PHP 5.5.36 和 5.6.22 发布了。

PHP 5.5.36 更新内容：

• Core:

  • Fixed bug #72114 (Integer underflow / arbitrary null write in fread/gzread). (CVE-2016-5096)

  • Fixed bug #72135 (Integer Overflow in php_html_entities). (CVE-2016-5094)

• GD:

  • Fixed bug #72227 (imagescale out-of-bounds read). (CVE-2013-7456)

• Intl:

  • Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (CVE-2016-5093)

• Phar:

  • Fixed bug #71331 (Uninitialized pointer in phar_make_dirstream()). (CVE-2016-4343)

详情页面：ChangeLog

Windows source 和 binaries ： windows.php.net/download/

下载地址： downloads page

PHP 5.6.22 更新内容：

• Core:

  • Fixed bug #72172 (zend_hex_strtod should not use strlen).

  • Fixed bug #72114 (Integer underflow / arbitrary null write in fread/gzread). (CVE-2016-5096)

  • Fixed bug #72135 (Integer Overflow in php_html_entities). (CVE-2016-5094)

• GD:

  • Fixed bug #72227 (imagescale out-of-bounds read). (CVE-2013-7456)

• Intl:

  • Fixed bug #64524 (Add intl.use_exceptions to php.ini-*).

  • Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (CVE-2016-5093)

• Postgres:

  • Fixed bug #72151 (mysqli_fetch_object changed behaviour).

详情页面：ChangeLog

Windows source 和 binaries ： windows.php.net/download/

下载地址： downloads page