onPHP5.com

PHP5: Articles, News, Tutorials, Interviews, Software and more
  
Featured Article:
Learning PHP Data Objects
 
 
Fri, 20 Oct 2017
 Home   About   Contribute   Contact Us   Polls 
Top Tags
ajax article codeigniter conference dom namespace news onphp5 oop php5 poll prado security solar sqlite symfony unicode zend core zend framework zend platform
More tags »

Not logged in
Login | Register

den_hotmail@fbzz

PHP Version 5.2.2 Released

« Zend Framework 0.9.3 Beta Released Symfony 1.0.2 Released »

By dennisp on Thursday, 03 May 2007, 15:41
Published under: news   php5
Views: 5237, comments: 0

PHP version 5.2.2 has been released. This release continues to improve the security and the stability of the 5.X branch and all users are strongly encouraged to upgrade.


Quoting the announcement:
  • Fixed CVE-2007-1001, GD wbmp used with invalid image size
  • Fixed a header injection via Subject and To parameters to the mail() function
  • Fixed asciiz byte truncation inside mail()
  • Fixed wrong length calculation in unserialize S type
  • Fixed a bug in mb_parse_str() that can be used to activate register_globals
  • Fixed unallocated memory access/double free in in array_user_key_compare()
  • Fixed a double free inside session_regenerate_id()
  • Added missing open_basedir & safe_mode checks to zip:// and bzip:// wrappers
  • Fixed substr_compare and substr_count information leak
  • Limit nesting level of input variables with max_input_nesting_level
  • Fixed CRLF injection inside ftp_putcmd()
  • Fixed a possible super-global overwrite inside import_request_variables()
  • Fixed a remotely trigger-able buffer overflow inside make_http_soap_request()
  • Fixed a buffer overflow inside user_filter_factory_create()
  • Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc library

In addition to that, memory manager has improved performance, as well as GD, SQLite and PCRE libraries are upgraded.

This release fixes over 120 bugs.

Related articles

PHP Version 5.2.3 Released
PHP Version 5.2.4 (RC1) Released for Testing
PHP Version 5.2.2 (RC1) Released for Testing
PHP Version 5.2.1 Released
PHP Version 5.2.4 Released
Zend Framework 1.0.0 Production Released
Exceptions in __autoload()
Prado 3.1.0 Released
Symfony 1.0.5 Released
Zend Framework 1.0.0 RC3 Released
Zend Framework 1.0.0 RC2 Released
Symfony 1.0.4 Released
CodeIgniter 1.5.4 Released
Zend Framework 1.0.1 Released
Most Important Feature of PHP 5?
PHP5 More Secure than PHP4
SimpleXML, DOM and Encodings
2008 PHP Quebec Conference Call for Papers
Learning PHP Data Objects
Advocating Namespaces
Symfony 1.0.6 Released
i18n with PHP5: Pitfalls
Symfony 1.0.3 Released
Zend Platform 3.0 Released
Symfony 1.0 Released
Zend Framework 0.8.0 Released
Solar 0.27.0 and 0.27.1 Released
Solar 0.26.0 Released
PHP Conference UK 2007 Registration Open
Zend Platform 3.0 Beta for Windows Released
Symfony 1.0 Beta 4 Released
International PHP Conference Call for Papers Announced
Zend Core 2.0 Released
Zend Framework 0.9.0 Beta Released
Zend Core 2.0.1 for Oracle and IBM Released
Prado 3.1.0 RC Released
Prado 3.1.0 Alpha Released
Zend Framework 0.9.3 Beta Released
Symfony 1.0.2 Released
Zend Framework 0.9.1 Beta Released
Prado 3.0.7 Released
Prado 3.1.0 Beta Released
Zend Framework 1.0.0 RC1 Released


© 2017 onPHP5.com