Ye' old general discussion board. Basically, for everything that isn't covered elsewhere. Come here to shoot the breeze, shoot your mouth off, or whatever suits your fancy. This forum is not for asking programming related questions.
That's right kiddies, 11 and 12 have been released. What? You don't know what I'm talking about?
Okay..
PHP.net wrote:PHP development team would like to announce the immediate availability
of PHP 5.1.5 and PHP 4.4.4. The two releases address a series of
security problems discovered since PHP 5.1.4 and 4.4.3, respectively.
These include the following:
Added missing safe_mode/open_basedir checks inside the error_log(), file_exists(), imap_open() and imap_reopen() functions.
Fixed overflows inside str_repeat() and wordwrap() functions on 64bit systems.
Fixed possible open_basedir/safe_mode bypass in cURL extension and on PHP 5.1.5 with realpath cache.
Fixed overflow in GD extension on invalid GIF images.
Fixed a buffer overflow inside sscanf() function.
Fixed an out of bounds read inside stripos() function.
Fixed memory_limit restriction on 64 bit system.
In addition to the security fixes, both releases include a small number
of non-security related bug fixes.
The outlined issues can only be exploited locally, however, we still
recommend that all users upgrade to either one of the new releases as
soon as possible.
feyd wrote:That's right kiddies, 11 and 12 have been released. What? You don't know what I'm talking about?
Okay..
PHP.net wrote:PHP development team would like to announce the immediate availability
of PHP 5.1.5 and PHP 4.4.4. The two releases address a series of
security problems discovered since PHP 5.1.4 and 4.4.3, respectively.
These include the following:
Added missing safe_mode/open_basedir checks inside the error_log(), file_exists(), imap_open() and imap_reopen() functions.
Fixed overflows inside str_repeat() and wordwrap() functions on 64bit systems.
Fixed possible open_basedir/safe_mode bypass in cURL extension and on PHP 5.1.5 with realpath cache.
Fixed overflow in GD extension on invalid GIF images.
Fixed a buffer overflow inside sscanf() function.
Fixed an out of bounds read inside stripos() function.
Fixed memory_limit restriction on 64 bit system.
In addition to the security fixes, both releases include a small number
of non-security related bug fixes.
The outlined issues can only be exploited locally, however, we still
recommend that all users upgrade to either one of the new releases as
soon as possible.
Ilia Alshanetsky and Derick Rethans
Now, discuss!
None of those issues will affect any of my code...I think...
Fixed overflow in GD extension on invalid GIF images
I recall Windows having a similiar problem with JPEG when using GDI+
Other than that I have little more to say on the subject...I suppose I should check my shared host and make sure their up to date...
# Fixed overflow in GD extension on invalid GIF images.
# Fixed a buffer overflow inside sscanf() function.
# Fixed an out of bounds read inside stripos() function.
those 3 were the ones that caught my attention. I've seen a fair number of broken GIF's lately, that were not before, and all of them on PHP sites..
Jenk wrote:Speaking of images.. did yours melt feyd?
Nah, I just decide, I'm going to make my spider logo look like a real spider walking. Due to various things, the resulting image for the forum is a tad bit small to see the detail. I can post the a larger version if there's interest. Otherwise, hit me on PM if you want to see it.
honestly, I think that is one of the coolest graphics I've ever seen. Mainly because I could still recognize it being your normal avatar, but it COMPLETELY looks like a spider walking. Awesome! (I am easily impressed though)
A great deal of work was done since RC1 to stabilize the code, with
over 50 bug fixes since then. Also, remaining items from the todo
such as the upgrade of the sqlite lib inside pdo_sqlite and PEAR's
phar have now been completed. At this time I would like to close
5.2.0 for any further feature additions and leave it open for bug
fixes only. If all goes well the next, and final RC will be in 2
weeks, tentative date August 31st with a final a week or two later.
I'd like to ask everyone to try this release, in particular paying
attention to input processing, something that has changed a fair bit
with the introduction of the filter extension.
Ilia Alshanetsky
5.2 Release Master
edit:
The Windows Binaries.
Edin wrote:The Windows build of PHP 5.2.0RC2 is ready and can be downloaded from: