PHP Minor versions impact report

This is the list of bugfixes, found in minor versions of PHP that may impact your code.

Title7.37.27.17.0php-srcBugsCVE
Opcache causes incorrect "undefined variable" errors - 7.1.18 7.1.18 7.1.18 - #76281 -
PHP crashes when parsing `(2)::class` - 7.2.15 - - - #77530 -
Segfault with H2 server push - 7.2.15 - - - #76675 -
feof might hang on TLS streams in case of fragmented TLS records - 7.2.15 - - - #77390 -
array_walk_recursive corrupts value types leading to PDO failure - 7.2.15 - - - #77273 -
parse_str segfaults when inserting item into existing array - 7.2.15 - - - #77439 -
Serializing or unserializing COM objects crashes - 7.2.14 - - - #77177 -
DateTime::diff gives wrong diff when the actual diff is less than 1 second - 7.2.14 - - - #77097 -
Incorrect error handling of imagecreatefromjpeg() - 7.2.14 - - - #77195 -
Issue with re-binding on SQLite3 - 7.2.14 - - - #77051 -
Year component overflow with date formats "c", "o", "r" and "y" - 7.2.12 7.1.24 - - #75851 -
U_ARGUMENT_TYPE_MISMATCH - 7.2.12 7.1.24 - - #76942 -
tidy::getOptDoc() not available on Windows - 7.2.12 7.1.24 - - #77027 -
xml_parse_into_struct() does not resolve entities - 7.2.12 7.1.24 - - #30875 -
Cyclic reference in generator not detected - 7.2.12 7.1.24 - - #76946 -
The phpize and ./configure create redundant .deps file - 7.2.12 7.1.24 - - #77035 -
Failed shutdown/reboot or end session in Windows - 7.2.12 7.1.24 - - #76948 -
fractions in `diff()` are not correctly normalized - 7.2.12 - - - #77007 -
ReflectionFunction::invoke does not invoke closure with object scope - 7.2.12 - - - #66430 -
sodium_pad() could read (but not return nor write) uninitialized memory when trying to pad an empty input - 7.2.12 - - - #77008 -
Segfault in shutdown function after memory limit error - 7.2.12 - - - #76846 -
Objects cannot access their private attributes while handling reflection errors - 7.2.12 - - - #76936 -
method_exists on SPL iterator passthrough method corrupts memory - 7.2.11 7.1.23 - - #76901 -
Wrong exception being thrown when using ReflectionMethod - 7.2.11 7.1.23 - - #74454 -
Bindto IPv6 works with file_get_contents but fails with stream_socket_client - 7.2.11 7.1.23 - - #74764 -
array_reduce is slow when $carry is large array - 7.2.11 7.1.23 - - #75533 -
php_zlib_inflate_filter() may not update bytes_consumed - 7.2.11 7.1.23 - - #75273 -
Compile-time evaluation of disabled function in opcache causes segfault - 7.2.11 - - - #76796 -
Memory leak when fetching a BLOB field - 7.2.9 - - - #76488 -
Possible Memory Leak using PDO::CURSOR_SCROLL option - 7.2.9 - - - #75402 -
Incorrect entries in get_html_translation_table - 7.2.9 - - - #73817 -
array_column: null values in $index_key become incrementing keys in result - 7.2.9 - - - #68553 -
Segmentation fault when using `output_add_rewrite_var` - 7.2.9 - - - #76643 -
ZipArchive memory leak (OVERWRITE flag and empty archive) - 7.2.9 - - - #76524 -
NoRewindIterator segfault 11 - 7.2.7 - - - #76367 -
exif_read_data zend_mm_heap corrupted - 7.2.6 - - - #76164 -
mismatch arginfo for date_create - 7.2.5 7.1.17 - - #76131 -
Wrong cp1251 detection - 7.2.5 7.1.17 - - #75944 -
incorrect url in header for mt_rand - 7.2.5 7.1.17 - - #75996 -
Heap Buffer Overflow (READ: 1786) in exif_iif_add_value - 7.2.5 - 7.0.30 - #76130 -
Intl compilation fails with icu4c 61.1 - 7.2.5 - - - #76153 -
mbstring does not build with Oniguruma 6.8.1 - 7.2.5 - - - #76113 -
Access violation when using opcache - 7.2.5 - - - #76094 -
Segfault while throwing exception in error_handler - 7.2.4 7.1.15 7.0.29 - #76025 -
null pointer access crashed php - 7.2.4 7.1.15 7.0.29 - #76041 -
Freeing uninitialized pointer - 7.2.4 7.1.15 7.0.29 - #75867 -
wrong unicode mapping in some charsets - 7.2.4 7.1.15 7.0.29 - #62545 -
Assertion failure in live range DCE due to block pass misoptimization - 7.2.4 7.1.15 7.0.29 - #75969 -
Segmentation fault in buildFromIterator when directory name contains a \n - 7.2.4 7.1.15 7.0.29 - #76085 -
Strange references behavior - 7.2.4 7.1.15 7.0.29 - #75961 -
Timezone gets truncated when formatted - 7.2.3 7.1.15 - - #75857 -
Argument 2 for `DateTimeZone::listIdentifiers()` should accept `null` - 7.2.3 7.1.15 - - #75928 -
deal with leading slash while adding files correctly - 7.2.3 7.1.15 - - #65414 -
strange behavior of AppendIterator - 7.2.3 7.1.15 - - #74519 -
Prevent reading beyond buffer start in http wrapper - 7.2.3 7.1.15 - - #75981 -
Phar::extractTo() does not accept specific directories to be extracted - 7.2.3 - - - #54289 -
opcache segfault when installing Bitrix - 7.2.3 - - - #75729 -
file_get_contents $http_response_header variable bugged with opcache - 7.2.3 - - - #75893 -
Path 260 character problem - 7.2.2 7.1.14 - - #75679 -
getenv() crashes on Windows 7.2.1 when second parameter is false - 7.2.2 7.1.14 - - #75794 -
SoapClient generates E_ERROR even if exceptions=1 is used - 7.2.2 7.1.14 - - #70469 -
RecursiveArrayIterator does not traverse arrays by reference - 7.2.2 7.1.14 - - #75717 -
RecursiveArrayIterator doesn't have constants from parent class - 7.2.2 7.1.14 - - #75242 -
RecursiveArrayIterator does not iterate object properties - 7.2.2 7.1.14 - - #73209 -
substr_count incorrect result - 7.2.2 7.1.14 - - #75781 -
Using @ crashes php7.2-fpm - 7.2.2 - - - #75698 -
array_values don't work on empty array - 7.2.2 - - - #75653 -
php-process crash when is_file() is used with strings longer 260 chars - 7.2.1 7.1.13 - - #75074 -
libxml_disable_entity_loader setting is shared between requests - 7.2.1 7.1.13 - - #64938 -
Potential infinite loop in gdImageCreateFromGifCtx - 7.2.1 7.1.13 - - #75571 -
remove file name from output to avoid XSS - 7.2.1 7.1.13 - - #74782 -
fread not free unused buffer - 7.2.1 7.1.13 - - #75511 -
mt_rand returns value outside [$min,$max]+ on 32-bit) (Remi)
  • Fixed bug #75535 (Inappropriately parsing HTTP response leads to PHP segment fault
  • - 7.2.1 7.1.13 - - #75514 -
    accept EFAULT in addition to ENOSYS as indicator that getrandom() is missing - 7.2.1 7.1.13 - - #75409 -
    Segfault with libzip 1.3.1 - 7.2.1 7.1.13 - - #75540 -
    Invalid opcode 138/1/1 - 7.2.1 - - - #75556 -
    iconv_mime_decode does ignore special characters - - 7.1.22 - - #60494 -
    MessageFormatter::formatMessage memory corruption with 11+ named placeholders - - 7.1.22 - - #74484 -
    mb_detect_order return value varies based on argument type - - 7.1.22 - - #76704 -
    unusable ssl => peer_fingerprint in stream_context_create() - - 7.1.22 - - #76705 -
    RegexIterator pregFlags are NULL instead of 0 - - 7.1.22 - - #68175 -
    array_reduce leaks memory if callback throws exception - - 7.1.22 - - #76778 -
    Zlib version check fails when an include/zlib/ style dir is passed to the --with-zlib configure option - - 7.1.22 - - #65988 -
    Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c - - 7.1.20 7.0.31 - #76423 -
    heap-buffer-overflow (READ of size 48) while reading exif data - - 7.1.20 7.0.31 - #76557 -
    PHP hangs on 'illegal string offset on string references with an error handler - - 7.1.20 - - #76534 -
    Chain of mixed exceptions and errors does not serialize properly - - 7.1.20 - - #76502 -
    Undefined property: DateInterval::$f - - 7.1.20 - - #76462 -
    Integer Underflow when unserializing GMP and possible other classes - - 7.1.20 - - #74670 -
    PHP crashes with core dump when throwing exception in error handler - - 7.1.20 - - #76536 -
