Google
 
   
Login
Username:

Password:


Lost Password?

Register now!
Search

Advanced Search
Main Menu
top books
Polls
What do you think about php-deluxe.net?
Excellent!
Cool
Hmm..not bad
What the hell is this?
encyclopedia
Gordon Plotkin
S3 Graphics
Square root of 2
GuideML
Architecture of Btrieve
Store and forward
CheeseTracker
recommendation
compare webbrowser
Freenet DSL
Who's Online
5 user(s) are online (1 user(s) are browsing news)

Members: 0
Guests: 5

more...
browser tip
Unix Befehle
manual of unix befehle
recommendation!
Sponsored
partner
Root Server Vergleich
Root Server Vergleich Linux Server
PHP.NET : PHP 5.2.1 Released
Posted by admin on 2007/2/10 15:12:53 (362 reads) News by the same author

The PHP development team would like to announce the immediate availability of PHP 5.2.1. This release is a major stability and security enhancement of the 5.X branch, and all users are strongly encouraged to upgrade to it as soon as possible. Further details about this release can be found in the release announcement 5.2.1, the full list of changes is available in the ChangeLog PHP 5. Security Enhancements and Fixes in PHP 5.2.1: Fixed possible safe_mode & open_basedir bypasses inside the session extension. Prevent search engines from indexing the phpinfo() page. Fixed a number of input processing bugs inside the filter extension. Fixed unserialize() abuse on 64 bit systems with certain input strings. Fixed possible overflows and stack corruptions in the session extension. Fixed an underflow inside the internal sapi_header_op() function. Fixed allocation bugs caused by attempts to allocate negative values in some code paths. Fixed possible stack overflows inside zip, imap & sqlite extensions. Fixed several possible buffer overflows inside the stream filters. Fixed non-validated resource destruction inside the shmop extension. Fixed a possible overflow in the str_replace() function. Fixed possible clobbering of super-globals in several code paths. Fixed a possible information disclosure inside the wddx extension. Fixed a possible string format vulnerability in *print() functions on 64 bit systems. Fixed a possible buffer overflow inside mail() and ibase_{delete,add,modify}_user() functions. Fixed a string format vulnerability inside the odbc_result_all() function. Memory limit is now enabled by default. Added internal heap protection. Extended filter extension support for $_SERVER in CGI and apache2 SAPIs. The majority of the security vulnerabilities discovered and resolved can in most cases be only abused by local users and cannot be triggered remotely. However, some of the above issues can be triggered remotely in certain situations, or exploited by malicious local users on shared hosting setups utilizing PHP as an Apache module. Therefore, we strongly advise all users of PHP, regardless of the version to upgrade to 5.2.1 release as soon as possible. PHP 4.4.5 with equivalent security corrections will be available shortly. For users upgrading from PHP 5.0 and PHP 5.1, an upgrade guide is available here, detailing the changes between those releases and PHP 5.2.1.

PHP.NET


Other articles
2008/5/2 20:38:10 - PHP 5.2.6 Released
2008/4/23 0:35:05 - Google Summer of Code: php.net students
2008/3/31 20:43:57 - TestFest 2008
2008/1/4 9:52:34 - PHP 4.4.8 Released
2007/11/10 16:48:41 - PHP 5.2.5 Released