Friday, December 5, 2008

PHP 5.2.7 Released

Security Enhancements and Fixes in PHP 5.2.7:
  • Upgraded PCRE to version 7.8 (Fixes CVE-2008-2371)
  • Fixed missing initialization of BG(page_uid) and BG(page_gid), reported by Maksymilian Arciemowicz.
  • Fixed a crash inside gd with invalid fonts (Fixes CVE-2008-3658).
  • Fixed a possible overflow inside memnstr (Fixes CVE-2008-3659).
  • Fixed incorrect php_value order for Apache configuration, reported by Maksymilian Arciemowicz.
  • Fixed safe_mode related security issues detailed in CVE-2008-2665 and CVE-2008-2666.
  • Crash with URI/file..php (filename contains 2 dots) (Fixes CVE-2008-3660)
  • IMAP toolkit crash: rfc822.c legacy routine buffer overflow. (Fixes CVE-2008-2829)
Some of the key enhancements in PHP 5.2.7 include:
  • Fixed several memory leaks inside the readline and sqlite extensions
  • A number of corrections relating to date parsing inside the date extension
  • Fixed bugs relating to data retrieval in the PDO extension
  • A series of crashes in various areas of code were resolved
  • Several corrections were made to the strip_tags() function interms of <>
  • A number of bugs were fixed in extract() function when
  • EXTR_REFS flag is being used
  • Added the ability to log PHP errors to the SAPI (Ex. Apachelog) logging facility
  • Over 170 bug fixes.
For users upgrading from PHP 5.0 and PHP 5.1, an upgrade guide is available here http://www.php.net/migration52), detailing the changes between those releases and PHP 5.2.7. For a full list of changes in PHP 5.2.7, see the ChangeLog (http://www.php.net/ChangeLog-5.php#5.2.7).

PHP Web Development - PHP mysql web development services, php solutions, custom development of Internet applications using PHP for high performance and enterprise ready web application.
Posted by Indrajit at 12:44 AM 0 comments
Labels: , , ,
Subscribe to: Posts (Atom)