PHP 5.5.35 发布了，这是一个安全补丁版本，修复了很多安全相关的问题，所有 PHP 5.5 的用户建议尽快升级。

源码下载请访问 downloads page，Windows 二进制版本下载 windows.php.net/download/。

完整的改进记录请看 ChangeLog。

• Core:

  • Fixed bug #69537 (__debugInfo with empty string for key gives error).

  • Fixed bug #71841 (EG(error_zval) is not handled well).

• BCmath:

  • Fixed bug #72093 (bcpowmod accepts negative scale and corrupts _one_ definition).

• Curl:

  • Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string).

• Date:

  • Fixed bug #71889 (DateInterval::format Segmentation fault).

• EXIF:

  • Fixed bug #72094 (Out of bounds heap read access in exif header processing).

• GD:

  • Fixed bug #71952 (Corruption inside imageaffinematrixget).

  • Fixed bug #71912 (libgd: signedness vulnerability).

• Intl:

  • Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative offset).

• OCI8:

  • Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column).

• ODBC:

  • Fixed bug #63171 (Script hangs after max_execution_time).

• Opcache:

  • Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER).

• PDO:

  • Fixed bug #52098 (Own PDOStatement implementation ignore __call()).

  • Fixed bug #71447 (Quotes inside comments not properly handled).

• Postgres:

  • Fixed bug #71820 (pg_fetch_object binds parameters before call constructor).

• SPL:

  • Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails offsetExists()).

• Standard:

  • Fixed bug #71840 (Unserialize accepts wrongly data).

  • Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or _REENTRANT is not defined).

• XML:

  • Fixed bug #72099 (xml_parse_into_struct segmentation fault).