Hack News - PHP 5.3.7 Fixes Over 90 Bugs – Some Security Related - 22/8/11

The PHP development team has announced the immediate availability of PHP 5.3.7. This release focuses on improving the stability of the PHP 5.3.x branch with over 90 bug fixes, some of which are security related.

Security Enhancements and Fixes in PHP 5.3.7:

Updated crypt_blowfish to 1.2. (CVE-2011-2483)
Fixed crash in error_log(). Reported by Mateusz Kocielski
Fixed buffer overflow on overlog salt in crypt().
Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)

It is also worth noting that PHP 5.2 is no longer supported and users should upgrade to PHP 5.3.7. The new release’s source code is available to download, as are Windows binaries. Linux and FreeBSD users should see updates from their distribution providers soon.

Quick Links

Partner Sites

Create a free website with uCoz

Hacking Tech

We are here to provide free hacking tutorials of ethical hacking and some part of cracking.. as for the ethical hacking you should have the knowledge of cracking...the basics of ehical hacking and every part of introduction will be posted here..

Total online: 6

Guests: 6

Users: 0