PHP 5.2.13 addresses security holes - The Community's Center for Security


The central voice for Linux and Open Source security news

Welcome!

Sign up!

EnGarde Community

Polls

What is the most important Linux security technology?

	SELinux
	grsecurity
	CIS Benchmark
	Bastille Linux
	iptables
	LIDS

Advisories

Community

Linux Events

Linux User Groups

Link to Us

Security Center

Book Reviews

Security Dictionary

Security Tips

SELinux

White Papers

Featured Blogs

All About Linux

DanWalsh LiveJournal

Securitydistro

Latest Newsletters

Linux Security Week: May 14th, 2012

Linux Advisory Watch: May 10th, 2012

LinuxSecurity Newsletters

RSS Feeds

Get the LinuxSecurity news you want faster with RSS

PHP 5.2.13 addresses security holes

User Rating:

How can I rate this item?

Source: H Security - Posted by Alex

An update which fixes around 40 bugs is available for the PHP 5.2 development branch. Version 5.2.13 comes highly recommended for all PHP 5.2.x users, as it includes a number of security-related fixes. These include a bug when validating the safe_mode configuration variable in the tempnam() function which arises when the path does not end in /). An open_basedir/safe_mode bypass vulnerability in the session extension has also been fixed. More details about the release, including other significant changes, can be found in the release announcement and change log. PHP 5.2.13 is available to download from the project's site.

The current PHP development branch is PHP 5.3, for which version 5.3.1 has been available since November 2009. A third release candidate for PHP 5.3.2 was released on the 23rd of February.

[All of article]

Read this full article at H Security