In article <[EMAIL PROTECTED]>, [EMAIL PROTECTED] says... > The PHP Development Team would like to announce the immediate release of > PHP 4.3.11 and 5.0.4. These are maintenance releases that in addition > to fixing over 70 non-critical bugs, address several security issues. > The addressed security issues include fixes to the exif and fbsql > extensions, as well as fixes to unserialize(), swf_definepoly() and > getimagesize(). > > All users of PHP are strongly encouraged to upgrade to this release. > > Aside from the above mentioned issues this release includes the > following important fixes: > > * Crash in bzopen() if supplied path to non-existent file. > * DOM crashing when attribute appended to Document. > * unserialize() float problem on non-English locales. > * Crash in msg_send() when non-string is stored without being serialized. > * Possible infinite loop in imap_mail_compose(). > * Fixed crash in chunk_split(), when chunklen > strlen. > * session_set_save_handler crashes PHP when supplied non-existent object > reference. > * Memory leak in zend_language_scanner.c. > * Compile failures of zend_strtod.c. > * Fixed crash in overloaded objects & overload() function. > * cURL functions bypass open_basedir. > > The PHP Development Team would like to thank all the people who have > identified the security faults in PHP and helped us address them.
Hm, I thought this release was going to include bug #30819, after the discussion about that bug that was held on here... Is the fix for PHP's broken LDAP SASL behavior waiting on 5.1 instead? --Quanah -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
