Newsgroups: php.general,php.internals
Path: news.php.net
Xref: news.php.net php.general:240813 php.internals:25388
Return-Path: <derick@php.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 96520 invoked by uid 1010); 17 Aug 2006 17:22:03 -0000
Delivered-To: ezmlm-scan-internals@lists.php.net
Delivered-To: ezmlm-internals@lists.php.net
Received: (qmail 96482 invoked from network); 17 Aug 2006 17:22:02 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 17 Aug 2006 17:22:02 -0000
Authentication-Results: pb1.pair.com header.from=derick@php.net; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=derick@php.net; spf=permerror; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain php.net from 82.94.239.5 cause and error)
X-PHP-List-Original-Sender: derick@php.net
X-Host-Fingerprint: 82.94.239.5 jdi.jdi-ict.nl Linux 2.5 (sometimes 2.4) (4)
Received: from [82.94.239.5] ([82.94.239.5:33193] helo=jdi.jdi-ict.nl)
	by pb1.pair.com (ecelerity 2.1.1.8 r(12549M)) with ESMTP
	id FD/11-21142-7B5A4E44 for <php-announce@lists.php.net>; Thu, 17 Aug 2006 13:22:01 -0400
Received: from localhost (localhost [127.0.0.1])
	by jdi.jdi-ict.nl (8.13.7/8.12.11) with ESMTP id k7HHLutf012997;
	Thu, 17 Aug 2006 19:21:56 +0200
Date: Thu, 17 Aug 2006 19:21:15 +0200 (CEST)
X-X-Sender: derick@localhost
To: php-announce@lists.php.net, php-general@lists.php.net,
        PHP Developers Mailing List <internals@lists.php.net>
Message-ID: <Pine.LNX.4.62.0608171921100.3543@localhost>
X-Face: "L'&?Ah3MYF@FB4hU'XhNhLB]222(Lbr2Y@F:GE[OO;"F5p>qtFBl|yVVA&D{A(g3[C}mG:199P+5C'v.M/u@Z\![0b:Mv.[l6[uWl'
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Subject: PHP 4.4.4 and 5.1.5 Released!
From: derick@php.net (Derick Rethans)

Hello,

PHP development team would like to announce the immediate availability 
of PHP 5.1.5 and PHP 4.4.4.  The two releases address a series of 
security problems discovered since PHP 5.1.4 and 4.4.3, respectively. 
These include the following:

- Added missing safe_mode/open_basedir checks inside the error_log(), 
  file_exists(), imap_open() and imap_reopen() functions.
- Fixed overflows inside str_repeat() and wordwrap() functions on 64bit 
  systems.
- Fixed possible open_basedir/safe_mode bypass in cURL extension and on 
  PHP 5.1.5 with realpath cache.
- Fixed overflow in GD extension on invalid GIF images.
- Fixed a buffer overflow inside sscanf() function.
- Fixed an out of bounds read inside stripos()  function.
- Fixed memory_limit restriction on 64 bit system.

In addition to the security fixes, both releases include a small number 
of non-security related bug fixes.

The outlined issues can only be exploited locally, however, we still 
recommend that all users upgrade to either one of the new releases as 
soon as possible.


Ilia Alshanetsky and Derick Rethans