    ReflectionProperty#getValue() incorrectly works with inherited classes - - 7.1.20 - - #75231 -
    getimagesize with $imageinfo returns false - - 7.1.20 - - #71848 -
    self keyword leads to incorrectly generated TypeError when in closure in trait - - 7.1.14 - - #75079 -
    Enchant still reports version 1.1.0 - - 7.1.12 7.0.26 - #75365 -
    Exif extension has built in revision version - - 7.1.12 7.0.26 - #75301 -
    imagerotate may alter image dimensions - - 7.1.12 7.0.26 - #65148 -
    Wrong reflection on imagewebp - - 7.1.12 7.0.26 - #75437 -
    UConverter::setDestinationEncoding changes source instead of destination - - 7.1.12 7.0.26 - #75317 -
    openssl_x509_parse leaks memory - - 7.1.12 7.0.26 - #75363 -
    Null pointer dereference in zend_mm_alloc_small() - - 7.1.11 7.0.25 - #75241 -
    infinite loop when printing an error-message - - 7.1.11 7.0.25 - #75236 -
    debug info of Closures of internal functions contain garbage argument names - - 7.1.11 7.0.25 - #75290 -
    error: 'zend_hash_key' has no member named 'arKey' in apache2handler - - 7.1.11 7.0.25 - #75311 -
    The parameter of UConverter::getAliases() is not optional - - 7.1.11 7.0.25 - #75318 -
    arcfour encryption stream filter crashes php - - 7.1.11 7.0.25 - #72535 -
    applied upstream patch for CVE-2016-1283 - - 7.1.11 7.0.25 - #75207 -
    SplDoublyLinkedList::setIteratorMode masks intern flags - - 7.1.11 7.0.25 - #73629 -
    Data corruption when reading fields of bit type - - 7.1.11 - - #75018 -
    Request hangs and not finish - - 7.1.11 - - #75255 -
    Type 'bit' is fetched as unexpected string - - 7.1.11 - - #75177 -
    run-tests.php issues with EXTENSION block - - 7.1.10 7.0.24 - #75042 -
    BC math handles minus zero incorrectly - - 7.1.10 7.0.24 - #46781 -
    libgd/gd_interpolation.c:1786: suspicious if ? - - 7.1.10 7.0.24 - #75139 -
    incorrect behavior of AppendIterator::append in foreach loop - - 7.1.10 7.0.24 - #75173 -
    gethostname fails if your host name is 64 chars long - - 7.1.10 7.0.24 - #75097 -
    AppendIterator::append() is broken when appending another AppendIterator - - 7.1.10 - - #75155 -
    signed integer overflow in parse_iv - - 7.1.10 - - #75152 -
    Fixed finding CURL on systems with multiarch support - - 7.1.9 7.0.23 - #74125 -
    include_path has a 4096 char limit in some cases - - 7.1.9 7.0.23 - #74991 -
    null pointer dereference in _function_string - - 7.1.9 7.0.23 - #74949 -
    Unserialize ArrayIterator broken - - 7.1.9 7.0.23 - #74669 -
    Crash in recursive iterator destructors - - 7.1.9 7.0.23 - #75015 -
    unpack with X* causes infinity loop - - 7.1.9 7.0.23 - #75075 -
    heap-use-after-free when unserializing invalid array size - - 7.1.9 7.0.23 - #74103 -
    A Denial of Service Vulnerability was found when performing deserialization - - 7.1.9 7.0.23 - #75054 -
    Main CWD initialized with wrong codepage - - 7.1.9 - - #75063 -
    Narrowing occurred during type inference - - 7.1.9 - - #74980 -
    Url Rewriting (trans_sid) not working on urls that start with "#" - - 7.1.9 - - #74892 -
    Appending AppendIterator leads to segfault - - 7.1.9 - - #74977 -
    parse_url() broken when query string contains colon - - 7.1.8 7.0.22 - #74780 -
    Use After Free in unserialize() SplFixedArray - - 7.1.8 7.0.22 - #73900 -
    property_exists returns true on unknown DateInterval property - - 7.1.8 7.0.22 - #74852 -
    Heap buffer overread (READ: 1) finish_nested_data from unserialize - - 7.1.7 7.0.21 - #74111 -
    References to deleted XPath query results - - 7.1.7 7.0.21 - #69373 -
    Buffer over-read into uninitialized memory - - 7.1.7 7.0.21 - #74435 -
    Stack Buffer Overflow in msgfmt_parse_message - - 7.1.7 7.0.21 - #73473 -
