Top Tags
article
codeigniter
conference
mysql
namespaces
news
onphp5
oop
php5
poll
prado
security
simplexml
solar
symfony
unicode
zend
zend core
zend framework
zend platform
More tags »
Not logged in
Login |
Register
|
PHP Version 5.2.3 Released
By dennisp
on Friday, 01 June 2007, 05:51
Published under:
news
php5
Views: 1465, comments: 0
 PHP version 5.2.3 has been released. This release continues to improve the security and the stability of the 5.X branch and all users are strongly encouraged to upgrade.
Quoting the announcement:
The PHP development team would like to announce the immediate availability of PHP 5.2.3. This release continues to improve the security and the stability of the 5.X branch as well as addressing two regressions introduced by the previous 5.2 releases. These regressions relate to the timeout handling over non-blocking SSL connections and the lack of HTTP_RAW_POST_DATA in certain conditions. All users are encouraged to upgrade to this release
Security Enhancements and Fixes in PHP 5.2.3:
* Fixed an integer overflow inside chunk_split() (by Gerhard Wagner, CVE-2007-2872)
* Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche, CVE-2007-2756)
* Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser, CVE-2007-1900)
* Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()) (by bugs dot php dot net at chsc dot dk)
* Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
* Added mysql_set_charset() to allow runtime altering of connection encoding.
The key improvements of PHP 5.2.3 include:
* Improved compilation of heredocs and interpolated strings.
* Optimized out a couple of per-request syscalls.
* Optimized digest generation in md5() and sha1() functions.
* Fixed bug #41236 (Regression in timeout handling of non-blocking SSL connections during reads and writes)
* Fixed bug #39542 (Behavior of require/include different to < 5.2.0)
* Fixed bug #41293 (Fixed creation of HTTP_RAW_POST_DATA when there is no default post handler)
* Fixed bug #41347 (checkdnsrr() segfaults on empty hostname)
* Fixed bug #41353 (crash in openssl_pkcs12_read() on invalid input)
* Fixed bug #41403 (json_decode cannot decode floats if localeconv decimal_point is not '.')
* Fixed bug #41421 (Uncaught exception from a stream wrapper segfaults)
* Fixed bug #41504 (json_decode() incorrectly decodes JSON arrays with empty string keys).
Over 40 other bugs fixed.
The new release can be downloaded here. You might also be interested in the changelog.
Related articles
PHP Version 5.2.2 Released
PHP Version 5.2.2 (RC1) Released for Testing
PHP Version 5.2.5 Released
PHP Version 5.2.4 Released
PHP Version 5.2.4 (RC1) Released for Testing
PHP Version 5.2.1 Released
Zend Framework 1.0.0 Production Released
Symfony 1.0.5 Released
Prado 3.1.0 Released
Symfony 1.0.6 Released
Zend Framework 1.0.1 Released
CodeIgniter 1.5.4 Released
2008 PHP Quebec Conference Call for Papers
Prado 3.1.1 Released
SimpleXML, DOM and Encodings
Learning PHP Data Objects
Advocating Namespaces
Exceptions in __autoload()
i18n with PHP5: Pitfalls
PHP5 More Secure than PHP4
Zend Framework 1.0.0 RC3 Released
Zend Framework 1.0.3 Released
PRADO version 3.1.2 released
Most Important Feature of PHP 5?
Zend Framework 1.0.2 Released
Zend Framework 1.0.0 RC1 Released
Symfony 1.0 Released
Zend Framework 0.8.0 Released
Solar 0.27.0 and 0.27.1 Released
Zend Core 2.0 Released
Zend Platform 3.0 Released
Solar 0.26.0 Released
Zend Platform 3.0 Beta for Windows Released
Symfony 1.0 Beta 4 Released
International PHP Conference Call for Papers Announced
PHP Conference UK 2007 Registration Open
Zend Framework 0.9.0 Beta Released
Zend Framework 0.9.1 Beta Released
Prado 3.1.0 RC Released
Symfony 1.0.3 Released
Prado 3.1.0 Alpha Released
Zend Framework 1.0.0 RC2 Released
Zend Core 2.0.1 for Oracle and IBM Released
Zend Framework 0.9.3 Beta Released
Prado 3.0.7 Released
Prado 3.1.0 Beta Released
Symfony 1.0.2 Released
Symfony 1.0.4 Released
|
