5.4.38 release

smalyshev · smalyshev · commit 3310b023f088 · 2015-02-19T08:57:25.000+01:00
diff --git a/ChangeLog-5.php b/ChangeLog-5.php
@@ -8,6 +8,28 @@
 
 <h1>PHP 5 ChangeLog</h1>
 
+<section class="version" id="5.4.38"><!-- {{{ 5.4.38 -->
+<h3>Version 5.4.38</h3>
+<b>19-Feb-2015</b>
+<ul><li>Core:
+<ul>
+  <li>Removed support for multi-line headers, as they are deprecated by RFC 7230.</li>
+  <li>Added NULL byte protection to exec, system and passthru.</li>
+  <li><?php bugfix(68925); ?> (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow).</li>
+  <li><?php bugfix(67827); ?> (broken detection of system crypt sha256/sha512 support).</li>
+  <li><?php bugfix(68942); ?> (Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273)</li>
+</ul></li>
+<li>Enchant:
+<ul>
+  <li><?php bugfix(6855); ?> (heap buffer overflow in enchant_broker_request_dict()).</li>
+</ul></li>
+<li>SOAP:
+<ul>
+  <li><?php bugfix(67427); ?> (SoapServer cannot handle large messages).</li>
+</ul></li>
+</ul>
+<!-- }}} --></section>
+
 <section class="version" id="5.6.5"><!-- {{{ 5.6.5 -->
 <h3>Version 5.6.5</h3>
 <?php release_date('22-Jan-2015'); ?>
diff --git a/archive/archive.xml b/archive/archive.xml
@@ -9,6 +9,7 @@
     <uri>http://php.net/contact</uri>
     <email>php-webmaster@lists.php.net</email>
   </author>
+  <xi:include href="entries/2015-02-18-1.xml"/>
   <xi:include href="entries/2015-01-22-3.xml"/>
   <xi:include href="entries/2015-01-22-2.xml"/>
   <xi:include href="entries/2015-01-22-1.xml"/>
diff --git a/archive/entries/2015-02-18-1.xml b/archive/entries/2015-02-18-1.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="utf-8"?>
+<entry xmlns="http://www.w3.org/2005/Atom">
+  <title>PHP 5.4.38 Released</title>
+  <id>http://php.net/archive/2015.php#id2015-02-18-1</id>
+  <published>2015-02-18T23:56:18-08:00</published>
+  <updated>2015-02-18T23:56:18-08:00</updated>
+  <category term="frontpage" label="PHP.net frontpage news"/>
+  <category term="releases" label="New PHP release"/>
+  <link href="http://php.net/index.php#id2015-02-18-1" rel="alternate" type="text/html"/>
+  <link href="http://php.net/archive/2015.php#id2015-02-18-1" rel="via" type="text/html"/>
+  <content type="xhtml">
+    <div xmlns="http://www.w3.org/1999/xhtml">
+     <p>The PHP development team announces the immediate availability of PHP
+     5.4.38. Seven security-related bugs were fixed in this release, including CVE-2015-0273 and mitigation for CVE-2015-0235.
+     
+     All PHP 5.4 users are encouraged to upgrade to this version.
+     </p>
+     
+     <p>For source downloads of PHP 5.4.38 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,
+     Windows binaries can be found on <a href="http://windows.php.net/download/">windows.php.net/download/</a>.
+     The list of changes is recorded in the <a href="http://www.php.net/ChangeLog-5.php#5.4.38">ChangeLog</a>.
+     </p>
+    </div>
+  </content>
+</entry>
diff --git a/bin/news2html b/bin/news2html
@@ -23,7 +23,7 @@ while(($ln = fgets($fp)) !== false) {
 		continue;
 	}
 	if($inside) {
-		if(preg_match('/, PHP \d+.\d+.\d+/', $ln)) {
+		if(preg_match('/,? PHP \d+.\d+.\d+/', $ln)) {
 			// next entry - we're done
 			break;
 		}
@@ -54,7 +54,7 @@ foreach($entries as $module => $items) {
 	echo "<li>$module:\n<ul>\n";
 	foreach($items as $item) {
 		// strip author
-		$item = preg_replace('/\.\s+\(.+?\)$/', '.', $item);
+		$item = preg_replace('/\.\s+\(.+?\)\s*$/', '.', $item);
 		// encode HTML
 		$item = htmlspecialchars($item, ENT_NOQUOTES);
 		// convert bug numbers
diff --git a/include/releases.inc b/include/releases.inc
@@ -853,6 +853,37 @@ $OLDRELEASES = array (
       'date' => '20 Jun 2013',
       'museum' => true,
     ),
+    '5.4.37' => 
+    array (
+      'announcement' => 
+      array (
+        'English' => '/releases/5_4_37.php',
+      ),
+      'source' => 
+      array (
+        0 => 
+        array (
+          'filename' => 'php-5.4.37.tar.bz2',
+          'name' => 'PHP 5.4.37 (tar.bz2)',
+          'md5' => '1962086593e8e39342674be0483db439',
+          'date' => '22 Jan 2015',
+        ),
+        1 => 
+        array (
+          'filename' => 'php-5.4.37.tar.gz',
+          'name' => 'PHP 5.4.37 (tar.gz)',
+          'md5' => '42494eea588dea228719757deca03d30',
+          'date' => '22 Jan 2015',
+        ),
+        2 => 
+        array (
+          'link' => 'http://windows.php.net/download/#php-5.4',
+          'name' => 'Windows 5.4.37 binaries and source',
+        ),
+      ),
+      'date' => '22 Jan 2015',
+      'museum' => false,
+    ),
     '5.4.36' => 
     array (
       'announcement' => 
diff --git a/include/version.inc b/include/version.inc
@@ -41,11 +41,11 @@ $PHP_5_5_MD5     = array(
 $PHP_5_4_RC = false; // Current RC version (e.g., '5.6.7RC1') or false
 $PHP_5_4_RC_DATE = '4 Sep 2014';
 
