The PHP development team reports:
- Added missing safe_mode/open_basedir checks inside the
error_log(), file_exists(), imap_open() and imap_reopen()
functions.
- Fixed overflows inside str_repeat() and wordwrap()
functions on 64bit systems.
- Fixed possible open_basedir/safe_mode bypass in cURL
extension and with realpath cache.
- Fixed overflow in GD extension on invalid GIF
images.
- Fixed a buffer overflow inside sscanf() function.
- Fixed an out of bounds read inside stripos()
function.
- Fixed memory_limit restriction on 64 bit system.