Restore old NEWS file, and re-add new entry.

ircmaxell · ircmaxell · commit e778b03307ef · 2012-06-28T22:43:59.000-04:00
This fixes a merge artifact where the 5.4 NEWS
file was accidentally brought in.
diff --git a/NEWS b/NEWS
@@ -2,338 +2,6 @@ PHP                                                                        NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 201?, PHP 5.5.0
 
-- Core:
-  . Fixed bug #62357 (compile failure: (S) Arguments missing for built-in
-    function __memcmp). (Laruence)
-  . Fixed bug #61998 (Using traits with method aliases appears to result in
-    crash during execution). (Dmitry)
-  . Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that
-    includes a semi-colon). (Pierrick)
-  . Fixed potential overflow in _php_stream_scandir (CVE-2012-2688). 
-    (Jason Powell, Stas)
-  . Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed 
-    Salt). (Anthony Ferrara)
-
-- EXIF:
-  . Fixed information leak in ext exif (discovered by Martin Noga, 
-    Matthew "j00ru" Jurczyk, Gynvael Coldwind)
-
-- FPM:
-  . Fixed bug #62205 (php-fpm segfaults (null passed to strstr)). (fat)
-  . Fixed bug #62160 (Add process.priority to set nice(2) priorities). (fat)
-  . Fixed bug #62153 (when using unix sockets, multiples FPM instances
-  . Fixed bug #62033 (php-fpm exits with status 0 on some failures to start).
-    (fat)
-  . Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm). (fat)
-  . Fixed bug #61835 (php-fpm is not allowed to run as root). (fat)
-  . Fixed bug #61295 (php-fpm should not fail with commented 'user'
-  . Fixed bug #61218 (FPM drops connection while receiving some binary values
-    in FastCGI requests). (fat)
-  . Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat)
-    for non-root start). (fat)
-  . Fixed bug #61026 (FPM pools can listen on the same address). (fat)
-    can be launched without errors). (fat)
-
-- Iconv:
-  . Fix bug #55042 (Erealloc in iconv.c unsafe). (Stas)
-
-- Intl:
-  . Fixed bug #62083 (grapheme_extract() memory leaks). (Gustavo)
-  . ResourceBundle constructor now accepts NULL for the first two arguments.
-    (Gustavo)
-  . Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called
-    twice). (Gustavo)
-  . Fixed bug #62070 (Collator::getSortKey() returns garbage). (Gustavo)
-  . Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks
-    pattern). (Gustavo)
-
-- libxml:
-  . Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM
-    SAPI). (Gustavo)
-
-- Readline:
-  . Fixed bug #62186 (readline fails to compile - void function should not
-    return a value). (Johannes)
-
-- Reflection:
-  . Fixed bug #62384 (Attempting to invoke a Closure more than once causes 
-    segfault). (Felipe)
-  . Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks 
-    with constant). (Laruence)
-
-- Sockets:
-  . Fixed bug #62025 (__ss_family was changed on AIX 5.3). (Felipe)
-    
-- XML Writer:
-  . Fixed bug #62064 (memory leak in the XML Writer module). 
-    (jean-pierre dot lozi at lip6 dot fr)
-
-- Zip:
-  . Upgraded libzip to 0.10.1 (Anatoliy)
-
-14 Jun 2012, PHP 5.4.4
-
-- COM:
-  . Fixed bug #62146 com_dotnet cannot be built shared. (Johannes)
-
-- CLI Server:
-  . Implemented FR #61977 (Need CLI web-server support for files with .htm & 
-    svg extensions). (Sixd, Laruence)
-  . Improved performance while sending error page, this also fixed
-    bug #61785 (Memory leak when access a non-exists file without router).
-    (Laruence)
-  . Fixed bug #61546 (functions related to current script failed when chdir() 
-    in cli sapi). (Laruence, reeze.xia@gmail.com)
-
-- CURL:
-  . Fixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction).
