5.6.62015-02-19stableRemoved support for multi-line headers, as they are deprecated by RFC 7230.(getClosure returns somethings that's not a closure).67068(Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273)68942CVE-2015-0273(Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow).68925CVE-2015-0235(htmlspecialchars() does not respect default_charset specified by ini_set).67988Added NULL byte protection to exec, system and passthru.(useless comparisons).68711(heap buffer overflow in enchant_broker_request_dict()). (CVE-2014-9705)68552CVE-2014-9705(Double free with disabled ZMM).68827(Bundled libmagic 5.17 does not detect quicktime files correctly).67647(finfo_buffer doesn't extract the correct mime with some gifs).68731(Wrong response to FCGI_GET_VALUES).66479(core dump when webserver close the socket).68571(json_encode() does not always encode a float as a float) by adding JSON_PRESERVE_ZERO_FRACTION.50224(libxml_disable_entity_loader setting is shared between threads). (CVE-2015-8866)64938CVE-2015-8866(linker error on some OS X machines with fixed width decimal support).68114(Reading 4 byte floats with Mysqli and libmysqlclient has rounding errors).68657Fixed bug with try blocks being removed when extended_info opcode generation is turned on.(PDOMysql with mysqlnd does not allow the usage of named pipes).68750(use after free). (CVE-2015-2301)68901CVE-2015-2301(pg_copy_from() modifies input array variable).65199(mod_files.sh is a bash-script).68941(no EINTR check on flock).66623(Empty session IDs do still start sessions).68063(SQLite3Result::fetchArray declares wrong required_num_args).68260(flock() out parameter not set correctly in windows).65272(Request may get env. variables from previous requests if PHP works as FastCGI).69033Fixed bug which caused call after final close on streams filter.