December 2021Updated PHP from 7.4.22 to 7.4.26Core Fixed bug #81518 (Header injection via default_mimetype / default_charset).Date Fixed bug #81500 (Interval serialization regression since 7.3.14 / 7.4.2)MBString Fixed bug #76167 (mbstring may use pointer from some previous request)MySQLi Fixed bug #81494 (Stopped unbuffered query does not throw error)PCRE Fixed bug #81424 (PCRE2 10.35 JIT performance regression)Streams Fixed bug #54340 (Memory corruption with user_filter)XML Fixed bug #79971 (special character is breaking the path in xml function). (CVE-2021-21707)Updated PHP from 7.3.29 to 7.3.33XML Fix #79971: special character is breaking the path in xml function. (CVE-2021-21707)Updated PHP from 7.2.34.4 to 7.2.34.8XML Fix #79971: special character is breaking the path in xml function.Updated PHP from 7.1.33.8 to 7.1.33.12XML Fix #79971: special character is breaking the path in xml function.