-    (Laruence)
-
-- Core:
-  . Fixed missing bound check in iptcparse(). (chris at chiappa.net)
-  . Fixed CVE-2012-2143. (Solar Designer)
-  . Fixed bug #62097 (fix for for bug #54547). (Gustavo)
-  . Fixed bug #62005 (unexpected behavior when incrementally assigning to a 
-    member of a null object). (Laruence)
-  . Fixed bug #61978 (Object recursion not detected for classes that implement
-    JsonSerializable). (Felipe)
-  . Fixed bug #61991 (long overflow in realpath_cache_get()). (Anatoliy)
-  . Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config).
-    (Laruence)
-  . Fixed bug #61827 (incorrect \e processing on Windows) (Anatoliy)
-  . Fixed bug #61782 (__clone/__destruct do not match other methods when checking
-    access controls). (Stas)
-  . Fixed bug #61761 ('Overriding' a private static method with a different 
-    signature causes crash). (Laruence)
-  . Fixed bug #61730 (Segfault from array_walk modifying an array passed by
-    reference). (Laruence)
-  . Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown 
-    phase). (Laruence)
-  . Fixed bug #61660 (bin2hex(hex2bin($data)) != $data). (Nikita Popov)
-  . Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables
-    (without apache2)). (Laruence)
-  . Fixed bug #61605 (header_remove() does not remove all headers). (Laruence)
-  . Fixed bug #54547 (wrong equality of string numbers). (Gustavo)
-  . Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename
-    set to null). (Anatoliy)
-  . Changed php://fd to be available only for CLI.
-
-- PDO:
-  . Fixed bug #61755 (A parsing bug in the prepared statements can lead to
-    access violations). (Johannes)
-
-- Phar:
-  . Fix bug #61065 (Secunia SA44335, CVE-2012-2386). (Rasmus)
-
-- Pgsql:
-  . Added pg_escape_identifier/pg_escape_literal. (Yasuo Ohgaki)
-
-- Fileinfo
-  . Fixed bug #61812 (Uninitialised value used in libmagic). 
-    (Laruence, Gustavo)
-  . Fixed bug #61566 failure caused by the posix lseek and read versions
-    under windows in cdf_read(). (Anatoliy)
-  . Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a
-    directory descriptor under windows. (Anatoliy)
-
-- Intl
-  . Fixed bug #62082 (Memory corruption in internal function 
-    get_icu_disp_value_src_php()). (Gustavo)
-
-- Libxml:
-  . Fixed bug #61617 (Libxml tests failed(ht is already destroyed)).
-    (Laruence)
-
-- Zlib:
-  . Fixed bug #61820 (using ob_gzhandler will complain about headers already 
-    sent when no compression). (Mike)
-  . Fixed bug #61443 (can't change zlib.output_compression on the fly). (Mike)
-  . Fixed bug #60761 (zlib.output_compression fails on refresh). (Mike)
-
-08 May 2012, PHP 5.4.3
-
-- CGI
-  . Re-Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823.
-    (Stas)
-  . Fix bug #61807 - Buffer Overflow in apache_request_headers.
-    (nyt-php at countercultured dot net). 
-
-03 May 2012, PHP 5.4.2
-
-- Fix PHP-CGI query string parameter vulnerability, CVE-2012-1823. (Rasmus)
-
-26 Apr 2012, PHP 5.4.1
-
-- CLI Server:
-  . Fixed bug #61461 (missing checks around malloc() calls). (Ilia)
-  . Implemented FR #60850 (Built in web server does not set 
-    $_SERVER['SCRIPT_FILENAME'] when using router). (Laruence)
-  . "Connection: close" instead of "Connection: closed" (Gustavo)
-
-- Core:
-  . Fixed crash in ZTS using same class in many threads. (Johannes)
-  . Fixed bug #61374 (html_entity_decode tries to decode code points that don't
-    exist in ISO-8859-1). (Gustavo)
-  . Fixed bug #61273 (call_user_func_array with more than 16333 arguments 
-    leaks / crashes). (Laruence)
-  . Fixed bug #61225 (Incorrect lexing of 0b00*+<NUM>). (Pierrick)
-  . Fixed bug #61165 (Segfault - strip_tags()). (Laruence)
-  . Fixed bug #61106 (Segfault when using header_register_callback). (Nikita
-    Popov)
-  . Fixed bug #61087 (Memory leak in parse_ini_file when specifying
-    invalid scanner mode). (Nikic, Laruence)
-  . Fixed bug #61072 (Memory leak when restoring an exception handler).
