5.3.142012-06-14stablePHP 5.3.14 fixes an security issue in the implementation of crypt() and a heap overflow in the Phar extension. Over 30 bugs were fixed
Please note that php://fd is now only available if the CLI SAPI is used(functions related to current script failed when chdir() in cli sapi)61546Fixed CVE-2012-2143CVE-2012-2143(unexpected behavior when incrementally assigning to a member of a null object)62005(Segfault from array_walk modifying an array passed by reference)61730Fixed missing bound check in iptcparse()('I' unpacks n as signed if n > 2^31-1 on LP64)61764([PATH=] sections incompatibility with user_ini.filename set to null)54197(Logic error in charset detection for htmlentities)61713(long overflow in realpath_cache_get())61991Changed php://fd to be available only for CLI.(CURLOPT_COOKIEFILE '' raises open_basedir restriction)61948com_dotnet cannot be built shared62146(Uninitialised value used in libmagic)61812Fixed a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv library. See [https://bugs.gentoo.org/show_bug.cgi?id=364139](https://bugs.gentoo.org/show_bug.cgi?id=364139) for detail(Memory corruption in internal function get_icu_disp_value_src_php()62082(json_encode() incorrectly truncates/discards information)61537(A parsing bug in the prepared statements can lead to access violations). (CVE-2012-3450)61755CVE-2012-3450(Secunia SA44335) (CVE-2012-2386)61065CVE-2012-2386(file_get_contents leaks when access empty file with maxlen set)61961