onPHP5.com

PHP5: Articles, News, Tutorials, Interviews, Software and more
  
Featured Article:
Learning PHP Data Objects
 
 
Wed, 01 Mar 2017
 Home   About   Contribute   Contact Us   Polls 
Top Tags
ajax article conference dom mysqli news onphp5 oop pdo php5 poll prado security seo solar symfony unicode zend core zend framework zend platform
More tags »

Not logged in
Login | Register

den_hotmail@fbzz

PHP Version 5.2.4 Released

« 2008 PHP Quebec Conference Call for Papers Symfony 1.0.6 Released »

By dennisp on Friday, 31 August 2007, 11:09
Published under: news   php5
Views: 6946, comments: 0

PHP version 5.2.4 has been released. This release focuses on improving the stability of the PHP 5.2.X branch with over 120 various bug fixes in addition to resolving several low priority security bugs. All users of PHP are encouraged to upgrade to this release.


Quoting the announcement:
The PHP development team would like to announce the immediate availability of PHP 5.2.4. This release focuses on improving the stability of the PHP 5.2.X branch with over 120 various bug fixes in addition to resolving several low priority security bugs. All users of PHP are encouraged to upgrade to this release.

Security Enhancements and Fixes in PHP 5.2.4:

* Fixed a floating point exception inside wordwrap()
* Fixed several integer overflows inside the GD extension
* Fixed size calculation in chunk_split()
* Fixed integer overflow in str[c]spn()
* Fixed money_format() not to accept multiple %i or %n tokens.
* Fixed zend_alter_ini_entry() memory_limit interruption vulnerability
* Fixed INFILE LOCAL option handling with MySQL extensions not to be allowed when open_basedir or safe_mode is active.
* Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode
* Fixed a possible invalid read in glob() win32 implementation
* Fixed a possible buffer overflow in php_openssl_make_REQ
* Fixed an open_basedir bypass inside glob() function
* Fixed a possible open_basedir bypass inside session extension when the session file is a symlink
* Improved fix for MOPB-03-2007.
* Corrected fix for CVE-2007-2872.

Key enhancements in PHP 5.2.4 include:

* Upgraded PCRE to version 7.2
* Added persistent connection status checker to pdo_pgsql.
* Fixed oci8 and PDO_OCI extensions to allow configuring with Oracle 11g client libraries.
* Fixed bug #41831 (pdo_sqlite prepared statements convert resources to strings).
* Fixed bug #41770 (SSL: fatal protocol error due to buffer issues)
* Fixed bug #41713 (Persistent memory consumption on win32 since 5.2)
* Over 120 bug fixes.
The new release can be downloaded here. You might also be interested in the changelog.

Related articles

PHP Version 5.2.2 (RC1) Released for Testing
PHP Version 5.2.2 Released
PHP Version 5.2.3 Released
PHP Version 5.2.1 Released
PHP Version 5.2.4 (RC1) Released for Testing
Symfony 1.0.5 Released
Learning PHP Data Objects
Zend Framework 1.0.0 Production Released
Advocating Namespaces
Zend Framework 1.0.0 RC3 Released
Exceptions in __autoload()
Zend Framework 1.0.0 RC2 Released
Symfony 1.0.4 Released
Prado 3.1.0 Released
CodeIgniter 1.5.4 Released
Most Important Feature of PHP 5?
PHP5 More Secure than PHP4
SimpleXML, DOM and Encodings
2008 PHP Quebec Conference Call for Papers
Symfony 1.0.6 Released
Zend Framework 1.0.1 Released
Zend Framework 1.0.0 RC1 Released
i18n with PHP5: Pitfalls
Prado 3.1.0 RC Released
Zend Platform 3.0 Released
Symfony 1.0 Released
Zend Framework 0.8.0 Released
Solar 0.26.0 Released
PHP Conference UK 2007 Registration Open
Zend Platform 3.0 Beta for Windows Released
Symfony 1.0 Beta 4 Released
International PHP Conference Call for Papers Announced
Solar 0.27.0 and 0.27.1 Released
Zend Core 2.0 Released
Zend Framework 0.9.3 Beta Released
Zend Core 2.0.1 for Oracle and IBM Released
Prado 3.1.0 Alpha Released
Symfony 1.0.2 Released
Prado 3.1.0 Beta Released
Zend Framework 0.9.0 Beta Released
Zend Framework 0.9.1 Beta Released
Prado 3.0.7 Released
Symfony 1.0.3 Released


© 2017 onPHP5.com