Make Homepage | Add To Favorites | Print Page | Submit News | Feedback | Contact | 

Your Technical Computer Information Resource!  
     

  PHP related Technical Updates [Page: 19 of 29] @ TACKtech Corp.  

07.19.2012 - PHP 5.4.5 and PHP 5.3.15 released!



View PHP related news. The PHP development team would like to announce the immediate availability of PHP 5.4.5 and PHP 5.3.15. This release fixes over 30 bugs and includes a fix for a security related overflow issue in the stream implementation. All users of PHP are encouraged to upgrade to PHP 5.4.5 or PHP 5.3.15.For source downloads of PHP 5.4.5 and PHP 5.3.15 please visit our downloads page, Windows binaries can be found on windows.php.net/download/. The list of changes are recorded in the ChangeLog.
Full View / NID: 42686 / Submitted by: The Zilla of Zuron

06.14.2012 - PHP 5.4.4 and PHP 5.3.14 released!



View PHP related news. The PHP development team would like to announce the immediate availability of PHP 5.4.4 and PHP 5.3.14. All users of PHP are encouraged to upgrade to PHP 5.4.4 or PHP 5.3.14.The release fixes multiple security issues: A weakness in the DES implementation of crypt and a heap overflow issue in the phar extensionPHP 5.4.4 and PHP 5.3.14 fixes over 30 bugs. Please note that the use of php://fd streams is now restricted to the CLI SAPIFor source downloads of PHP 5.4.4 and PHP 5.3.14 please visit our downloads page, Windows binaries can be found on windows.php.net/download/. The list of changes are recorded in the ChangeLog.
Full View / NID: 42350 / Submitted by: The Zilla of Zuron

05.08.2012 - PHP 5.4.3 and PHP 5.3.13 Released!



View PHP related news. The PHP development team would like to announce the immediate availability of PHP 5.4.3 and PHP 5.3.13. All users are encouraged to upgrade to PHP 5.4.3 or PHP 5.3.13The releases complete a fix for a vulnerability in CGI-based setups (CVE-2012-2311). Note: mod_php and php-fpm are not vulnerable to this attack.PHP 5.4.3 fixes a buffer overflow vulnerability in the apache_request_headers() (CVE-2012-2329). The PHP 5.3 series is not vulnerable to this issue.For source downloads of PHP 5.4.3 and PHP 5.3.13 please visit our downloads page, Windows binaries can be found on windows.php.net/download/. The list of changes are recorded in the ChangeLog.
Full View / NID: 41904 / Submitted by: The Zilla of Zuron

05.06.2012 - PHP 5.3.12 and 5.4.2 and the CGI flaw (CVE-2012-1823)



View PHP related news. PHP 5.3.12/5.4.2 do not fix all variations of the CGI issues described in CVE-2012-1823. It has also come to our attention that some sites use an insecure cgiwrapper script to run PHP. These scripts will use $* instead of "$@" to pass parameters to php-cgi which causes a number of issues. Again, people using mod_php or php-fpm are not affected. One way to address these CGI issues is to reject the request if the query string contains a '-' and no '='. It can be done using Apache's mod_rewrite like this: RewriteCond %{QUERY_STRING} ^[^=]*$ RewriteCond %{QUERY_STRING} %2d|\- [NC] RewriteRule .? - [F,L] Note that this will block otherwise safe requests like ?top-40 so if you have query parameters that look like that, adjust your regex accordingly.Another set of releases are planned for Tuesday, May, 8th. These releases will fix the CGI flaw and another CGI-related issue in apache_request_header (5.4 only).We apologize for the inconvenience created with these releases and the (lack of) communication around them.
Full View / NID: 41872 / Submitted by: The Zilla of Zuron

05.03.2012 - PHP 5.3.12 and PHP 5.4.2 Released!



