The PHP Development Team would like to announce the immediate release of
PHP 4.3.11 and 5.0.4. These are maintenance releases that in addition
to fixing over 70 non-critical bugs, address several security issues.
The addressed security issues include fixes to the exif and fbsql
extensions, as well as fixes to unserialize(), swf_definepoly() and
getimagesize().
All users of PHP are strongly encouraged to upgrade to this release.
Aside from the above mentioned issues this release includes the
following important fixes:
- Crash in bzopen() if supplied path to non-existent file.
- DOM crashing when attribute appended to Document.
-
unserialize()float problem on non-English locales. - Crash in
msg_send()when non-string is stored without being serialized. - Possible infinite loop in imap_mail_compose().
- Fixed crash in
chunk_split(), when chunklen > strlen. - session_set_save_handler crashes PHP when supplied non-existent object
reference. - Memory leak in zend_language_scanner.c.
- Compile failures of zend_strtod.c.
- Fixed crash in overloaded objects & overload() function.
- cURL functions bypass open_basedir.
The PHP Development Team would like to thank all the people who have
identified the security faults in PHP and helped us address them.
On Thu, Mar 31, 2005 at 04:50:22PM -0500,
Ilia Alshanetsky ilia@prohost.org is thought to have said:
The PHP Development Team would like to announce the immediate release of
PHP 4.3.11 and 5.0.4. These are maintenance releases that in addition
to fixing over 70 non-critical bugs, address several security issues.
The addressed security issues include fixes to the exif and fbsql
extensions, as well as fixes tounserialize(), swf_definepoly() and
getimagesize().
Perhaps in the future issues involving security fixes could include a bit
more detail so those of us running critical production environments can make
a determination of scope of the problem? Things like 'you must have this
extension enabled to be vulnerable' and 'vulnerability results in a denial
of service (or remote command execution, or local privilege escalation, etc)'
would be very useful for sysadmins.
--
Tabor J. Wells twells@fsckit.net
Fsck It! Just another victim of the ambient morality
In article 424C709E.6000408@prohost.org, ilia@prohost.org says...
The PHP Development Team would like to announce the immediate release of
PHP 4.3.11 and 5.0.4. These are maintenance releases that in addition
to fixing over 70 non-critical bugs, address several security issues.
The addressed security issues include fixes to the exif and fbsql
extensions, as well as fixes tounserialize(), swf_definepoly() and
getimagesize().All users of PHP are strongly encouraged to upgrade to this release.
Aside from the above mentioned issues this release includes the
following important fixes:
- Crash in bzopen() if supplied path to non-existent file.
- DOM crashing when attribute appended to Document.
unserialize()float problem on non-English locales.- Crash in
msg_send()when non-string is stored without being serialized.- Possible infinite loop in imap_mail_compose().
- Fixed crash in
chunk_split(), when chunklen > strlen.- session_set_save_handler crashes PHP when supplied non-existent object
reference.- Memory leak in zend_language_scanner.c.
- Compile failures of zend_strtod.c.
- Fixed crash in overloaded objects & overload() function.
- cURL functions bypass open_basedir.
The PHP Development Team would like to thank all the people who have
identified the security faults in PHP and helped us address them.
Hm, I thought this release was going to include bug #30819, after the
discussion about that bug that was held on here... Is the fix for PHP's
broken LDAP SASL behavior waiting on 5.1 instead?
--Quanah