Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:47054
Return-Path: <ilia@ilia.ws>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 22778 invoked from network); 26 Feb 2010 00:49:03 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 26 Feb 2010 00:49:03 -0000
Authentication-Results: pb1.pair.com header.from=ilia@ilia.ws; sender-id=pass
Authentication-Results: pb1.pair.com smtp.mail=ilia@ilia.ws; spf=pass; sender-id=pass
Received-SPF: pass (pb1.pair.com: domain ilia.ws designates 74.125.92.27 as permitted sender)
X-PHP-List-Original-Sender: ilia@ilia.ws
X-Host-Fingerprint: 74.125.92.27 qw-out-2122.google.com  
Received: from [74.125.92.27] ([74.125.92.27:42235] helo=qw-out-2122.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id C4/E5-14445-E7A178B4 for <internals@lists.php.net>; Thu, 25 Feb 2010 19:49:02 -0500
Received: by qw-out-2122.google.com with SMTP id 5so144870qwi.59
        for <internals@lists.php.net>; Thu, 25 Feb 2010 16:48:59 -0800 (PST)
Received: by 10.224.52.132 with SMTP id i4mr130488qag.37.1267145339741;
        Thu, 25 Feb 2010 16:48:59 -0800 (PST)
Received: from ilappy.local (CPE00222d55d0f0-CM00222d55d0ed.cpe.net.cable.rogers.com [99.238.113.155])
        by mx.google.com with ESMTPS id 21sm1452278qyk.9.2010.02.25.16.48.59
        (version=SSLv3 cipher=RC4-MD5);
        Thu, 25 Feb 2010 16:48:59 -0800 (PST)
Message-ID: <4B871A7A.8060807@prohost.org>
Date: Thu, 25 Feb 2010 19:48:58 -0500
User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.5) Gecko/20091223 Lightning/1.0b2pre Thunderbird/3.0
MIME-Version: 1.0
To: internals <internals@lists.php.net>
X-Enigmail-Version: 1.0.1
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Subject: PHP 5.2.13 Released!
From: ilia@ilia.ws (Ilia Alshanetsky)

The PHP development team would like to announce the immediate
availability of PHP 5.2.13. This release focuses on improving the
stability of the PHP 5.2.x branch with over 40 bug fixes, some of which
are security related.  All users of PHP 5.2 are encouraged to upgrade to
this release.

Security Enhancements and Fixes in PHP 5.2.13:

- Improved LCG entropy. (Rasmus, Samy Kamkar)
- Fixed safe_mode validation inside tempnam() when the directory path
does not end with a /). (Martin Jansen)
- Fixed a possible open_basedir/safe_mode bypass in the session
extension identified by Grzegorz Stachowiak. (Ilia)

Key enhancements in PHP 5.2.13 include:

- Fixed bug #50940 Custom content-length set incorrectly in Apache
sapis.  (Brian France, Rasmus)
- Fixed bug #50847 (strip_tags() removes all tags greater then 1023
bytes long). (Ilia)
- Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
- Fixed bug #50632 (filter_input() does not return default value if the
variable does not exist). (Ilia)
- Fixed bug #50540 (Crash while running ldap_next_reference test cases).
(Sriram)
- Fixed bug #49851 (http wrapper breaks on 1024 char long headers). (Ilia)
- Over 30 other bug fixes.


Ilia Alshanetsky
5.2 Release Master