For those still using PHP4 a new version was released today.
* Improved fix for MOPB-02-2007.
* Fixed an integer overflow inside chunk_split(). Identified by Gerhard Wagner.
* Fixed integer overlow in str[c]spn().
* Fixed regression in glob when open_basedir is on introduced by #41655 fix.
* Fixed money_format() not to accept multiple %i or %n tokens.
* Addded "max_input_nesting_level" php.ini option to limit nesting level of input variables. Fix for MOPB-03-2007.
* Fixed INFILE LOCAL option handling with MySQL - now not allowed when open_basedir or safe_mode is active.
* Fixed session.save_path and error_log values to be checked against open_basedir and safe_mode (CVE-2007-3378).
Full details available on http://www.php.net
Thursday, 3 January 2008
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment