The data for messages of type SOL_SOCKET/SCM_RIGHTS was not being
passed correctly. There were actually two bugs: (1) the number of file
descriptors being passed was being read incorrectly (the length of the
cmsg array was being read instead of that of its 'data' element), as a
result it was generally being reported as always three elements
('level', 'type' and 'data') and (2) the allocated block for writing
the file descriptors was being acessed incorrectly because a 1-based
counter was being used as if it was 0-based.
Any of these two bugs would probably be enough to cause heap
corruption.
* PHP-5.4:
fix invalid variable name at ext/spl/internal/multipleiterator.inc (key() method, too)
fix invalid variable name at ext/spl/internal/multipleiterator.inc
* PHP-5.4:
Add built-in web server to invocation list
Terminology: change embedded web server to built-in web server to align with cli usage
Align -B and -E parameter names with cli usage (begin_code and end_code)
Fix Bug #65219 DBSETLDBNAME should be called before login to set DBNAME in login record
* 'PHP-5.3' of https://git.php.net/push/php-src: (23 commits)
Merge PHP 5.3.27 NEWS
add test for bug #65236
truncate results at depth of 255 to prevent corruption
fix assembly of safe_address() for x86 and x86_64
Add bison 2.6.4 to the list of supported versions
Update git rules (5.5 is stable, 5.3 sec only)
This will be PHP 5.3.28
Fixed bug #63186 (compile failure on netbsd)
ensure the error_reporting level to get expected notice
fixed tests
missing tests for bug #53437
missing colon
Backported the fix for bug #53437
Fixed test script
Fixed bug #64997 (Segfault while using RecursiveIteratorIterator on 64-bits systems)
Fixed bug #64966 (segfault in zend_do_fcall_common_helper_SPEC)
Fixed bug #64934 Apache2 TS crash with get_browser()
Add NEWS for PHP 5.3.26
Fixed bug #64960 (Segfault in gc_zval_possible_root)
fix CVE-2013-2110 - use correct formula to calculate string size
...