Upgrade versiune PHP 5.3.6

Toate serverele RoDomenii / HostingSpace vor suferi in urmatoarele zile (pana la 1 Aprilie) un upgrade de php la versiunea 5.3.6 din motive de securitate.

Versiunea 5.3.6 a fost lansata in data de 17 martie 2011 si prezinta majore imbunatatiri din punctul de vedere al stabilitatii PHP-ului 5.3 cu peste 60 fix-uri din care cateva sunt legate de securitate.

Iata un extras (in engleza) de pe siteul php.net in care se explica cateva din modificarile aduse de 5.3.6

Security Enhancements and Fixes in PHP 5.3.6:

  • Enforce security in the fastcgi protocol parsing with fpm SAPI.
  • Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
  • Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
  • Fixed bug #54055 (buffer overrun with high values for precision ini setting).
  • Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
  • Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)

Key enhancements in PHP 5.3.6 include:

  • Upgraded bundled Sqlite3 to version 3.7.4.
  • Upgraded bundled PCRE to version 8.11.
  • Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context/http/header/Proxy-Authorization.
  • Added options to debug backtrace functions.
  • Changed default value of ini directive serialize_precision from 100 to 17.
  • Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error).
  • Fixed Bug #53958 (Closures can’t ‘use’ shared variables by value and by reference).
  • Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash).
  • Over 60 other bug fixes.

Cu respect,
Echipa RoDomenii