View PHP related news. There is a vulnerability in certain CGI-based setups (Apache+mod_php and nginx+php-fpm are not affected) that has gone unnoticed for at least 8 years. Section 7 of the CGI spec states: Some systems support a method for supplying a [sic] array of strings to the CGI script. This is only used in the case of an `indexed' query. This is identified by a "GET" or "HEAD" HTTP request with a URL search string not containing any unencoded "=" characters. So, requests that do not have a "=" in the query string are treated differently from those who do in some CGI implementations. For PHP this means that a request containing ?-s may dump the PHP source code for the page, but a request that has ?-s&=1 is fine.A large number of sites run PHP as either an Apache module through mod_php or using php-fpm under nginx. Neither of these setups are vulnerable to this. Straight shebang-style CGI also does not appear to be vulnerable.If you are using Apache mod_cgi to run PHP you may be vulnerable. To see if you are, just add ?-s to the end of any of your URLs. If you see your source code, you are vulnerable. If your site renders normally, you are not.To fix this, update to PHP 5.3.12 or PHP 5.4.2. We recognize that since CGI is a rather outdated way to run PHP, it may not be feasible to upgrade these sites to a modern version of PHP. An alternative is to configure your web server to not let these types of requests with query strings starting with a "-" and not containing a "=" through. Adding a rule like this should not break any sites. For Apache using mod_rewrite it would look like this: RewriteCond %{QUERY_STRING} ^(%2d|-)[^=]+$ [NC] RewriteRule ^(.*) $1? [L] If you are writing your own rule, be sure to take the urlencoded ?%2ds version into account.Making a bad week worse, we had a bug in our bug system that toggled the private flag of a bug report to public on a comment to the bug report causing this issue to go public before we had time to test solutions to the level we would like. Please report any issues via bugs.php.net.For source downloads of PHP 5.3.12 and PHP 5.4.2 please visit our downloads page, Windows binaries can be found on windows.php.net/download/. A ChangeLog exists.
Full View / NID: 41849 / Submitted by: The Zilla of Zuron

04.26.2012 - PHP 5.3.11 And PHP 5.4.1 Released!



View PHP related news. The PHP development team announces the immediate availability of PHP 5.3.11 and PHP 5.4.1. These releases focuses on improving the stability of the current PHP branches with over 60 bug fixes, some of which are security related.Security Enhancements for both PHP 5.3.11 and PHP 5.4.1:Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_FILES indices). (CVE-2012-1172).Add open_basedir checks to readline_write_history and readline_read_history.Security Enhancement affecting PHP 5.3.11 only:Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831).Key enhancements in these releases include:Added debug info handler to DOM objects.Fixed bug #61172 (Add Apache 2.4 support).For a full list of changes in PHP 5.3.11 and PHP 5.4.1, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/.All users of PHP are strongly encouraged to upgrade to PHP 5.3.11 or PHP 5.4.1.
Full View / NID: 41770 / Submitted by: The Zilla of Zuron

04.13.2012 - PHP 5.4.1RC2 Released for Testing



View PHP related news. The PHP development team would like to announce the 2nd release candidate of PHP 5.4.1. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION! This is the 2nd release candidate. The release candidate phase is intended as a period of bug fixing prior to the stable release. The release candidate fixes a critical issue when using the internal classes in multiple threads. A complete list of changes since the last release candidate can be found in the NEWS file. Please help us to identify bugs in order to ensure that the release is solid and all things behave as expected by taking the time to test this release candidate against your code base and reporting any problems that you encounter to the QA mailing list and/or the PHP bug tracker. PHP 5.4.1 final will be released on April 26.
Full View / NID: 41616 / Submitted by: The Zilla of Zuron

03.19.2012 - PHP migrates to Git



View PHP related news. The migration of the PHP source code from Subversion to Git is complete. You can clone or fork the source from our GitHub mirror, and we also now support pull requests made via GitHub. The source is also available via git.php.net, and full instructions on cloning the php-src tree can be found at php.net/git. One immediate benefit is that future PHP release tags will be signed by the PHP development team. We will be releasing GPG keys for verification purposes in the next few days. More information on the migration and the new workflow can be found at the Moving to Git FAQ on the PHP Wiki. Please note that the PHP manual, including translations, continues to be hosted in Subversion for the time being and will be migrated to Git at a later date. Many thanks to David Soria Parra for his hard work on making the conversion to Git a reality, and to Alexander Moskaliov, Florian Anderiasch and Johannes Schlüter for their work on the scripts required to support the conversion. Let the forking begin!
Full View / NID: 41362 / Submitted by: The Zilla of Zuron

03.01.2012 - PHP 5.4.0 released!



