[ANNOUNCE] PHP 5.2.6 Released :: ASPN Mail Archive

Recent Messages
List Archives
About the List
List Leaders
Subscription Options

View Subscriptions
Help

View by Topic
ActiveState
.NET Framework
Open Source
Perl
PHP
Python
Tcl
Web Services
XML & XSLT

View by Category
Database
General
SOAP
System Administration
Tools
User Interfaces
Web Programming
XML Programming

MyASPN >> Mail Archive >> php-announce

php-announce

[ANNOUNCE] PHP 5.2.6 Released
by Ilia Alshanetsky other posts by this author
May 1 2008 11:27PM messages near this date

| [ANNOUNCE] PHP 4.4.8 Released!

The PHP development team would like to announce the immediate  
availability of PHP 5.2.6. This release focuses on improving the  
stability of the PHP 5.2.x branch with over 120 bug fixes, several of  
which are security related. All users of PHP are encouraged to upgrade  
to this release.

Security Enhancements and Fixes in PHP 5.2.6:

	* Fixed possible stack buffer overflow in the FastCGI SAPI identified  
by Andrei Nigmatulin.
	* Fixed integer overflow in printf() identified by Maksymilian  
Aciemowicz.
	* Fixed security issue detailed in CVE-2008-0599 identified by Ryan  
Permeh.
	* Fixed a safe_mode bypass in cURL identified by Maksymilian  
Arciemowicz.
	* Properly address incomplete multibyte chars inside escapeshellcmd()  
identified by Stefan Esser.
	* Upgraded bundled PCRE to version 7.6
Key enhancements in PHP 5.2.6 include:

	* Fixed two possible crashes inside the posix extension.
	* Fixed bug #44069 (Huge memory usage with concatenation using .  
instead of .=)
	* Fixed bug #44141 (private parent constructor callable through  
static function).
	* Fixed bug #43589 (a possible infinite loop in bz2_filter.c).
	* Fixed bug #43450 (Memory leak on some functions with implicit  
object __toString() call).
	* Fixed bug #43201 (Crash on using uninitialized vals and __get/__set).
	* Fixed bug #42978 (mismatch between number of bound params and  
values causes a crash in pdo_pgsql).
	* Fixed bug #42937 (__call() method not invoked when methods are  
called on parent from child class).
	* Fixed bug #42736 (xmlrpc_server_call_method() crashes).
	* Fixed bug #42369 (Implicit conversion to string leaks memory).
	* Fixed bug #41562 (SimpleXML memory issue).
	* Over 120 bug fixes.

For users upgrading from PHP 5.0 and PHP 5.1, an upgrade guide is
available here (http://www.php.net/migration52), detailing the
changes between those releases and PHP 5.2.6.
For a full list of changes in PHP 5.2.6, see the ChangeLog (http://
www.php.net/ChangeLog-5.php#5.2.6).

Ilia Alshanetsky
5.2 Release Master

-- 
PHP Announcements Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php