PHP 5.3.6 fixes security issues..!!

priyanshuit's picture


PHP 5.3.6 focuses on improving the stability of the PHP 5.3.x branch with over 60 bug fixes, some of which are security related.

Security enhancements and fixes

    * Enforce security in the fastcgi protocol parsing with fpm SAPI.
    * Fixed bug #54247 (format-string vulnerability on Phar).
    * Fixed bug #54193 (Integer overflow in shmop_read()).
    * Fixed bug #54055 (buffer overrun with high values for precision ini setting).
    * Fixed bug #54002 (crash on crafted tag in exif).
    * Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive).

Key enhancements

    * Upgraded bundled Sqlite3 to version 3.7.4.
    * Upgraded bundled PCRE to version 8.11.
    * Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization.
    * Added options to debug backtrace functions.
    * Changed default value of ini directive serialize_precision from 100 to 17.
    * Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error).
    * Fixed Bug #53958 (Closures can't 'use' shared variables by value and by reference).
    * Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash).
    * Over 60 other bug fixes.

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
11 + 4 =
Solve this simple math problem and enter the result. E.g. for 1+3, enter 4.

About the Author

priyanshuit's picture

Name
priyanshu

Last Name
sahay

Gender
Male

Website / Blog
http://www.hackersonlineclub.com

About me
Myself PRIYANSHU. >> Certified Cyber Law Expert >> Certified Cyber Security Expert >> Certified Ethical Hacker >> Working on Cyber Security, Ethical Hacking, Investigation, VAPT, Web Designing. Catch Me On >> Facebook: http://www.facebook.com/priyanshu.it Twitter: http://twitter.com/priyanshu_itech Email: priyanshu@cyber-india.in

Location
Delhi

Recent comments