View PHP related news. The PHP development team is proud to announce the immediate availability of PHP 5.4.0. This release is a major leap forward in the 5.x series, which includes a large number of new features and bug fixes. Some of the key new features include: traits, a shortened array syntax, a built-in webserver for testing purposes and more. PHP 5.4.0 significantly improves performance, memory footprint and fixes over 100 bugs. For users upgrading from PHP 5.3 there is a migration guide available here, detailing the changes between those releases and PHP 5.4.0. Further details about the PHP 5.4.0 release can be found in the release announcement, and the full list of changes are available in the ChangeLog. Please note that it may take a while until the release is available on all mirrors.
Full View / NID: 41168 / Submitted by: The Zilla of Zuron

02.24.2012 - PHP 5.4.0 RC8 released



View PHP related news. The PHP development team would like to announce the 8th release candidate of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviours. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION! . This is the 8th release candidate. The release candidate phase is intended as a period of bug fixing prior to the stable release. No new features should be included before the final version of PHP 5.4.0. The 7th and 8th release candidates focus on fixing critical bugs and security vulnerabilities, including: A buffer overflow in htmlspecialchars() and htmlentities() (bug #60965). Improving the max_input_vars configuration directive to check nested variables. A complete list of changes since the last release candidate can be found in the NEWS file. We've received a lot of feedback that has helped to improve the upcoming release of PHP 5.4.0. Please continue to help us to identify bugs in order to ensure that the release is solid and all things behave as expected by taking the time to test this release candidate against your code base and reporting any problems that you encounter to the QA mailing list and/or the PHP bug tracker. The next release candidate will be released on March 1.
Full View / NID: 41110 / Submitted by: The Zilla of Zuron

02.02.2012 - PHP 5.3.10 Released!



View PHP related news. The PHP development team would like to announce the immediate availability of PHP 5.3.10. This release delivers a critical security fix.Security Fixes in PHP 5.3.10:Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830.All users are strongly encouraged to upgrade to PHP 5.3.10.For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/.
Full View / NID: 40869 / Submitted by: The Zilla of Zuron

01.24.2012 - PHP 5.4.0 RC6 released



View PHP related news. The PHP development team announces the 6th release candidate of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviours. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION!. This is the 6th release candidate. The release candidate phase is intended as a period of bug fixing prior to the stable release. No new features should be included before the final version of PHP 5.4.0. The 6th release candidate focused on improving traits. Please test them carefully and help us to identify bugs in order to ensure that the release is solid and all things behave as expected. Please take the time to test this release candidate against your code base and report any problems that you encounter to the QA mailing list and/or the PHP bug tracker. A complete list of changes since the last release candidate can be found at NEWS The next candidate will be released on Feb 2.
Full View / NID: 40773 / Submitted by: The Zilla of Zuron

01.10.2012 - PHP 5.3.9 Released!



View PHP related news. The PHP development team would like to announce the immediate availability of PHP 5.3.9. This release focuses on improving the stability of the PHP 5.3.x branch with over 90 bug fixes, some of which are security related.Security Enhancements and Fixes in PHP 5.3.9:Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885)Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566)Key enhancements in PHP 5.3.9 include:Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of).Fixed bug #55609 (mysqlnd cannot be built shared)Many changes to the FPM SAPI moduleFor a full list of changes in PHP 5.3.9, see the ChangeLog. For source downloads please visit our downloads page, Windows binaries can be found on windows.php.net/download/.All users are strongly encouraged to upgrade to PHP 5.3.9.
Full View / NID: 40625 / Submitted by: The Zilla of Zuron

01.07.2012 - PHP 5.4.0 RC5 released



View PHP related news. The PHP development team announces the 5th release candidate of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviours. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION!. This is the 5th release candidate. The release candidate phase is intended as a period of bug fixing prior to the stable release. No new features should be included before the final version of PHP 5.4.0. We got a lot of feedback that helped us to improve the upcoming PHP version. Please continue to help us to identify bugs in order to ensure that the release is solid and all things behave as expected. Please take the time to test this release candidate against your code base and report any problems that you encounter to the QA mailing list and/or the PHP bug tracker. A complete list of changes since the last release candidate can be found at NEWS The next and probably last release candidate will be released in 14 days.
Full View / NID: 40583 / Submitted by: The Zilla of Zuron

12.24.2011 - PHP 5.4.0 RC4 released



View PHP related news. The PHP development team is proud to announce the 4th release candidate of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviours. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION!. This is the 4th release candidate. The release candidate phase is intended as a period of bug fixing prior to the stable release. No new features should be included before the final version of PHP 5.4.0. The new release candidate fixed several bugs, including: Added max_input_vars directive to prevent attacks based on hash collisionsFixed a segfault in the traits code Read the NEWS file for a complete list of changes in this release. Please continue to help us to identify bugs in order to ensure that the release is solid and all things behave as expected. Please test this release candidate against your code base and report any problems that you encounter to the QA mailing list and/or the PHP bug tracker. The next release candidate will be released in 14 days.
Full View / NID: 40483 / Submitted by: The Zilla of Zuron

