Il PHP development team ha annunciato il rilascio di Php 5.3.4, aggiornamento di mantenimento della serie 5.3 che include un gran numero di bug fix. Changelog disponibile a questa pagina.
Security Enhancements and Fixes in PHP 5.3.4:
- Fixed crash in zip extract method (possible CWE-170).
- Paths with NULL in them (foo bar.txt) are now considered as invalid (CVE-2006-7243).
- Fixed a possible double free in imap extension (Identified by Mateusz Kocielski). (CVE-2010-4150).
- Fixed NULL pointer dereference in ZipArchive::getArchiveComment. (CVE-2010-3709).
- Fixed possible flaw in open_basedir (CVE-2010-3436).
- Fixed MOPS-2010-24, fix string validation. (CVE-2010-2950).
- Fixed symbolic resolution support when the target is a DFS share.
- Fixed bug #52929 (Segfault in filter_var with FILTER_VALIDATE_EMAIL with large amount of data) (CVE-2010-3710).
Key Bug Fixes in PHP 5.3.4 include:
- Added stat support for zip stream.
- Added follow_location (enabled by default) option for the http stream support.
- Added a 3rd parameter to get_html_translation_table. It now takes a charset hint, like htmlentities et al.
- Implemented FR #52348, added new constant ZEND_MULTIBYTE to detect zend multibyte at runtime.
- Multiple improvements to the FPM SAPI.
- Over 100 other bug fixes.
Articoli correlati
- Rilasciato NetBeans 7.1.1
- Rilasciato NetBeans 7.0.1
- NetBeans IDE 7.1 Beta
- Rilasciato phpMyAdmin 3.4.10
- La qualità del software open source è migliore rispetto alla qualità del software proprietario
- Rilasciato WordPress 3.4 'Green'
- Joomla 3.0.1
- phpMyAdmin 3.5.3
- Più di 500.000 Windows Live Spaces blog sono migrati su WordPress.com
- WordPress festeggia 10 anni
- Rilasciato phpMyAdmin 3.3.8.1
- phpMyAdmin 4.0.5 RC2
- Drupal 7.0, rilasciata la prima release candidate
- PHP 5.4.22 e PHP 5.5.6
- Drupal 7.0, rilasciata la terza release candidate