    Wrong reflection on Collator::getSortKey and collator_get_sort_key - - 7.1.7 7.0.21 - #74705 -
    Segfault with opcache.memory_protect and validate_timestamp - - 7.1.7 7.0.21 - #74663 -
    Segfault when cast Reflection object to string with undefined constant - - 7.1.7 7.0.21 - #74673 -
    null coalescing operator failing with SplFixedArray - - 7.1.7 7.0.21 - #74478 -
    ftp:// wrapper ignores context arg - - 7.1.7 7.0.21 - #74598 -
    Phar::__construct reflection incorrect - - 7.1.7 7.0.21 - #74386 -
    Incorrect conversion array with WSDL_CACHE_MEMORY - - 7.1.7 7.0.21 - #74679 -
    implement clone for DatePeriod and DateInterval - - 7.1.7 - - #74639 -
    Segfault when using convert.quoted-printable-encode filter - - - 7.0.33 - #77231 -
    PharData always creates new files with mode 0666 - - - 7.0.33 - #77022 -
    Heap Buffer Overflow (READ: 4) in phar_parse_pharfile - - - 7.0.33 - #77143 -
    Null Pointer Dereference in timelib_time_clone - - - 7.0.23 - #75002 -
    grapheme_strpos illegal memory access - - - 7.0.21 - #73634 -
    Segmentation fault in PHP7.1.1(compiled using the bundled PCRE library) - - - 7.0.21 - #74087 -
    Invalid Reflection signatures for random_bytes and random_int - - - 7.0.21 - #74708 -
    Heap buffer overflow in substr - - - 7.0.21 - #73648 -
    PDO MySQL segfaults with persistent connection 7.3.2 - - - - #77289 -
    Segmentation Fault when executing method with an empty parameter 7.3.2 - - - - #77410 -
    mysqli_fetch_field hangs scripts 7.3.4 - - - - #77597 -
    preg_split does not raise an error on invalid UTF-8 7.3.4 - - - - #76127 -
    var_export() does not create a parsable value for PHP_INT_MIN 7.3.4 - - - - #76717 -
    Interface gets skipped if autoloader throws an exception 7.3.7 - - - - #76980 -
    openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c 7.3.7 - - - - #78079 -
    Extract with EXTR_SKIP should skip $this 7.3.7 - - - - #77135 -
    preg_match failed 7.3.7 - - - - #77937 -
    heap-buffer-overflow on php_jpg_get16) (CVE-2019-11040 7.3.6 - - - - #77988 -
    imageantialias($image, false); does not work 7.3.6 - - - - #77943 -
    Use after free with json serializer 7.3.6 - - - - #77843 -
    Warning for array_map mentions wrong type 7.3.6 - - - - #77931 -
    strip_tags output change since PHP 7.3 7.3.6 - - - - #78003 -
    wrong reflection on Collator::sortWithSortKeys - - 7.1.6 7.0.20 - #74468 -
    mysqli::change_user() doesn't accept null as $database argument w/strict_types - - 7.1.6 7.0.20 - #74547 -
    SIGSEGV with opcache.revalidate_path enabled - - 7.1.6 7.0.20 - #74596 -
    Phar::webPhar() does not handle requests sent through PUT and DELETE method - - 7.1.6 7.0.20 - #51918 -
    Wrong reflection on XMLReader::expand - - 7.1.6 7.0.20 - #74457 -
    __DIR__ wrong for unicode character - - 7.1.6 - - #74589 -
    stream_select() is broken on Windows Nanoserver - - 7.1.5 7.0.19 - #74410 -
    Wrong reflection on DOMNode::cloneNode - - 7.1.5 7.0.19 - #74416 -
    null character not allowed in openssl_pkey_get_private - - 7.1.5 7.0.19 - #73833 -
    phar method parameters reflection correction - - 7.1.5 7.0.19 - #74383 -
    setcookie allows max-age to be negative - - 7.1.5 7.0.19 - #72071 -
    Remote socket URI with unique persistence identifier broken - - 7.1.5 7.0.19 - #74429 -
    multiple catch freezes in some cases - - 7.1.5 - - #74444 -
    Intl does not support DateTimeImmutable - - 7.1.5 - - #65683 -
    IntlDateFormatter->format() doesn't return microseconds/fractions - - 7.1.5 - - #74298 -
    Segmentation error while running a script in CLI mode - - 7.1.5 - - #74456 -
    foreach infinite loop - - 7.1.5 - - #74431 -
    Opcached version produces a nested array - - 7.1.5 - - #74442 -