12.14.2011 - PHP 5.4.0RC3 released



View PHP related news. The PHP development team is proud to announce the third release candidate of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviours. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION!. This is the third release candidate. The release candidate phase is intended as a period of bug fixing prior to the stable release. No new features should be included before the final version of PHP 5.4.0. Changes since the previous release candidate include:The intl extension now supports UTS #46 mapping for IDNA$_SERVER['SERVER_NAME'] and $_SERVER['SERVER_PORT'] are now available in the builtin CLI server implementation.Several improvements and bug fixes in the Zend Engine, Core and other extensions. Read the NEWS file for a complete list of changes in this release. Please continue to help us to identify bugs in order to ensure that the release is solid and all things behave as expected. Please test this release candidate against your code base and report any problems that you encounter to the QA mailing list and/or the PHP bug tracker.
Full View / NID: 40376 / Submitted by: The Zilla of Zuron

11.29.2011 - PHP 5.4 RC2 released



View PHP related news. The PHP development team is proud to announce the second release candidate of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviours. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION!. This is the second release candidate. The release candidate phase is intended as a period of bug fixing prior to the stable release. No new features should be included before the final version of PHP 5.4.0. Changes since the previous release candidate include:Further bug fixes in the built-in web server.PHP-FPM is no longer marked as EXPERIMENTAL.Several improvements and bug fixes in the Zend Engine, Core and other extensions. Read the NEWS file for a complete list of changes in this release. Please continue to help us to identify bugs in order to ensure that the release is solid and all things behave as expected. Please test this release candidate against your code base and report any problems that you encounter to the QA mailing list and/or the PHP bug tracker.
Full View / NID: 40217 / Submitted by: The Zilla of Zuron

11.10.2011 - PHP 5.4 RC1 released



View PHP related news. The PHP development team is proud to announce the first release candidate of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviours. Windows binaries can be downloaded from the Windows QA site. THIS IS A RELEASE CANDIDATE - DO NOT USE IT IN PRODUCTION! This is the first release candidate. No new features will be included before the final version of PHP 5.4.0. The release candidate phase is intended as a period of bug fixing prior to the stable release. Changes since the last beta version include:Added class member access on instantiation (e.g. (new Foo)->bar()).Changed silent conversion of array to string to produce a notice.Numerous bug fixes and improvements in the Core and other extensions. Please help us to identify bugs in order to ensure that the release is solid and all things behave as expected. Please test this release candidate against your code base and report any problems that you encounter to the QA mailing list and/or the PHP bug tracker. Read the NEWS file for a complete list of changes in this release.
Full View / NID: 40031 / Submitted by: The Zilla of Zuron

10.26.2011 - PHP 5.4 beta2 released



View PHP related news. The PHP development team is proud to announce the second beta release of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviours. Windows binaries can be downloaded from the Windows QA site. THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION! Please help us to identify bugs by testing new features and looking for unintended backward compatibility breaks, so we can fix the problems and fully document intended changes before PHP 5.4.0 is released. Report findings to the QA mailing list and/or the PHP bug tracker. This release includes numerous bug fixes and improvements since the first beta release. Read the NEWS file for a complete list of changes.
Full View / NID: 39836 / Submitted by: The Zilla of Zuron

09.26.2011 - PHP 5.4 beta1 released



View PHP related news. The PHP development team is proud to announce the first beta release of PHP 5.4. PHP 5.4 includes new language features and removes several legacy (deprecated) behaviors. Windows binaries can be downloaded from the Windows QA site. THIS IS A DEVELOPMENT PREVIEW - DO NOT USE IT IN PRODUCTION! New features were added and bugs were fixed since alpha1. Please help us to identify bugs by testing new features and looking for unintended backward compatability breaks, so we can fix the problems and fully document intended changes before PHP 5.4.0 is released. Report findings to the QA mailing list and/or the PHP bug tracker. Changes since the first alpha version include:Added callable typehint.Removed the timezone guessing algorithm. "UTC" is now used in case the timezone is not set.The mysql, mysqli and pdo_mysql extensions now use mysqlnd by default. Read the NEWS file for a complete list of changes.
Full View / NID: 39506 / Submitted by: The Zilla of Zuron
  Popular Tech News  
  Most Viewed News  
  Top Affiliates  
.....