|
|
|
The PHP development team would like to announce the immediate availability of PHP 5.3.8. This release fixes two issues introduced in the PHP 5.3.7 release:Fixed bug #55439 (crypt() returns only the salt for MD5)Reverted a change in timeout handling restoring PHP 5.3.6 behavior, which caused mysqlnd SSL connections to hang (Bug #55283).All PHP users should note that the PHP 5.2 series is NOT supported anymore. All users are strongly encouraged to upgrade to PHP 5.3.8.For a full list of changes in PHP 5.3.8, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/.For more details on the crypt() blowfish security issue in pre 5.3.6 see the crypt blowfish page
|
|
|
Full View / NID: 39181 / Submitted by: The Zilla of Zuron
|
|
|
Due to unfortunate issues with 5.3.7 (see bug#55439) users should wait with upgrading until 5.3.8 will be released (expected in few days).
|
|
|
Full View / NID: 39171 / Submitted by: The Zilla of Zuron
|
|
|
The PHP development team would like to announce the immediate availability of PHP 5.3.7. This release focuses on improving the stability of the PHP 5.3.x branch with over 90 bug fixes, some of which are security related.Security Enhancements and Fixes in PHP 5.3.7:Updated crypt_blowfish to 1.2. (CVE-2011-2483)Fixed crash in error_log(). Reported by Mateusz KocielskiFixed buffer overflow on overlog salt in crypt().Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)Key enhancements in PHP 5.3.7 include:Upgraded bundled Sqlite3 to version 3.7.7.1Upgraded bundled PCRE to version 8.12Fixed bug #54910 (Crash when calling call_user_func with unknown function name)Fixed bug #54585 (track_errors causes segfault)Fixed bug #54262 (Crash when assigning value to a dimension in a non-array)Fixed a crash inside dtor for error handlingFixed bug #55339 (Segfault with allow_call_time_pass_reference = Off)Fixed bug #54935 php_win_err can lead to crashFixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption)Fixed bug #54305 (Crash in gc_remove_zval_from_buffer)Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value)Fixed bug #54529 (SAPI crashes on apache_config.c:197)Fixed bug #54283 (new DatePeriod(NULL) causes crash).Fixed bug #54269 (Short exception message buffer causes crash)Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries)Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters)Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and SplTempFileObject crash when user-space classes don't call the parent constructor)Fixed bug #54292 (Wrong parameter causes crash in SplFileObject::__construct())Fixed bug #54291 (Crash iterating DirectoryIterator for dir name starting with \0)Fixed bug #54281 (Crash in non-initialized RecursiveIteratorIterator)Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket)Fixed bug #54681 (addGlob() crashes on invalid flags)Over 80 other bug fixes.Windows users: please mind that we do no longer provide builds created with Visual Studio C++ 6. It is impossible to maintain a high quality and safe build of PHP for Windows using this unmaintained compiler.For Apache SAPIs (php5_apache2_2.dll), be sure that you use a Visual Studio C++ 9 version of Apache. We recommend the Apache builds as provided by ApacheLounge. For any other SAPI (CLI, FastCGI via mod_fcgi, FastCGI with IIS or other FastCGI capable server), everything works as before. Third party extension providers must rebuild their extensions to make them compatible and loadable with the Visual Studio C++9 builds that we now provide.All PHP users should note that the PHP 5.2 series is NOT supported anymore. All users are strongly encouraged to upgrade to PHP 5.3.7.For a full list of changes in PHP 5.3.7, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/.
|
|
|
Full View / NID: 39138 / Submitted by: The Zilla of Zuron
|
|
Advanced Installer 8.4 was released on August 16th, 2011
|
|
|
Full View / NID: 39106 / Submitted by: The Zilla of Zuron
|
|
|
Advanced Installer 8.3 was released on July 26th, 2011
|
|
|
Full View / NID: 38900 / Submitted by: The Zilla of Zuron
|
|
Fresh HTML is a software to create and edit pages for the world wide web. Its “WYSIWYG” (what you see is what you get) interface makes editing HTML pages as easy as using your favorite word processor. Its built-in editor allows advanced users to fine-tune HTML codes to fit their needs. This software is 100% free, no spyware, and updated regularly.
|
|
|
Full View / NID: 38875 / Submitted by: TACKtech Team
|
|
|
The PHP development team is proud to announce the first PHP 5.4 alpha release. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviors. Read the NEWS file for a complete list of changes. THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION! This alpha release exists to encourage users to identify bugs, and to ensure that all new features and backward compatibility breaks are evaluated and documented before PHP 5.4.0 is released. Please report findings to the QA mailing list and/or the PHP bug tracker. Windows binaries can be downloaded from the Windows QA site. Here is an incomplete list of changes: Added: Traits language constructAdded: Array dereferencing supportAdded: DTrace supportImproved: Improved Zend Engine memory usage and performanceMoved: ext/sqlite moved to pecl (sqlite3 support is still built-in) Please note that some legacy features have been removed: Removed: break/continue $var syntaxRemoved: register_globals, allow_call_time_pass_reference, and register_long_arrays ini optionsRemoved: session_is_regisitered(), session_registered(), and session_unregister() This is the first release that adopts the releaseprocess RFC. The next alpha will be released within four weeks. The PHP 5.4 feature set and API has not been finalized.
|
|
|
Full View / NID: 38545 / Submitted by: The Zilla of Zuron
|
|
|
PHP has several new documentation features that the community should be aware of: pman - PHP man pages $ pear install doc.php.net/pman$ pman strlen (this example displays a local textual version of the strlen docs) Enhanced CHM - contains user notes (over 25,000) This additional CHM file is downloadable Online Documentation Editor - allows everyone to edit the PHP manual URL: https://edit.php.net/Every manual page will link to it in the futureIncludes an IRC window to the #php.doc channel, so let's talk We hope you find the above features useful, and please write phpdoc@lists.php.net with feedback. Additional features are being refined, which includes a JSON version of the manual.
|
|
|
Full View / NID: 38510 / Submitted by: The Zilla of Zuron
|
|
|
Fresh HTML is a software to create and edit pages for the world wide web. Its “WYSIWYG” (what you see is what you get) interface makes editing HTML pages as easy as using your favorite word processor. Its built-in editor allows advanced users to fine-tune HTML codes to fit their needs. This software is 100% free, no spyware, and updated regularly.
|
|
|
Full View / NID: 38440 / Submitted by: TACKtech Team
|
|
|
Advanced Installer 8.2 was released on June 6th, 2011
|
|
|
Full View / NID: 38269 / Submitted by: The Zilla of Zuron
|
|
|
Advanced Installer 8.1.3 was released on April 27th, 2011
|
|
|
Full View / NID: 37819 / Submitted by: The Zilla of Zuron
|
|
|
Advanced Installer 8.1.2 was released on April 18th, 2011
|
|
|
Full View / NID: 37727 / Submitted by: The Zilla of Zuron
|
|
|
Fresh HTML is a software to create and edit pages for the world wide web. Its “WYSIWYG” (what you see is what you get) interface makes editing HTML pages as easy as using your favorite word processor. Its built-in editor allows advanced users to fine-tune HTML codes to fit their needs. This software is 100% free, no spyware, and updated regularly.
|
|
|
Full View / NID: 37530 / Submitted by: TACKtech Team
|
|
|
Advanced Installer 8.1.1 was released on April 4th, 2011
|
|
|
Full View / NID: 37512 / Submitted by: The Zilla of Zuron
|
|
|
Advanced Installer 8.1 was released on March 31st, 2011
|
|
|
Full View / NID: 37472 / Submitted by: The Zilla of Zuron
|
|
|
The wiki.php.net box was compromised and the attackers were able to collect wiki account credentials. No other machines in the php.net infrastructure appear to have been affected. Our biggest concern is, of course, the integrity of our source code. We did an extensive code audit and looked at every commit since 5.3.5 to make sure that no stolen accounts were used to inject anything malicious. Nothing was found. The compromised machine has been wiped and we are forcing a password change for all svn accounts.We are still investigating the details of the attack which combined a vulnerability in the Wiki software with a Linux root exploit.
|
|
|
Full View / NID: 37342 / Submitted by: The Zilla of Zuron
|
|
|
The PHP development team would like to announce the immediate availability of PHP 5.3.6. This release focuses on improving the stability of the PHP 5.3.x branch with over 60 bug fixes, some of which are security related.Security Enhancements and Fixes in PHP 5.3.6:Enforce security in the fastcgi protocol parsing with fpm SAPI.Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)Fixed bug #54055 (buffer overrun with high values for precision ini setting).Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)Key enhancements in PHP 5.3.6 include:Upgraded bundled Sqlite3 to version 3.7.4.Upgraded bundled PCRE to version 8.11.Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization.Added options to debug backtrace functions.Changed default value of ini directive serialize_precision from 100 to 17.Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error).Fixed Bug #53958 (Closures can't 'use' shared variables by value and by reference).Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash).Over 60 other bug fixes.Windows users: please mind that we do no longer provide builds created with Visual Studio C++ 6. It is impossible to maintain a high quality and safe build of PHP for Windows using this unmaintained compiler. For Apache SAPIs (php5_apache2_2.dll), be sure that you use a Visual Studio C++ 9 version of Apache. We recommend the Apache builds as provided by ApacheLounge. For any other SAPI (CLI, FastCGI via mod_fcgi, FastCGI with IIS or other FastCGI capable server), everything works as before. Third party extension providers must rebuild their extensions to make them compatible and loadable with the Visual Studio C++9 builds that we now provide. All PHP users should note that the PHP 5.2 series is NOT supported anymore. All users are strongly encouraged to upgrade to PHP 5.3.6.For a full list of changes in PHP 5.3.6, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/.
|
|
|
Full View / NID: 37325 / Submitted by: The Zilla of Zuron
|
|
|
Fresh HTML is a software to create and edit pages for the world wide web. Its “WYSIWYG” (what you see is what you get) interface makes editing HTML pages as easy as using your favorite word processor. Its built-in editor allows advanced users to fine-tune HTML codes to fit their needs. This software is 100% free, no spyware, and updated regularly.
|
|
|
Full View / NID: 37191 / Submitted by: TACKtech Team
|
|
|
Fresh HTML is a software to create and edit pages for the world wide web. Its “WYSIWYG” (what you see is what you get) interface makes editing HTML pages as easy as using your favorite word processor. Its built-in editor allows advanced users to fine-tune HTML codes to fit their needs. This software is 100% free, no spyware, and updated regularly.
|
|
|
Full View / NID: 36760 / Submitted by: TACKtech Team
|
|
|
The PHP development team would like to announce the immediate availability of PHP 5.3.5 and 5.2.17. This release resolves a critical issue, reported as PHP bug #53632, where conversions from string to double might cause the PHP interpreter to hang on systems using x87 FPU registers. The problem is known to only affect x86 32-bit PHP processes, regardless of whether the system hosting PHP is 32-bit or 64-bit. You can test whether your system is affected by running this script from the command line. All users of PHP are strongly advised to update to these versions immediately.
|
|
|
Full View / NID: 36240 / Submitted by: The Zilla of Zuron
|
|