    Compaction in array_rand() violates COW - - 7.1.5 - - #74361 -
    yield fromLABEL is over-greedy - - 7.1.4 7.0.18 - #74302 -
    Swatch time value incorrect for dates before 1970 - - 7.1.4 7.0.18 - #72096 -
    iconv fails to fail on surrogates - - 7.1.4 7.0.18 - #74230 -
    fwrite() on non-blocking SSL sockets doesn't work - - 7.1.4 7.0.18 - #72333 -
    Correctly fail on invalid IP address ports - - 7.1.4 7.0.18 - #74216 -
    array_key_exists fails on arrays created by get_object_vars - - 7.1.3 7.0.17 - #73998 -
    NAN check fails on Alpine Linux with musl - - 7.1.3 7.0.17 - #73954 -
    gost-crypto hash incorrect if input data contains long 0xFF sequence - - 7.1.3 7.0.17 - #73127 -
    ReflectionFunction for imagepng is missing last two parameters - - 7.1.3 7.0.17 - #74031 -
    fetch_array broken data. Data more then MEDIUMBLOB - - 7.1.3 7.0.17 - #74021 -
    is_callable callable name reports misleading value for anonymous classes - - 7.1.3 7.0.17 - #73118 -
    stream_get_contents maxlength>-1 returns empty string - - 7.1.3 7.0.17 - #74090 -
    Segfault with nested generators - - 7.1.3 - - #74157 -
    PHP hangs when an invalid value is dynamically passed to typehinted by-ref arg - - 7.1.3 - - #74164 -
    Memory leak with openssl_encrypt() - - 7.1.3 - - #74099 -
    substr_count with length=0 broken - - 7.1.3 - - #74041 -
    Reflection information for ini_get_all() is incomplete - - - 7.0.19 - #74409 -
    incorrect reflection for SQLite3::enableExceptions - - - 7.0.19 - #74413 -
    DateTime wrong when date string is negative - - - 7.0.17 - #73294 -
    wrong timestamp when call setTimeZone multi times with UTC offset - - - 7.0.17 - #73489 -
    $date->modify('Friday this week') doesn't return a Friday if $date is a Sunday - - - 7.0.17 - #73942 -
    Unsetting result set may reset other result set - - - 7.0.14 - #73530 -
    version_compare illegal write access - - - 7.0.14 - #73645 -
    Integer Overflow in php_html_entities() - - - 7.0.14 - #72135 -
    parse_str() without a second argument leads to crash - - - 7.0.13 - #73181 -
    array_replace_recursive sometimes mutates its parameters - - - 7.0.13 - #71241 -
    parse_url return wrong hostname - - - 7.0.13 - #73192 -
    Stack Buffer Overflow in GD dynamicGetbuf - - - 7.0.13 - #73280 -
    crypt broken when salt is 'too' long - - - 7.0.12 - #73058 -
    Write out of bounds at number_format - - - 7.0.12 - #73240 -
    Use After Free in PHP7 unserialize() - - - 7.0.12 - #73147 -
    mb_substr only takes 32-bit signed integer - - - 7.0.12 - #66797 -
    \PDOStatement::nextRowset() should succeed when all rows in current rowset haven't been fetched - - - 7.0.12 - #67130 -
    SplObjectStorage unserialize allows use of non-object as key - - - 7.0.12 - #73258 -
    crash in openssl_random_pseudo_bytes function - - - 7.0.12 - #73276 -
    crash in openssl_encrypt function - - - 7.0.12 - #73275 -
    Negative ftruncate() on php://memory exhausts memory - - - 7.0.11 - #71882 -
    substr_compare NULL length interpreted as 0 - - - 7.0.11 - #55451 -
    getimagesize returning FALSE on valid jpg - - - 7.0.11 - #72278 -
    stream_set_blocking doesn't work - - - 7.0.11 - #72853 -
    ftps:// opendir wrapper data channel encryption fails with IIS FTP 7.5, 8.5 - - - 7.0.11 - #72764 -
    assign_dim on string doesn't reset hval - - - 7.0.11 - #72943 -
    Cannot fetch multiple values with group in ini file - - - 7.0.11 - #70825 -
    Cannot upload file using ftp_put to FTPES with require_ssl_reuse - - - 7.0.11 - #70195 -
    getConstant for a array constant with constant values returns NULL/NFC/UKNOWN - - - 7.0.11 - #72846 -
    FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8 range - - - 7.0.10 - #71745 -
    microtime() leaks memory - - - 7.0.10 - #72024 -
    curl_setopt segfault with empty CURLOPT_HTTPHEADER - - - 7.0.10 - #71709 -
    Spurious warning when exception is thrown in user defined function - - - 7.0.10 - #72668 -
    array_walk + array_replace_recursive create references from nothing - - - 7.0.10 - #72622 -
    base64_decode $strict fails to detect null byte - - - 7.0.10 - #72152 -
    base64_decode skips a character after padding in strict mode - - - 7.0.10 - #72263 -
    base64_decode $strict fails with whitespace between padding - - - 7.0.10 - #72264 -
    opendir() does not work with ftps:// wrapper - - - 7.0.10 - #54431 -
    opendir() with ftp:// attempts to open data stream for non-existent directories - - - 7.0.10 - #72667 -
    Certification information (CERTINFO) data parsing error - - - 7.0.10 - #71929 -
    imagecreatefromstring() returns 500 Server Error but page is fully rendered - - - 7.0.10 - #70315 -
    array_walk + array_replace_recursive create references from nothing - - - 7.0.10 - #72622 -
    array_walk + array_replace_recursive create references from nothing - - - 7.0.10 - #72622 -
    base64_decode $strict fails to detect null byte - - - 7.0.10 - #72152 -
    base64_decode skips a character after padding in strict mode - - - 7.0.10 - #72263 -
    base64_decode $strict fails with whitespace between padding - - - 7.0.10 - #72264 -
    opendir() does not work with ftps:// wrapper - - - 7.0.10 - #54431 -
    readfile() mangles files larger than 2G - - - 7.0.9 - #72505 -
    Use After Free in unserialize() with Unexpected Session Deserialization - - - 7.0.9 - #72562 -
    Use After Free Vulnerability in SNMP with GC and unserialize() - - - 7.0.9 - #72479 -
    readfile() mangles files larger than 2G - - - 7.0.9 - #72505 -
    ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize - - - 7.0.8 - #72434 CVE-2016-5773
    segfault, past-the-end access - - - 7.0.8 - #72221 -
    Integer Overflow in addcslashes/addslashes - - - 7.0.8 - #72400 -
    range() with float step produces unexpected result - - - 7.0.8 - #72017 -
    Wrong reference when serialize/unserialize an object - - - 7.0.8 - #72229 -
    ignore_user_abort(false) has no effect - - - 7.0.8 - #72300 -
    xml_parser_create/xml_parser_free leaks mem - - - 7.0.8 - #72206 -
    use-after-free - error_reporting - - - 7.0.7 - #72162 -
    implode() inserts garbage into resulting string when joins very big integer - - - 7.0.7 - #72100 -
    ?? is not allowed on constant expressions - - - 7.0.7 - #72059 -
    Including a file with anonymous classes multiple times leads to fatal error - - - 7.0.7 - #72014 -
    Referencing socket resources breaks stream_select - - - 7.0.7 - #72075 -
    array_column() against an array of objects discards all values matching null - - - 7.0.7 - #72031 -
    Crash on assert(new class{}) - - - 7.0.6 - #71922 -
    Segmentation fault on ZTS with gethostbyname - - - 7.0.6 - #71609 -
    Cannot access array keys while uksort() - - - 7.0.6 - #71334 -
    Out of bounds heap read access in exif header processing - - - 7.0.6 - #72094 CVE-2016-4542,
    CVE-2016-4543,
    CVE-2016-4544
    Missing constant: IntlChar::NO_NUMERIC_VALUE - - - 7.0.6 - #70455 -
    array_fill optimization breaks implementation - - - 7.0.6 - #72116 -
    Unserialize crushes on restore object reference - - - 7.0.6 - #71940 -
    str_replace returns an incorrect resulting array after a foreach by reference - - - 7.0.6 - #71969 -
    header_register_callback() and register_shutdown_function() - - - 7.0.6 - #71891 -
    Unserialize accepts wrongly data - - - 7.0.6 - #71840 -
    substr_replace bug, string length - - - 7.0.6 - #71827 -
    php_crypt() crashes if crypt_r() does not exist or _REENTRANT is not defined - - - 7.0.6 - #67512 -
    xml_parse_into_struct segmentation fault - - - 7.0.6 - #72099 CVE-2016-4539
    Segmentation fault on ZTS with date function (setlocale) - - - 7.0.5 - #71596 -
    yield from does not count EOLs - - - 7.0.5 - #71724 -
    Support constant CURLM_ADDED_ALREADY - - - 7.0.5 - #71694 -
    Buffer over-write in finfo_open with malformed magic file - - - 7.0.5 - #71527 CVE-2015-8865
    PharData fails to open specific file - - - 7.0.5 - #71317 -
    array_column behaves incorrectly after foreach by reference - - - 7.0.5 - #71660 -
    Variable references on array elements don't work when using count - - - 7.0.4 - #71529 -
    Multiple Heap Overflow due to integer overflows in xml/filter_url/addcslashes - - - 7.0.4 - #71637 CVE-2016-4344,
    CVE-2016-4345,
    CVE-2016-4346
    Built-in HTTP server, we can download file in web by bug - - - 7.0.4 - #71559 -
    finfo throws notice for specific python file - - - 7.0.4 - #71434 -
    compact() maintains references in php7 - - - 7.0.4 - #71603 -
    strip_tags improper php code parsing - - - 7.0.4 - #70720 -
    An integer overflow bug in php_implode() could lead heap overflow, make crashes - - - 7.0.4 - #71449 -
    An integer overflow bug in php_str_to_str_ex() led arbitrary code execution. - - - 7.0.4 - #71450 -
    Copied handle with new option CURLOPT_HTTPHEADER crashes while curl_multi_exec - - - 7.0.4 - #71523 -
    exec functions ignore length but look for NULL termination - - - 7.0.3 - #71039 -
    round() segfault on 64-bit builds - - - 7.0.3 - #71201 -
    Null pointer deref (segfault) in get_defined_vars via ob_start - - - 7.0.3 - #71221 -
    var_export(INF) prints INF.0 - - - 7.0.3 - #71314 -
    Wrong is_ref on properties as exposed via get_object_vars() - - - 7.0.3 - #71336 -
    curl_setopt() fails to set CURLOPT_POSTFIELDS with reference to CURLFile - - - 7.0.3 - #71225 -
    Memory Read via gdImageRotateInterpolated Array Index Out of Bounds - - - 7.0.3 - #70976 -
    range() segfaults - - - 7.0.3 - #71197 -
    range() segfaults - - - 7.0.3 - #71132 -
    str_replace converts integers in original $search array to strings - - - 7.0.3 - #71188 -
    substr_replace converts integers in original $search array to strings - - - 7.0.3 - #71190 -
    Null pointer deref (segfault) in compact via ob_start - - - 7.0.3 - #71220 -
    file_get_contents() ignores "header" context option if it's a reference - - - 7.0.3 - #71245 -
    file_put_contents() returns unexpected value when filesystem runs full - - - 7.0.3 - #71264 -
    Autoload function registered by another not activated immediately - - - 7.0.3 - #71202 -
    Output of stream_get_meta_data can be falsified by its input - - - 7.0.3 - #71323 -
    Use-after-free vulnerability in SPL(ArrayObject, unserialize) - - - 7.0.3 - #71311 -
    Use-after-free vulnerability in SPL(SplObjectStorage, unserialize) - - - 7.0.3 - #71313 -
    Upgraded bundled PCRE library to 8.38. - - - 7.0.3 - # CVE-2015-8383,
    CVE-2015-8386,
    CVE-2015-8387,
    CVE-2015-8389,
    CVE-2015-8390,
    CVE-2015-8391,
    CVE-2015-8393,
    CVE-2015-8394
    var_export() exports float as integer - - - 7.0.2 - #66179 -
    Heap BufferOver Flow in escapeshell functions - - - 7.0.2 - #71270 CVE-2016-1904
    preg_replace with arrays creates [0] in replace array if not already set - - - 7.0.2 - #71178 -
    Array key references break argument processing - - - 7.0.1 - #70993 -
    ReflectionFunction for array_unique returns wrong number of parameters - - - 7.0.1 - #70960 -
    token_get_all has new irrecoverable errors - - - 7.0.0 - #69430 -
    Duplicate array key via undefined index error handler - - - 7.0.0 - #70662 -
    assert() with instanceof adds apostrophes around class name - - - 7.0.0 - #70528 -
    Notice: unserialize(): Unexpected end of serialized data - - - 7.0.0 - #70187 -
    __COMPILER_HALT_OFFSET__ under namespace is not defined - - - 7.0.0 - #70164 -
    Different arrays compare indentical due to integer key truncation - - - 7.0.0 - #69892 -
    unserialize() could lead to unexpected methods execution / NULL pointer deref - - - 7.0.0 - #70121 -
    uninitialised value in strtr with array - - - 7.0.0 - #69872 -
    phpinfo() reports Professional Editions of Windows 7/8/8.1/10 as "Business" - - - 7.0.0 - #69781 -
    phpinfo() does not report many Windows SKUs - - - 7.0.0 - #69835 -
    Different arrays compare indentical due to integer key truncation - - - 7.0.0 - #69892 -
    Item added to array not being removed by array_pop/shift - - - 7.0.0 - #69758 -
    Segfault when calling phpversion('spl') - - - 7.0.0 - #67959 -
    phpinfo: PHP Variables with $ and single quotes - - - 7.0.0 - #55467 -
    304 responses return Content-Type header - - - 7.0.0 - #64878 -
    HTTP Authorization Header is sometimes passed to newer reqeusts - - - 7.0.0 - #70279 -
    copy 'n paste error - - - 7.0.0 - #68714 -
    Use after free vulnerability in unserialize() with GMP - - - 7.0.0 - #70284 -
    PHP segfaults when accessing nvarchar(max) defined columns - - - 7.0.0 - #69975 -
    openssl extension does not get the DH parameters from DH key resource - - - 7.0.0 - #55259 -
    OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra cert - - - 7.0.0 - #69882 -
    pcntl_signal doesn't decrease ref-count of old handler when setting SIG_DFL - - - 7.0.0 - #60509 -
    FASYNC not defined, needs sys/file.h include - - - 7.0.0 - #70214 -
    ArrayObject unserialize does not restore protected fields - - - 7.0.0 - #70959 -
    Use After Free Vulnerability in unserialize() with SPLArrayObject - - - 7.0.0 - #70166 -
    Use After Free Vulnerability in unserialize() with SplObjectStorage - - - 7.0.0 - #70168 -
    Use After Free Vulnerability in unserialize() with SplDoublyLinkedList - - - 7.0.0 - #70169 -
    Unserialize shows UNKNOWN in result - - - 7.0.0 - #70963 -
    extract() breaks variable references - - - 7.0.0 - #70910 -
    array_merge_recursive corrupts memory of unset items - - - 7.0.0 - #70808 -
    strtr() causes invalid writes and a crashes - - - 7.0.0 - #70667 -
    array_keys() doesn't respect references when $strict is true - - - 7.0.0 - #70668 -
    pack('x') produces an error - - - 7.0.0 - #70487 -
    changing configuration with ignore_user_abort(true) isn't working - - - 7.0.0 - #70342 -
    setcookie() conditional for empty values not met - - - 7.0.0 - #67131 -
    Use-after-free vulnerability in unserialize() with SplObjectStorage - - - 7.0.0 - #70365 -
    Use-after-free vulnerability in unserialize() with SplDoublyLinkedList - - - 7.0.0 - #70366 -
    extract() turns array elements to references - - - 7.0.0 - #70250 -
    Assert breaking access on objects - - - 7.0.0 - #70208 -
    str_ireplace/php_string_tolower - Arbitrary Code Execution - - - 7.0.0 - #70140 -
    Allow "dirname" to go up various times - - - 7.0.0 - #70112 -
    scandir duplicates file name at every 65535th file - - - 7.0.0 - #36365 -
    exec does not strip all whitespace - - - 7.0.0 - #70018 -
    Passing parameters by reference and array_column - - - 7.0.0 - #69723 -
    Regression in array_filter's $flag argument in PHP 7 - - - 7.0.0 - #69299 -
    flock() out parameter not set correctly in windows - - - 7.0.0 - #65272 -
    openssl_random_pseudo_bytes() is not cryptographically secure - - - 7.0.0 - #70014 CVE-2015-8867
    Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes - - - 7.0.0 - #70385 -