-    (Nikic, Laruence)
-  . Fixed bug #61058 (array_fill leaks if start index is PHP_INT_MAX).
-    (Laruence)
-  . Fixed bug #61052 (Missing error check in trait 'insteadof' clause). (Stefan)
-  . Fixed bug #61011 (Crash when an exception is thrown by __autoload
-    accessing a static property). (Laruence)
-  . Fixed bug #61000 (Exceeding max nesting level doesn't delete numerical 
-    vars). (Laruence)
-  . Fixed bug #60978 (exit code incorrect). (Laruence)
-  . Fixed bug #60911 (Confusing error message when extending traits). (Stefan)
-  . Fixed bug #60801 (strpbrk() mishandles NUL byte). (Adam)
-  . Fixed bug #60717 (Order of traits in use statement can cause a fatal
-    error). (Stefan)
-  . Fixed bug #60573 (type hinting with "self" keyword causes weird errors).
-    (Laruence)
-  . Fixed bug #60569 (Nullbyte truncates Exception $message). (Ilia)
-  . Fixed bug #52719 (array_walk_recursive crashes if third param of the
-    function is by reference). (Nikita Popov)
-  . Improve performance of set_exception_handler while doing reset (Laruence)
-
-- fileinfo:
-  . Fix fileinfo test problems. (Anatoliy Belsky)
-
-- FPM
-  . Fixed bug #61430 (Transposed memset() params in sapi/fpm/fpm/fpm_shm.c).
-    (michaelhood at gmail dot com, Ilia)
-
-- Ibase
-  . Fixed bug #60947 (Segmentation fault while executing ibase_db_info).
-    (Ilia)
-
-- Installation
-  . Fixed bug #61172 (Add Apache 2.4 support). (Chris Jones)
-
-- Intl:
-  . Fixed bug #61487 (Incorrent bounds checking in grapheme_strpos).
-    (Stas)
-
-- mbstring:
-  . MFH mb_ereg_replace_callback() for security enhancements. (Rui)
-
-- mysqli
-  . Fixed bug #61003 (mysql_stat() require a valid connection). (Johannes).
-
-- mysqlnd
-  . Fixed bug #61704 (Crash apache, phpinfo() threading issue). (Johannes)
-  . Fixed bug #60948 (mysqlnd FTBFS when -Wformat-security is enabled).
-    (Johannes)
-
-- Readline:
-  . Fixed bug #61088 (Memory leak in readline_callback_handler_install).
-    (Nikic, Laruence)
-
-- Session
-  . Fixed bug #60634 (Segmentation fault when trying to die() in 
-    SessionHandler::write()). (Ilia)
-
-- SOAP
-  . Fixed bug #61423 (gzip compression fails). (Ilia)
-  . Fixed bug #60887 (SoapClient ignores user_agent option and sends no
-    User-Agent header). (carloschilazo at gmail dot com)
-  . Fixed bug #60842, #51775 (Chunked response parsing error when 
-    chunksize length line is > 10 bytes). (Ilia)
-  . Fixed bug #49853 (Soap Client stream context header option ignored).
-    (Dmitry)
-
-- PDO
-  . Fixed bug #61292 (Segfault while calling a method on an overloaded PDO 
-    object). (Laruence)
-
-- PDO_mysql
-  . Fixed bug #61207 (PDO::nextRowset() after a multi-statement query doesn't
-    always work). (Johannes)
-  . Fixed bug #61194 (PDO should export compression flag with myslqnd).
-    (Johannes)
-
-- PDO_odbc
-  . Fixed bug #61212 (PDO ODBC Segfaults on SQL_SUCESS_WITH_INFO). (Ilia)
-
-- Phar
-  . Fixed bug #61184 (Phar::webPhar() generates headers with trailing NUL
-    bytes). (Nikita Popov)
-
-- Reflection:
-  . Implemented FR #61602 (Allow access to the name of constant
-    used as function/method parameter's default value). (reeze.xia@gmail.com)
-  . Fixed bug #60968 (Late static binding doesn't work with 
-    ReflectionMethod::invokeArgs()). (Laruence)
-
-- SPL:
-  . Fixed bug #61453 (SplObjectStorage does not identify objects correctly).