-$PHP_5_4_VERSION         = "5.4.37";
-$PHP_5_4_DATE            = "22 Jan 2015";
+$PHP_5_4_VERSION         = "5.4.38";
+$PHP_5_4_DATE            = "19 Feb 2015";
 $PHP_5_4_MD5     = array(
-                       "tar.bz2"       => "1962086593e8e39342674be0483db439",
-                       "tar.gz"        => "42494eea588dea228719757deca03d30",
+                       "tar.bz2"       => "2bf5007ba4bd012f9895c1b441dd4f50",
+                       "tar.gz"        => "53ecd57da7b2243f8461e4fb8ce689a6",
 );
 
 $RELEASES = array(
diff --git a/releases/5_4_37.php b/releases/5_4_37.php
@@ -2,7 +2,7 @@
 // $Id$
 $_SERVER['BASE_PAGE'] = 'releases/5_4_37.php';
 include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
-site_header("PHP 5.4.36 Release Announcement");
+site_header("PHP 5.4.37 Release Announcement");
 ?>
 
 <h1>PHP 5.4.37 Release Announcement</h1>
diff --git a/releases/5_4_38.php b/releases/5_4_38.php
@@ -0,0 +1,21 @@
+<?php
+// $Id$
+$_SERVER['BASE_PAGE'] = 'releases/5_4_38.php';
+include_once $_SERVER['DOCUMENT_ROOT'] . '/include/prepend.inc';
+site_header("PHP 5.4.38 Release Announcement");
+?>
+
+<h1>PHP 5.4.38 Release Announcement</h1>
+
+<p>The PHP development team announces the immediate availability of PHP
+5.4.38. Seven security-related bugs were fixed in this release, including CVE-2015-0273 and mitigation for CVE-2015-0235.
+
+All PHP 5.4 users are encouraged to upgrade to this version.
+</p>
+
+<p>For source downloads of PHP 5.4.38 please visit our <a href="http://www.php.net/downloads.php">downloads page</a>,
+Windows binaries can be found on <a href="http://windows.php.net/download/">windows.php.net/download/</a>.
+The list of changes is recorded in the <a href="http://www.php.net/ChangeLog-5.php#5.4.38">ChangeLog</a>.
+</p>
+
+<?php site_footer(); ?>
