Newsgroups: php.general,php.internals
Path: news.php.net
Xref: news.php.net php.general:302542 php.internals:47086
Return-Path: <johannes@php.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 78040 invoked from network); 4 Mar 2010 19:18:31 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 4 Mar 2010 19:18:31 -0000
Authentication-Results: pb1.pair.com smtp.mail=johannes@php.net; spf=unknown; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=johannes@php.net; sender-id=unknown
Received-SPF: unknown (pb1.pair.com: domain php.net does not designate 83.243.58.134 as permitted sender)
X-PHP-List-Original-Sender: johannes@php.net
X-Host-Fingerprint: 83.243.58.134 mailout2.netbeat.de Linux 2.6
Received: from [83.243.58.134] ([83.243.58.134:33041] helo=mailout2.netbeat.de)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 88/B0-07692-587009B4 for <internals@lists.php.net>; Thu, 04 Mar 2010 14:18:30 -0500
Received: (qmail 28244 invoked by uid 89); 4 Mar 2010 19:34:09 -0000
Received: from unknown (HELO ?192.168.1.28?) (postmaster%schlueters.de@88.217.56.112)
  by mailout2.netbeat.de with ESMTPA; 4 Mar 2010 19:34:09 -0000
X-Originator: 9e51b244e0a38413ab6a9876e36ba9df
To: php-announce@lists.php.net, php-general@lists.php.net,  internals@lists.php.net
Content-Type: text/plain; charset="UTF-8"
Organization: php.net
Date: Thu, 04 Mar 2010 20:18:15 +0100
Message-ID: <1267730295.2032.60.camel@guybrush>
Mime-Version: 1.0
Content-Transfer-Encoding: 7bit
Subject: PHP 5.3.2 released!
From: johannes@php.net (Johannes =?ISO-8859-1?Q?Schl=FCter?=)

Hello!

The PHP development team would like to announce the immediate
availability of PHP 5.3.2. This release focuses on improving the
stability of the PHP 5.3.x branch with over 70 bug fixes, some of which
are security related.  All users of PHP are encouraged to upgrade to
this release.

Security Enhancements and Fixes in PHP 5.3.2:
  * Improved LCG entropy. (Rasmus, Samy Kamkar)
      * Fixed safe_mode validation inside tempnam() when the directory
        path does not end with a /). (Martin Jansen)
      * Fixed a possible open_basedir/safe_mode bypass in the session
        extension identified by Grzegorz Stachowiak. (Ilia)

Key enhancements in PHP 5.3.2 include:
  * Improved LCG entropy. (Rasmus, Samy Kamkar)
  * Added support for SHA-256 and SHA-512 to php's crypt. (Pierre)
  * Added protection for $_SESSION from interrupt corruption and
    improved "session.save_path" check. (Stas)
  * Fixed bug #51059 (crypt crashes when invalid salt are given). 
    (Pierre)
  * Fixed bug #50940 Custom content-length set incorrectly in Apache
    sapis. (Brian France, Rasmus)
  * Fixed bug #50847 (strip_tags() removes all tags greater then 1023
    bytes long). (Ilia)
  * Fixed bug #50723 (Bug in garbage collector causes crash). (Dmitry)
  * Fixed bug #50661 (DOMDocument::loadXML does not allow UTF-16). (Rob)
  * Fixed bug #50632 (filter_input() does not return default value if
    the variable does not exist). (Ilia)
  * Fixed bug #50540 (Crash while running ldap_next_reference test
    cases). (Sriram)
  * Fixed bug #49851 (http wrapper breaks on 1024 char long headers).
    (Ilia)
  Over 60 other bug fixes.

Full release announcement:
     http://www.php.net/archive/2010.php#id2010-03-04-1
Downloads:
     Source:  http://php.net/downloads.php
     Windows: http://windows.php.net/download/
ChangeLog:
     http://www.php.net/ChangeLog-5.php#5.3.2