In association with heise online

15 February 2007, 15:17

And now, security updates also for PHP4

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Just under a week ago the developers of PHP fixed a number of security vulnerabilities, which could be exploited by attackers locally, in shared hosting environments and partly also remotely, by releasing PHP 5.2.1. They have now gone one better by releasing a fixed version of the still widely used version 4 branch of PHP.

According to the release notes, the bugs fixed are the same bugs as had affected version 5. These included buffer overflows, the ability to circumvent the security offered by safe_mode and open_basedir and 'format string' vulnerabilities. The complete ChangeLog gives a very undetailed overview of the changes. The developers recommend updating as soon as possible.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit