- Primary hosting provider of php has introduced some sort of checking
which is blocking fetch although curl/wget works perfectly. fetch with
other --user-agent is also not working at the moment. An issue has been
opened with the upstream which can be found at:
https://github.com/php/web-php/issues/483
- Untill this is fixed add php Github distributions URL to MASTER_SITES
- Modify MASTER_SITES for php[73|74|80] and remove SUBDIR as it affects
DIST_SUBDIR
- Add DIST_SUBDIR as Github is IPv4 only which affects IPv6 only
builders. In case someone is running IPv6 only builders distcache will
pickup and serve.
- Although distinfo has been updated as we have added DIST_SUBDIR but
SHA256 and SIZE are unchanged. In case someone needs to verify those
are available from https://www.php.net/downloads
- We might have done some drastic changes but we are on the brink of
quarterly build and we do not want to start a new year and a new
quarter with BROKEN php and thousands of other ports.
PR: 260699
Reported by: chris@cretaforce.gr
Approved by: portmgr (blanket infrastructure)
Sponsored by: Bounce Experts
The conflict checks compare the patterns first against the package
names without version (as reported by "pkg query "%n"), then - if
there was no match - agsinst the full package names including the
version (as reported by "pkg query "%n-%v").
Approved by: portmgr (blanket)
Core:
Fixed bug #81518 (Header injection via default_mimetype / default_charset).
Date:
Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2).
MBString:
Fixed bug #76167 (mbstring may use pointer from some previous request).
MySQLi:
Fixed bug #81494 (Stopped unbuffered query does not throw error).
PCRE:
Fixed bug #81424 (PCRE2 10.35 JIT performance regression).
Streams:
Fixed bug #54340 (Memory corruption with user_filter).
XML:
Fixed bug #79971 (special character is breaking the path in xml function). (CVE-2021-21707)
Also include a patch to fix issue 259725:
dns_get_record fails when requested record doesn't exist
PR: 259725
Reported by: fsbruva@yahoo.com
Sponsored by: Bounce Experts
PHP 7.3 conflicted with versions no longer in the ports-tree. Remove this conflicts.
PHP 7.3 and 7.4 did not conflict with PHP 8.0. Add the missing conflict.
PR: 258803
Reported by: Einar Bjarni Halldórsson <einar@isnic.is>
Sponsored by: Bounce Experts
Changelog:
Core:
Fixed bug #80781 (Error handler that throws ErrorException infinite loop).
Fixed bug #75776 (Flushing streams with compression filter is broken). (cmb) 04 Mar 2021, php 7.4.16
Fixed#80706 (mail(): Headers after Bcc headers may be ignored).
Dba:
Fixed bug #80817 (dba_popen() may cause segfault during RSHUTDOWN).
DOM:
Fixed bug #66783 (UAF when appending DOMDocument to element).
FPM:
Fixed bug #80024 (Duplication of info about inherited socket after pool removing).
FTP:
Fixed bug #80880 (SSL_read on shutdown, ftp/proc_open).
Imap:
Fixed bug #80710 (imap_mail_compose() header injection).
Intl:
Fixed bug #80763 (msgfmt_format() does not accept DateTime references).
LibXML:
Fixed bug #51903 (simplexml_load_file() doesn't use HTTP headers).
Fixed bug #73533 (Invalid memory access in php_libxml_xmlCheckUTF8).
MySQLnd:
Fixed bug #80713 (SegFault when disabling ATTR_EMULATE_PREPARES and MySQL 8.0).
Fixed bug #80837 (Calling stmt_store_result after fetch doesn't throw an error).
Fixed bug #78680 (mysqlnd's mysql_clear_password does not transmit null-terminated password).
Opcache:
Fixed bug #80805 (create simple class and get error in opcache.so).
Fixed bug #80950 (Variables become null in if statements).
Pcntl:
Fixed bug #79812 (Potential integer overflow in pcntl_exec()).
PCRE:
Fixed bug #80866 (preg_split ignores limit flag when pattern with \K has 0-width fullstring match).
PDO_ODBC:
Fixed bug #80783 (PDO ODBC truncates BLOB records at every 256th byte).
PDO_pgsql:
Fixed bug #80892 (PDO::PARAM_INT is treated the same as PDO::PARAM_STR).
phpdbg:
Fixed bug #80757 (Exit code is 0 when could not open file).
Session:
Fixed bug #80774 (session_name() problem with backslash).
Fixed bug #80889 (Cannot set save handler when save_handler is invalid).
SOAP:
Fixed bug #69668 (SOAP special XML characters in namespace URIs not encoded).
Standard:
Fixed bug #78719 (http wrapper silently ignores long Location headers).
Fixed bug #80771 (phpinfo(INFO_CREDITS) displays nothing in CLI).
Fixed bug #80838 (HTTP wrapper waits for HTTP 1 response after HTTP 101).
Fixed bug #80915 (Taking a reference to $_SERVER hides its values from phpinfo()).
Fixed bug #80654 (file_get_contents() maxlen fails above (2**31)-1 bytes).
MySQLi:
Fixed bug #74779 (x() and y() truncating floats to integers).
OPcache:
Fixed bug #80682 (opcache doesn't honour pcre.jit option).
OpenSSL:
Fixed bug #80747 (Providing RSA key size < 512 generates key that crash PHP).
Phar:
Fixed bug #75850 (Unclear error message wrt. __halt_compiler() w/o semicolon) (cmb)
Fixed bug #70091 (Phar does not mark UTF-8 filenames in ZIP archives).
Fixed bug #53467 (Phar cannot compress large archives).
SPL:
Fixed bug#80719 (Iterating after failed ArrayObject::setIteratorClass() causes Segmentation fault).
Zip:
Fixed bug #80648 (Fix for bug 79296 should be based on runtime version).
Sponsored by: Bounce Experts
Core:
Fixed bug #80523 (bogus parse error on >4GB source code).
Fixed bug #80384 (filter buffers entire read until file closed).
Curl:
Fixed bug #80595 (Resetting POSTFIELDS to empty array breaks request).
Date:
Fixed bug #80376 (last day of the month causes runway cpu usage.
MySQLi:
Fixed bug #67983 (mysqlnd with MYSQLI_OPT_INT_AND_FLOAT_NATIVE fails to interpret bit columns).
Fixed bug #64638 (Fetching resultsets from stored procedure with cursor fails).
Fixed bug #72862 (segfault using prepared statements on stored procedures that use a cursor).
Fixed bug #77935 (Crash in mysqlnd_fetch_stmt_row_cursor when calling an SP with a cursor).
Phar:
Fixed bug #77565 (Incorrect locator detection in ZIP-based phars).
Fixed bug #69279 (Compressed ZIP Phar extractTo() creates garbage files).
SOAP:
Fixed bug #80672 (Null Dereference in SoapClient). (CVE-2021-21702)
Sponsored by: PHP Update Service
Core:
Fixed bug #80280 (ADD_EXTENSION_DEP() fails for ext/standard and ext/date).
Fixed bug #80258 (Windows Deduplication Enabled, randon permission errors).
COM:
Fixed bug #62474 (com_event_sink crashes on certain arguments).
DOM:
Fixed bug #80268 (loadHTML() truncates at NUL bytes).
FFI:
Fixed bug #79177 (FFI doesn't handle well PHP exceptions within callback).
IMAP:
Fixed bug #64076 (imap_sort() does not return FALSE on failure).
Fixed bug #76618 (segfault on imap_reopen).
Fixed bug #80239 (imap_rfc822_write_address() leaks memory).
Fixed minor regression caused by fixing bug #80220.
Fixed bug #80242 (imap_mail_compose() segfaults for multipart with rfc822).
MySQLi:
Fixed bug #79375 (mysqli_store_result does not report error from lock wait timeout).
Fixed bug #76525 (mysqli::commit does not throw if MYSQLI_REPORT_ERROR enabled and mysqlnd used).
Fixed bug #72413 (mysqlnd segfault (fetch_row second parameter typemismatch)).
ODBC:
Fixed bug #44618 (Fetching may rely on uninitialized data).
Opcache:
Fixed bug #79643 (PHP with Opcache crashes when a file with specific name is included).
Fixed run-time binding of preloaded dynamically declared function.
OpenSSL:
Fixed bug #79983 (openssl_encrypt / openssl_decrypt fail with OCB mode).
PDO MySQL:
Fixed bug #66528 (No PDOException or errorCode if database becomes unavailable before PDO::commit).
Fixed bug #65825 (PDOStatement::fetch() does not throw exception on broken server connection).
SNMP:
Fixed bug #70461 (disable md5 code when it is not supported in net-snmp).
Standard:
Fixed bug #80266 (parse_url silently drops port number 0).
PR: 251396
Submitted by: Pascal Christen <pascal.christen@hostpoint.ch>
Core:
Fixed bug #79699 (PHP parses encoded cookie names so malicious `__Host-` cookies can be sent). (CVE-2020-7070)
Fixed bug #79979 (passing value to by-ref param via CUFA crashes).
Fixed bug #80037 (Typed property must not be accessed before initialization when __get() declared).
Fixed bug #80048 (Bug #69100 has not been fixed for Windows).
Fixed bug #80049 (Memleak when coercing integers to string via variadic argument).
Calendar:
Fixed bug #80007 (Potential type confusion in unixtojd() parameter parsing).
COM:
Fixed bug #64130 (COM obj parameters passed by reference are not updated).
OPcache:
Fixed bug #80002 (calc free space for new interned string is wrong).
Fixed bug #80046 (FREE for SWITCH_STRING optimized away).
Fixed bug #79825 (opcache.file_cache causes SIGSEGV when custom opcode handlers changed).
OpenSSL:
Fixed bug #79601 (Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV). (CVE-2020-7069)
PDO:
Fixed bug #80027 (Terrible performance using $query->fetch on queries with many bind parameters).
SOAP:
Fixed bug #47021 (SoapClient stumbles over WSDL delivered with "Transfer-Encoding: chunked").
Standard:
Fixed bug #79986 (str_ireplace bug with diacritics characters).
Fixed bug #80077 (getmxrr test bug).
Fixed bug #72941 (Modifying bucket->data by-ref has no effect any longer).
Fixed bug #80067 (Omitting the port in bindto setting errors).
Sponsored by: Bounce Experts
xmlreader needs not only the DOM extension, but to be compiled
with --enabled-dom. This commit adds the missing configuration
to etablish the dependency.
PR: 249886
Submitted by: michael.glaus@hostpoint.ch
Sponsored by: Bounce Experts
Changelog:
Core:
Fixed bug #79884 (PHP_CONFIG_FILE_PATH is meaningless).
Fixed bug #77932 (File extensions are case-sensitive).
Fixed bug #79806 (realpath() erroneously resolves link to link).
Fixed bug #79895 (PHP_CHECK_GCC_ARG does not allow flags with equal sign).
Fixed bug #79919 (Stack use-after-scope in define()).
Fixed bug #79934 (CRLF-only line in heredoc causes parsing error).
Fixed bug #79947 (Memory leak on invalid offset type in compound assignment).
COM:
Fixed bug #48585 (com_load_typelib holds reference, fails on second call).
Exif:
Fixed bug #75785 (Many errors from exif_read_data).
Gettext:
Fixed bug #70574 (Tests fail due to relying on Linux fallback behavior for gettext()).
LDAP:
Fixed memory leaks.
OPcache:
Fixed bug #73060 (php failed with error after temp folder cleaned up).
Fixed bug #79917 (File cache segfault with a static variable in inherited method).
PDO:
Fixed bug #64705 (errorInfo property of PDOException is null when PDO::__construct() fails).
Session:
Fixed bug #79724 (Return type does not match in ext/session/mod_mm.c).
Standard:
Fixed bug #79930 (array_merge_recursive() crashes when called with array with single reference).
Fixed bug #79944 (getmxrr always returns true on Alpine linux).
Fixed bug #79951 (Memory leak in str_replace of empty string).
XML:
Fixed bug #79922 (Crash after multiple calls to xml_parser_free()).
Sponsored by: Bounce Experts
Changelog:
Apache:
Fixed bug #79030 (Upgrade apache2handler's php_apache_sapi_get_request_time to return usec).
COM:
Fixed bug #63208 (BSTR to PHP string conversion not binary safe).
Fixed bug #63527 (DCOM does not work with Username, Password parameter).
Core:
Fixed bug #79740 (serialize() and unserialize() methods can not be called statically).
Fixed bug #79783 (Segfault in php_str_replace_common).
Fixed bug #79778 (Assertion failure if dumping closure with unresolved static variable).
Fixed bug #79779 (Assertion failure when assigning property of string offset by reference).
Fixed bug #79792 (HT iterators not removed if empty array is destroyed).
Fixed bug #78598 (Changing array during undef index RW error segfaults).
Fixed bug #79784 (Use after free if changing array during undef var during array write fetch).
Fixed bug #79793 (Use after free if string used in undefined index warning is changed).
Fixed bug #79862 (Public non-static property in child should take priority over private static).
Fixed bug #79877 (getimagesize function silently truncates after a null byte) (cmb)
Fileinfo:
Fixed bug #79756 (finfo_file crash (FILEINFO_MIME)).
FTP:
Fixed bug #55857 (ftp_size on large files).
Mbstring:
Fixed bug #79787 (mb_strimwidth does not trim string).
Phar:
Fixed bug #79797 (Use of freed hash key in the phar_parse_zipfile function). (CVE-2020-7068)
Reflection:
Fixed bug #79487 (::getStaticProperties() ignores property modifications).
Fixed bug #69804 (::getStaticPropertyValue() throws on protected props).
Fixed bug #79820 (Use after free when type duplicated into ReflectionProperty gets resolved).
Standard:
Fixed bug #70362 (Can't copy() large 'data://' with open_basedir).
Fixed bug #78008 (dns_check_record() always return true on Alpine).
Fixed bug #79839 (array_walk() does not respect property types).
Sponsored by: Bounce Experts
There are some reports about PHP crashes, when using php-imap
(especially with OpenSSL and TSL 1.3). All this problems went away,
when using the panda-cclient instead of the old cclient.
Therefore we make the panda-cclient the new default,
but still allow cclient in order to allow backwards compatibility.
Special thanks to bofh for figuring out the complex details and
the solution!
Special thanks to Jason for being patience and
helpful about so many months!
Reported by: Jason de Cordoba <jason@aventia.pw>
Reviewed by: bofh
Sponsored by: Bounce Experts
Core:
Fixed bug #78434 (Generator yields no items after valid() call).
Fixed bug #79477 (casting object into array creates references).
Fixed bug #79514 (Memory leaks while including unexistent file).
Fixed bug #79470 (PHP incompatible with 3rd party file system on demand).
Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository).
Fixed bug #78875 (Long variables cause OOM and temp files are not cleaned). (CVE-2019-11048).
Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048).
DOM:
Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
EXIF:
Fixed bug #79336 (ext/exif/tests/bug79046.phpt fails on Big endian arch).
FCGI:
Fixed bug #79491 (Search for .user.ini extends up to root dir).
MBString:
Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported).
OpenSSL:
Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes with <1s timeout).
PCRE:
Upgraded to PCRE2 10.34.
Phar:
Fixed bug #79503 (Memory leak on duplicate metadata).
SimpleXML:
Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4).
SPL:
Fixed bug #69264 (__debugInfo() ignored while extending SPL classes).
Fixed bug #67369 (ArrayObject serialization drops the iterator class).
Standard:
Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter appended).
Fixed bug #79447 (Serializing uninitialized typed properties with __sleep should not throw).
Sponsored by: Bounce Experts
Changelog:
Core:
Fixed bug #78434 (Generator yields no items after valid() call).
Fixed bug #79477 (casting object into array creates references).
Fixed bug #79514 (Memory leaks while including unexistent file).
Fixed bug #79470 (PHP incompatible with 3rd party file system on demand).
Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository).
Fixed bug #78875 (Long variables cause OOM and temp files are not cleaned). (CVE-2019-11048).
Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048).
DOM:
Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes).
EXIF:
Fixed bug #79336 (ext/exif/tests/bug79046.phpt fails on Big endian arch).
FCGI:
Fixed bug #79491 (Search for .user.ini extends up to root dir).
MBString:
Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported).
OpenSSL:
Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes with <1s timeout).
PCRE:
Upgraded to PCRE2 10.34.
Phar:
Fixed bug #79503 (Memory leak on duplicate metadata).
SimpleXML:
Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4).
SPL:
Fixed bug #69264 (__debugInfo() ignored while extending SPL classes).
Fixed bug #67369 (ArrayObject serialization drops the iterator class).
Standard:
Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter appended).
Fixed bug #79447 (Serializing uninitialized typed properties with __sleep should not throw).
Sponsored by: Bounce Experts
Currently when building lang/php74 with MYSQLND=off, its im possible to
build databases/php74-mysqli. When the option MYSQLND was added, we expected
users to not use mysqli at all after disabling this option.
This has proven to be wrong, so we patch the build to be work again.
patch-ext_mysqli_mysqli__api.c was submitted by Сергей <joker@pinnet.ru>.
Merge patches from r522539 into this commit and add two additional patches.
The ftp module always compiles against the base openssl,
causes the error on FreeBSD 11.3. All other ports based
on OpenSSL import the needed openssl from ports, if its
not in base. Therefore we adjust the behaviour of the
ftp module to match for example the imap module.
PR: 241591
Submitted by: Pascal Christen <pascal.christen@hostpoint.ch>
The PHP development team announces the immediate availability of PHP 7.4.0. This release marks the fourth feature update to the PHP 7 series.
PHP 7.4.0 comes with numerous improvements and new features such as:
Typed Properties
Arrow Functions
Limited Return Type Covariance and Argument Type Contravariance
Unpacking Inside Arrays
Numeric Literal Separator
Weak References
Allow Exceptions from __toString()
Opcache Preloading
Several Deprecations
Extensions Removed from the Core
Full Changelog:
Core:
Implemented RFC: Deprecate curly brace syntax for accessing array elements and string offsets.
Implemented RFC: Deprecations for PHP 7.4.
Fixed bug #52752 (Crash when lexing).
Fixed bug #60677 (CGI doesn't properly validate shebang line contains #!).
Fixed bug #71030 (Self-assignment in list() may have inconsistent behavior).
Fixed bug #72530 (Use After Free in GC with Certain Destructors).
Fixed bug #75921 (Inconsistent: No warning in some cases when stdObj is created on the fly).
Implemented FR #76148 (Add array_key_exists() to the list of specially compiled functions).
Fixed bug #76430 (__METHOD__ inconsistent outside of method).
Fixed bug #76451 (Aliases during inheritance type checks affected by opcache).
Implemented FR #77230 (Support custom CFLAGS and LDFLAGS from environment).
Fixed bug #77345 (Stack Overflow caused by circular reference in garbage collection).
Fixed bug #77812 (Interactive mode does not support PHP 7.3-style heredoc).
Fixed bug #77877 (call_user_func() passes $this to static methods).
Fixed bug #78066 (PHP eats the first byte of a program that comes from process substitution).
Fixed bug #78151 (Segfault caused by indirect expressions in PHP 7.4a1).
Fixed bug #78154 (SEND_VAR_NO_REF does not always send reference).
Fixed bug #78182 (Segmentation fault during by-reference property assignment).
Fixed bug #78212 (Segfault in built-in webserver).
Fixed bug #78220 (Can't access OneDrive folder).
Fixed bug #78226 (Unexpected __set behavior with typed properties).
Fixed bug #78239 (Deprecation notice during string conversion converted to exception hangs).
Fixed bug #78335 (Static properties/variables containing cycles report as leak).
Fixed bug #78340 (Include of stream wrapper not reading whole file).
Fixed bug #78344 (Segmentation fault on zend_check_protected).
Fixed bug #78356 (Array returned from ArrayAccess is incorrectly unpacked as argument).
Fixed bug #78379 (Cast to object confuses GC, causes crash).
Fixed bug #78386 (fstat mode has unexpected value on PHP 7.4).
Fixed bug #78396 (Second file_put_contents in Shutdown hangs script).
Fixed bug #78406 (Broken file includes with user-defined stream filters).
Fixed bug #78438 (Corruption when __unserializing deeply nested structures).
Fixed bug #78441 (Parse error due to heredoc identifier followed by digit).
Fixed bug #78454 (Consecutive numeric separators cause OOM error).
Fixed bug #78460 (PEAR installation failure).
Fixed bug #78531 (Crash when using undefined variable as object).
Fixed bug #78535 (auto_detect_line_endings value not parsed as bool).
Fixed bug #78604 (token_get_all() does not properly tokenize FOO<?php with short_open_tag=0).
Fixed bug #78614 (Does not compile with DTRACE anymore).
Fixed bug #78620 (Out of memory error).
Fixed bug #78632 (method_exists() in php74 works differently from php73 in checking priv. methods).
Fixed bug #78644 (SEGFAULT in ZEND_UNSET_OBJ_SPEC_VAR_CONST_HANDLER).
Fixed bug #78658 (Memory corruption using Closure::bindTo).
Fixed bug #78656 (Parse errors classified as highest log-level).
Fixed bug #78662 (stream_write bad error detection).
Fixed bug #78768 (redefinition of typedef zend_property_info).
Fixed bug #78788 (./configure generates invalid php_version.h).
Fixed incorrect usage of QM_ASSIGN instruction. It must not return IS_VAR. As a side effect, this allowed passing left hand list() "by reference", instead of compile-time error.
CLI:
The built-in CLI server now reports the request method in log files.
COM:
Deprecated registering of case-insensitive constants from typelibs.
Fixed bug #78650 (new COM Crash).
Fixed bug #78694 (Appending to a variant array causes segfault).
CURL:
Fixed bug #76480 (Use curl_multi_wait() so that timeouts are respected).
Implemented FR #77711 (CURLFile should support UNICODE filenames).
Deprecated CURLPIPE_HTTP1.
Deprecated $version parameter of curl_version().
Date:
Updated timelib to 2018.02.
Fixed bug #69044 (discrepency between time and microtime).
Fixed bug #70153 (\DateInterval incorrectly unserialized).
Fixed bug #75232 (print_r of DateTime creating side-effect).
Fixed bug #78383 (Casting a DateTime to array no longer returns its properties).
Fixed bug #78751 (Serialising DatePeriod converts DateTimeImmutable).
Exif:
Fixed bug #78333 (Exif crash (bus error) due to wrong alignment and invalid cast).
Fixed bug #78256 (heap-buffer-overflow on exif_process_user_comment). (CVE-2019-11042)
Fixed bug #78222 (heap-buffer-overflow on exif_scan_thumbnail). (CVE-2019-11041)
Fileinfo:
Fixed bug #78075 (finfo_file treats JSON file as text/plain).
Fixed bug #78183 (finfo_file shows wrong mime-type for .tga file).
Filter:
The filter extension no longer has the --with-pcre-dir on Unix builds, allowing the extension to be once more compiled as shared using ./configure.
FFI:
Added FFI extension.
Fixed bug #78488 (OOB in ZEND_FUNCTION(ffi_trampoline)).
Fixed bug #78543 (is_callable() on FFI\CData throws Exception).
Fixed bug #78716 (Function name mangling is wrong for some parameter types).
Fixed bug #78762 (Failing FFI::cast() may leak memory).
Fixed bug #78761 (Zend memory heap corruption with preload and casting).
Implement FR #78270 (Support __vectorcall convention with FFI).
Added missing FFI::isNull().
FPM:
Implemented FR #72510 (systemd service should be hardened).
Fixed bug #74083 (master PHP-fpm is stopped on multiple reloads).
Fixed bug #78334 (fpm log prefix message includes wrong stdout/stderr notation).
Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to RCE). (CVE-2019-11043)
GD:
Implemented the scatter filter (IMG_FILTER_SCATTER).
The bundled libgd behaves now like system libgd wrt. IMG_CROP_DEFAULT never falling back to IMG_CROP_SIDES.
The default $mode parameter of imagecropauto() has been changed to IMG_CROP_DEFAULT; passing -1 is now deprecated.
Added support for aspect ratio preserving scaling to a fixed height for imagescale().
Added TGA read support.
Fixed bug #73291 (imagecropauto() $threshold differs from external libgd).
Fixed bug #76324 (cannot detect recent versions of freetype with pkg-config).
Fixed bug #78314 (missing freetype support/functions with external gd).
GMP:
Fixed bug #78574 (broken shared build).
Hash:
Implemented RFC: The hash extension is now an integral part of PHP and cannot be disabled.
Implemented FR #71890 (crc32c checksum algorithm).
Iconv:
Fixed bug #78342 (Bus error in configure test for iconv //IGNORE).
Fixed bug #78642 (Wrong libiconv version displayed).
Libxml:
Fixed bug #78279 (libxml_disable_entity_loader settings is shared between requests (cgi-fcgi)).
InterBase:
Unbundled the InterBase extension and moved it to PECL.
Intl:
Raised requirements to ICU ≥ 50.1.
Changed ResourceBundle to implement Countable.
Changed default of $variant parameter of idn_to_ascii() and idn_to_utf8().
LDAP:
Deprecated ldap_control_paged_result_response and ldap_control_paged_result
LiteSpeed:
Updated to LiteSpeed SAPI V7.5 (Fixed clean shutdown).
Updated to LiteSpeed SAPI V7.4.3 (increased response header count limit from 100 to 1000, added crash handler to cleanly shutdown PHP request, added CloudLinux mod_lsapi mode).
Fixed bug #76058 (After "POST data can't be buffered", using php://input makes huge tmp files).
MBString:
Fixed bug #77907 (mb-functions do not respect default_encoding).
Fixed bug #78579 (mb_decode_numericentity: args number inconsistency).
Fixed bug #78609 (mb_check_encoding() no longer supports stringable objects).
MySQLi:
Fixed bug #67348 (Reading $dbc->stat modifies $dbc->affected_rows).
Fixed bug #76809 (SSL settings aren't respected when persistent connections are used).
Fixed bug #78179 (MariaDB server version incorrectly detected).
Fixed bug #78213 (Empty row pocket).
MySQLnd:
Fixed connect_attr issues and added the _server_host connection attribute.
Fixed bug #60594 (mysqlnd exposes 160 lines of stats in phpinfo).
ODBC:
Fixed bug #78473 (odbc_close() closes arbitrary resources).
Opcache:
Implemented preloading RFC.
Add opcache.preload_user INI directive.
Added new INI directive opcache.cache_id (Windows only).
Fixed bug #78106 (Path resolution fails if opcache disabled during request).
Fixed bug #78175 (Preloading segfaults at preload time and at runtime).
Fixed bug #78202 (Opcache stats for cache hits are capped at 32bit NUM).
Fixed bug #78271 (Invalid result of if-else).
Fixed bug #78341 (Failure to detect smart branch in DFA pass).
Fixed bug #78376 (Incorrect preloading of constant static properties).
Fixed bug #78429 (opcache_compile_file(__FILE__); segfaults).
Fixed bug #78512 (Cannot make preload work).
Fixed bug #78514 (Preloading segfaults with inherited typed property).
Fixed bug #78654 (Incorrectly computed opcache checksum on files with non-ascii characters).
OpenSSL:
Added TLS 1.3 support to streams including new tlsv1.3 stream.
Added openssl_x509_verify function.
openssl_random_pseudo_bytes() now throws in error conditions.
Changed the default config path (Windows only).
Fixed bug #78231 (Segmentation fault upon stream_socket_accept of exported socket-to-stream).
Fixed bug #78391 (Assertion failure in openssl_random_pseudo_bytes).
Fixed bug #78775 (TLS issues from HTTP request affecting other encrypted connections).
Pcntl:
Fixed bug #77335 (PHP is preventing SIGALRM from specifying SA_RESTART).
PCRE:
Implemented FR #77094 (Support flags in preg_replace_callback).
Fixed bug #72685 (Repeated UTF-8 validation of same string in UTF-8 mode).
Fixed bug #73948 (Preg_match_all should return NULLs on trailing optional capture groups).
Fixed bug #78338 (Array cross-border reading in PCRE).
Fixed bug #78349 (Bundled pcre2 library missing LICENCE file).
PDO:
Implemented FR #71885 (Allow escaping question mark placeholders). https://wiki.php.net/rfc/pdo_escape_placeholders
Fixed bug #77849 (Disable cloning of PDO handle/connection objects).
Implemented FR #78033 (PDO - support username and password specified in DSN).
PDO_Firebird:
Implemented FR #65690 (PDO_Firebird should also support dialect 1).
Implemented FR #77863 (PDO firebird support type Boolean in input parameters).
PDO_MySQL:
Fixed bug #41997 (SP call yields additional empty result set).
Fixed bug #78623 (Regression caused by "SP call yields additional empty result set").
PDO_OCI:
Support Oracle Database tracing attributes ACTION, MODULE, CLIENT_INFO, and CLIENT_IDENTIFIER.
Implemented FR #76908 (PDO_OCI getColumnMeta() not implemented).
PDO_SQLite:
Implemented sqlite_stmt_readonly in PDO_SQLite.
Raised requirements to SQLite 3.5.0.
Fixed bug #78192 (SegFault when reuse statement after schema has changed).
Fixed bug #78348 (Remove -lrt from pdo_sqlite.so).
Phar:
Fixed bug #77919 (Potential UAF in Phar RSHUTDOWN).
phpdbg:
Fixed bug #76596 (phpdbg support for display_errors=stderr).
Fixed bug #76801 (too many open files).
Fixed bug #77800 (phpdbg segfaults on listing some conditional breakpoints).
Fixed bug #77805 (phpdbg build fails when readline is shared).
Recode:
Unbundled the recode extension.
Reflection:
Fixed bug #76737 (Unserialized reflection objects are broken, they shouldn't be serializable).
Fixed bug #78263 (\ReflectionReference::fromArrayElement() returns null while item is a reference).
Fixed bug #78410 (Cannot "manually" unserialize class that is final and extends an internal one).
Fixed bug #78697 (ReflectionClass::implementsInterface - inaccurate error message with traits).
Fixed bug #78774 (ReflectionNamedType on Typed Properties Crash).
Session:
Fixed bug #78624 (session_gc return value for user defined session handlers).
SimpleXML:
Implemented FR #65215 (SimpleXMLElement could register as implementing Countable).
Fixed bug #75245 (Don't set content of elements with only whitespaces).
Sockets:
Fixed bug #67619 (Validate length on socket_write).
Fixed bug #78665 (Multicasting may leak memory).
sodium:
Fixed bug #77646 (sign_detached() strings not terminated).
Fixed bug #78510 (Partially uninitialized buffer returned by sodium_crypto_generichash_init()).
Fixed bug #78516 (password_hash(): Memory cost is not in allowed range).
SPL:
Fixed bug #77518 (SeekableIterator::seek() should accept 'int' typehint as documented).
Fixed bug #78409 (Segfault when creating instance of ArrayIterator without constructor).
Fixed bug #78436 (Missing addref in SplPriorityQueue EXTR_BOTH mode).
Fixed bug #78456 (Segfault when serializing SplDoublyLinkedList).
SQLite3:
Unbundled libsqlite.
Raised requirements to SQLite 3.7.4.
Forbid (un)serialization of SQLite3, SQLite3Stmt and SQLite3Result.
Added support for the SQLite @name notation.
Added SQLite3Stmt::getSQL() to retrieve the SQL of the statement.
Implement FR ##70950 (Make SQLite3 Online Backup API available).
Standard:
Implemented RFC password hashing registry.
Implemented RFC where password_hash() has argon2i(d) implementations from ext/sodium when PHP is built without libargon.
Implemented FR #38301 (field enclosure behavior in fputcsv).
Implemented FR #51496 (fgetcsv should take empty string as an escape).
Fixed bug #73535 (php_sockop_write() returns 0 on error, can be used to trigger Denial of Service).
Fixed bug #74764 (Bindto IPv6 works with file_get_contents but fails with stream_socket_client).
Fixed bug #76859 (stream_get_line skips data if used with data-generating filter).
Implemented FR #77377 (No way to handle CTRL+C in Windows).
Fixed bug #77930 (stream_copy_to_stream should use mmap more often).
Implemented FR #78177 (Make proc_open accept command array).
Fixed bug #78208 (password_needs_rehash() with an unknown algo should always return true).
Fixed bug #78241 (touch() does not handle dates after 2038 in PHP 64-bit).
Fixed bug #78282 (atime and mtime mismatch).
Fixed bug #78326 (improper memory deallocation on stream_get_contents() with fixed length buffer).
Fixed bug #78346 (strip_tags no longer handling nested php tags).
Fixed bug #78506 (Error in a php_user_filter::filter() is not reported).
Fixed bug #78549 (Stack overflow due to nested serialized input).
Fixed bug #78759 (array_search in $GLOBALS).
Testing:
Fixed bug #78684 (PCRE bug72463_2 test is sending emails on Linux).
Tidy:
Added TIDY_TAG_* constants for HTML5 elements.
Fixed bug #76736 (wrong reflection for tidy_get_head, tidy_get_html, tidy_get_root, and tidy_getopt)
WDDX:
Deprecated and unbundled the WDDX extension.
Zip:
Fixed bug #78641 (addGlob can modify given remove_path value).
Changelog taken from: https://www.php.net/ChangeLog-7.php#7.4.0
MFH: 2019Q4
Sponsored by: Professionelles Bounce Management
