Php 5.3.6 Closes 5 Safety Holes !

The PHP developers have released PHP 5.3.6, a maintenance update to the PHP interpreter. Among over lx põrnikas fixes are a set out of fixes for safety related problems.

A format string vulnerability inwards the phar extension of PHP 5.3.5, CVE-2011-1153, may permit attackers to stance memory, crusade a denial of service or execute arbitrary code. There was too an integer overflow inwards the shmop_read() component subdivision which allowed for denial-of-service (CVE-2011-1092). Other flaws included crashes amongst crafted tags inwards exif metadata as well as ziparchive amongst empty archives. Security has too been enhanced inwards the protocol parsing done past times the fastcgi procedure managing director (FPM SAPI). Some of the flaws reportedly touching on all versions of PHP 5.3.x as well as earlier.

The unloose too sees SQLite3 upgraded to version 3.7.4 as well as PCRE updated to version 8.11. The might to connect to HTTPS sites through a proxy was too added equally was options for debugging backtrace functions. Influenza A virus subtype H5N1 amount listing of changes is available inwards the change log. The PHP developers remind users that PHP 5.2 is no longer supported as well as encourage users to upgrade to PHP 5.3.6.

PHP 5.3.6 tin strength out be downloaded as root code or equally Windows binaries from the php.net spider web site.