-    (Gustavo)
-  . Fixed bug #61347 (inconsistent isset behavior of Arrayobject). (Laruence)
-
-- Standard:
-  . Fixed memory leak in substr_replace. (Pierrick)
-  . Make max_file_uploads ini directive settable outside of php.ini (Rasmus)
-  . Fixed bug #61409 (Bad formatting on phpinfo()). (Jakub Vrana)
-  . Fixed bug #60222 (time_nanosleep() does validate input params). (Ilia)
-  . Fixed bug #60106 (stream_socket_server silently truncates long unix socket
-    paths). (Ilia)
-
-- XMLRPC:
-  . Fixed bug #61264 (xmlrpc_parse_method_descriptions leaks temporary
-    variable). (Nikita Popov)
-  . Fixed bug #61097 (Memory leak in xmlrpc functions copying zvals). (Nikita
-    Popov)
-
-- Zlib:
-  . Fixed bug #61306 (initialization of global inappropriate for ZTS). (Gustavo)
-  . Fixed bug #61287 (A particular string fails to decompress). (Mike)
-  . Fixed bug #61139 (gzopen leaks when specifying invalid mode). (Nikita Popov)
-
-01 Mar 2012, PHP 5.4.0 
-
-- Installation:
-  . autoconf 2.59+ is now supported (and required) for generating the
-    configure script with ./buildconf. Autoconf 2.60+ is desirable
-    otherwise the configure help order may be incorrect.  (Rasmus, Chris Jones)
-
-- Removed legacy features:
-  . break/continue $var syntax. (Dmitry)
-  . Safe mode and all related php.ini options. (Kalle)
-  . register_globals and register_long_arrays php.ini options. (Kalle)
-  . import_request_variables(). (Kalle)
-  . allow_call_time_pass_reference. (Pierrick)
-  . define_syslog_variables php.ini option and its associated function. (Kalle)
-  . highlight.bg php.ini option. (Kalle)
-  . safe_mode, safe_mode_gid, safe_mode_include_dir,
-    safe_mode_exec_dir, safe_mode_allowed_env_vars and
-    safe_mode_protected_env_vars php.ini options.
-  . zend.ze1_compatibility_mode php.ini option.
-  . Session bug compatibility mode (session.bug_compat_42 and
-    session.bug_compat_warn php.ini options). (Kalle)
-  . session_is_registered(), session_register() and session_unregister()
-    functions. (Kalle)
-  . y2k_compliance php.ini option. (Kalle)
-  . magic_quotes_gpc, magic_quotes_runtime and magic_quotes_sybase
-    php.ini options. get_magic_quotes_gpc, get_magic_quotes_runtime are kept
-    but always return false, set_magic_quotes_runtime raises an
-    E_CORE_ERROR. (Pierrick, Pierre)
-  . Removed support for putenv("TZ=..") for setting the timezone. (Derick)
-  . Removed the timezone guessing algorithm in case the timezone isn't set with
-    date.timezone or date_default_timezone_set(). Instead of a guessed
-    timezone, "UTC" is now used instead. (Derick)
-
-- Moved extensions to PECL:
-  . ext/sqlite.  (Note: the ext/sqlite3 and ext/pdo_sqlite extensions are
-    not affected) (Johannes)
->>>>>>> PHP-5.4
-
 - General improvements:
   . Drop Windows XP and 2003 support. (Pierre)
   . World domination
@@ -344,6 +12,8 @@ PHP                                                                        NEWS
     (Nikita Popov)
 
 - Core:
+  . Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed 
+    Salt). (Anthony Ferrara)
   . Added boolval(). (Jille Timmermans).
   . Fixed bug #61681 (Malformed grammar). (Nikita Popov, Etienne, Laruence).
   . Fixed bug #61038 (unpack("a5", "str\0\0") does not work as expected).
