Jani)</li>
<li><?php bugfix(23488); ?> (zlib.output_compression overrides Vary header). (Stefan)</li>
<li><?php bugfix(23326); ?> (ext/domxml: Attributes via append_child not supported). (Melvyn)</li>
<li><?php bugfix(21220); ?> (Wrong Apache version shown in phpinfo() output). (Jani)</li>
<li><?php bugfix(14049); ?> (realpath() returns invalid results for non-existent paths). (Ilia)</li>
</ul>
There is a <a href="release_4_3_4.php">separate announcement</a> available for this release.<br>
<!-- }}} --></section>
<section class="version" id="4.3.3"><!-- {{{ 4.3.3 -->
<h3>Version 4.3.3</h3>
<?php release_date("25-Aug-2003"); ?>
<ul>
<li>Synchronized bundled GD library with GD 2.0.15. (Ilia)</li>
<li>Upgraded the bundled Expat library to version 1.95.6. (Jani)</li>
<li>Upgraded the bundled PCRE library to version 4.3. (Andrei)</li>
<li>Improved the engine to use POSIX/socket IO where feasible. (Sascha)</li>
<li>Improved the NSAPI SAPI module (Uwe Schindler)
<ul>
<li>php4_init (magnus.conf): new parameter to set alternate path to php.ini. (php_ini="/path/to/php.ini")</li>
<li>php4_execute (obj.conf): support for additional php.ini values. Allows different settings per virtual server. (See sapi/nsapi/nsapi-readme.txt for more information)</li>
<li>Added support for virtual().</li>
<li>Added nsapi_request_headers() and nsapi_response_headers() with aliases for apache compatibility.</li>
<li>Added "nsapi.read_timeout" php.ini option. </li>
<li>Synced $_SERVER variables to be similar to Apache variables.</li>
<li>Added possibility to use PHP to generate HTTP error pages (404 Not Found..)</li>
<li>Added possibility to use PHP to generate directory listings for directories without index.html</li>
</ul>
</li>
<li>Improved the IMAP extension (Ilia)
<ul>
<li>Added imap_timeout() function. (bug <?php bugl(24161); ?>)</li>
<li>Added optional 'charset' parameter to imap_search() and imap_sort(). (bug <?php bugl(22505); ?>)</li>
</ul>
</li>
<li>Improved the InterBase extension (Daniela)
<ul>
<li>Added transaction constants: IBASE_REC_VERSION, IBASE_REC_NO_VERSION, IBASE_WRITE, IBASE_WAIT and IBASE_CONCURRENCY. (bugs <?php bugl(8797); ?>, <?php bugl(23887); ?>)</li>
<li>Made numeric/decimal datatype handling work on any platform.</li>
</ul>
</li>
<li>Added DBA handler 'inifile' to support ini files. (Marcus)</li>
<li>Added a "DEBUG" note to 'php -v' output when --enable-debug is used. (Derick)</li>
<li>Added long options into CLI & CGI (e.g. --version). (Marcus)</li>
<li>Added a new parameter to preg_match*() that can be used to specify the starting offset in the subject string to match from. (Andrei)</li>
<li>Fixed possible integer overflows in:
<ul>
<li>base64_encode(). (Moriyoshi)</li>
<li>bundled GD library. (Ilia)</li>
</ul>
</li>
<li>Fixed "mysql.connect_timeout" php.ini option to be settable with ini_set(). (Rasmus)</li>
<li>Fixed ext/yaz to not log if "yaz.log_file" php.ini option is not set. (Adam)</li>
<li>Fixed a bug in bundled libmysql (mysql bug <a href="http://bugs.mysql.com/564">564</a>). (Georg)</li>
<li>Fixed ext/exif to honor "magic_quotes_runtime" php.ini option. (Marcus)</li>
<li>Fixed FastCGI IIS document root problem. (Shane)</li>
<li>Fixed corruption of multibyte character including 0x5c as second byte in multipart/form-data. (Rui)</li>
<li>Fixed possible crash in imagerotate() when an invalid color index is used for background color. (Pierre-Alain Joye)</li>
<li>Fixed a bug that under certain circumstances could invalidate safe_mode. (Ilia)</li>
<li>Fixed certificate version and allowed setting of the serial number in openssl_csr_sign(). (Stefan Roehrich)</li>
<li>Fixed each() to be binary safe for keys. (Zeev)</li>
<li><?php bugfix(25093); ?> (Various leaks due to non-freed queries). (Ilia)</li>
<li><?php bugfix(25084); ?> (Make refer check not dependant on register_globals). (Ilia)</li>
<li><?php bugfix(25081); ?> (odbc_fetch_array() may mangle numeric fields). (Ilia)</li>
<li><?php bugfix(25044); ?> (header("Location:") changing HTTP status). (Marcus)</li>
<li><?php bugfix(25037); ?> (Possible infinite loop inside SendText()). (Ilia)</li>
<li><?php bugfix(25007); ?> (rand() & mt_rand() seed RNG every call). (Jani)</li>
<li><?php bugfix(24989); ?> (external libexpat conflicts with bundled libexpat). (Jani)</li>
<li><?php bugfix(24980); ?> (array_reduce() uses first element as default running total). (Ilia)</li>
<li><?php bugfix(24977); ?> (Revert mysql_select_db optimization). (Ilia)</li>
<li><?php bugfix(24958); ?> (Incorrect handling of 404s). (Ilia, Justin)</li>
<li><?php bugfix(24951); ?> (ob_flush() needlessly destroys output handler). (Ilia)</li>
<li><?php bugfix(24936); ?> (ext/fdf not linked properly as shared extension). (Jani)</li>
<li><?php bugfix(24909); ?> (Bad random numbers with ZTS builds on Solaris). (Ilia)</li>
<li><?php bugfix(24897); ?> (inconsistent behavior of shuffle() & array_multisort()). (Ilia, Jani)</li>
<li><?php bugfix(24883); ?> (variables_order and gpc_order being ignored). (Ilia)</li>
<li><?php bugfix(24873); ?> (incorrect handling of / inside open_basedir). (Ilia)</li>
<li><?php bugfix(24871); ?> (methods misidentified as constructors). (Ilia)</li>
<li><?php bugfix(24827); ?> (ob_gzhandler overrides Vary header). (Ilia)</li>
<li><?php bugfix(24792); ?> (--enable-zend-multibyte causes random segfaults with ZTS). (fujimoto)</li>
<li><?php bugfix(24783); ?> (foreach($ar as $key => $val), $key not binary safe). (Zeev)</li>
<li><?php bugfix(24760); ?> (non-default SNMP port number not working). (Jani)</li>
<li><?php bugfix(24752); ?> (Unhandled "uniqueidentifier" field type). (Ilia, s.sonnenberg[at]coolspot.de)</li>
<li><?php bugfix(24710); ?> (Crash when $obj->{0} is used). (Zeev)</li>
<li><?php bugfix(24663); ?> (\n. sequences were not being escaped). (Ilia)</li>
<li><?php bugfix(24640); ?> (var_export() and var_dump() can not output large floats). (Marcus)</li>
<li><?php bugfix(24629); ?> (FreeBSD select() does not like large microseconds values). (Mirco Bauer).</li>
<li><?php bugfix(24609); ?> (ext/domxml: segfault when using replace node across different docs). (Rob Richards)</li>
<li><?php bugfix(24594); ?> (Rewrite of the imagefill() function). (Pierre-Alain Joye)</li>
<li><?php bugfix(24592); ?> (NULL related crash in session extension). (Sascha)</li>
<li><?php bugfix(24573); ?> (debug_backtrace() crashes if $this set to null). (Jani)</li>
<li><?php bugfix(24560); ?> (parse_url() incorrectly handling certain file:// based schemas). (Ilia)</li>
<li><?php bugfix(24557); ?> (make fclose() respect refcount on the resource). (Wez, Ilia)</li>
<li><?php bugfix(24537); ?> (apache2 compile misses some include directories). (Jani)</li>
<li><?php bugfix(24535); ?> (ext/mysql: crash when retrieving data from unbuffered result after the original connection has been changed). (Ilia)</li>
<li><?php bugfix(24519); ?> (aggregate_methods_by_list() does not increment refcount).</li>
<li><?php bugfix(24313); ?> (file_exists() warning on non-existent files when open_basedir is used). (Ilia)</li>
<li><?php bugfix(24312); ?> (base64_decode() does not skip 0xF0-0xFF characters). (gereon.steffens[at]onvista.de, Ilia)</li>
<li><?php bugfix(24284); ?> (Fixed memory leak inside pg_ping()). (Ilia)</li>
<li><?php bugfix(24249); ?> (fdf_add_doc_javascript() not available on Windows). (Edin)</li>
<li><?php bugfix(24224); ?> (ibase_blob_get() overflow). (Ard)</li>
<li><?php bugfix(24223); ?> (missing variable initialization in bundled gd). (Ilia)</li>
<li><?php bugfix(24220); ?> (range() didn't handle numeric strings correctly). (Ilia)</li>
<li><?php bugfix(24210); ?> (not detecting assume_default_colors - typo). (Sara)</li>
<li><?php bugfix(24198); ?> (Invalid recursion detection in array_merge_recurcive()). (Ilia)</li>
<li><?php bugfix(24177); ?> (Status not set correctly after flush() in Apache 2). (Ilia)</li>
<li><?php bugfix(24155); ?> (gdImageRotate270 incorrectly use x parameter for y axis). ([email protected], Ilia)</li>
<li><?php bugfix(24150); ?> (crash in imap_fetch_overview() & imap_rfc822_write_address()). (Ilia)</li>
<li><?php bugfix(24142); ?> (workaround for a gcc bug affecting round()). (Marcus, Ilia)</li>
<li><?php bugfix(24063); ?> (serialize() missing 0 after the . on scientific notation). (Marcus, Ilia)</li>
<li><?php bugfix(24063); ?> (scientific notation broken in *printf()). (Ilia)</li>
<li><?php bugfix(24060); ?> (ncurses_del_panel() causes segfault). (Georg)</li>
<li><?php bugfix(24054); ?> (Integer overflow failure with GCC/x86 for *=). (Sascha)</li>
<li><?php bugfix(24028); ?> (Reading raw post message by php://input failed). (Jani)</li>
<li><?php bugfix(24009); ?> (FastCGI handling of file not found). (Shane)</li>
<li><?php bugfix(24007); ?> (Problem with register_globals & arrays). (Ilia)</li>
<li><?php bugfix(23951); ?> (constants in static initializers clobbered by inheritance). (Wez, Zend Engine)</li>
<li><?php bugfix(23936); ?> (ext/interbase: fail to select and fetch). (Ard)</li>
<li><?php bugfix(23913); ?> (make rename() work across partitions on *nix). (Ilia)</li>
<li><?php bugfix(23912); ?> (Invalid CSS in phpinfo() output). (Ilia)</li>
<li><?php bugfix(23902); ?> (NULL in CGI header output). (Shane)</li>