News Feed
Sections




News Archive
feed this:

Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP.net:
Release of PHP 5.4.41 & 5.5.25
May 15, 2015 @ 11:46:34

The latest versions of the PHP language in the 5.4.x and 5.5.x series have been released - PHP 5.4.41 and PHP 5.5.25.

These releases both fix several bugs including seven security related issues around the character in a pathname, a DoS vulnerability in the multi-part form data handling and an integer overflow in ftp_genlist.

As always, upgrading to these latest versions is always recommended (especially when there's security updates involved). You can grab the latest from the downloads page or the windows.php.net site if you're on a Windows platform. For the full list of changes, see the Changelog for the matching version.

0 comments voice your opinion now!
language release security bugfix php54 php55 upgrade

Link: http://php.net/downloads

PHP.net:
Release of PHP 5.6.7, 5.5.23 and 5.4.39
March 20, 2015 @ 10:45:27

The PHP development group has announced the release of the latest versions in all three major versions of PHP currently supported: PHP 5.6.7, 5.5.23 and 5.4.39. These releases are bugfix only with several security updates included.

The PHP development team announces the immediate availability of [these new versions]. Several bugs have been fixed as well as CVE-2015-0231, CVE-2015-2305 and CVE-2015-2331. All PHP [5.6, 5.5 and 5.4] users are encouraged to upgrade to this version.

As always, you can get the latest released for each of these versions from the main downloads page (for Windows users on windows.php.net) and if you'd like to see the other changes besides the security-related fixes check out the full Changelog.

0 comments voice your opinion now!
version release language php54 php55 php56 security bugfix

Link: http://php.net/index.php#id2015-03-20-2

PHP.net:
PHP 5.6.6 is available
February 20, 2015 @ 09:08:51

Following on the heels of the other latest releases of PHP (5.5.22 and 5.4.38), the PHP development group has release the latest in the 5.6.x series - PHP 5.6.6.

The PHP development team announces the immediate availability of PHP 5.6.6. This release fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273. All PHP 5.6 users are encouraged to upgrade to this version.

You can get this latest release either directly from the downloads page (well, from a mirror) or if you're a Windows user you can get the binaries here. Upgrading is definitely recommended and you can find all the details of the release and what what fixed in the Changelog.

0 comments voice your opinion now!
language release cve bugfix security php566

Link: http://php.net/archive/2015.php#id2015-02-19-2

PHP.net:
Release of PHP 5.5.22 & 5.4.38
February 19, 2015 @ 11:09:40

The main PHP.net site has an announcement today about the latest released of the language fixing several bugs including a few security-related issues: PHP 5.5.22 and 5.4.38.

The PHP development team announces the immediate availability of PHP 5.5.22 and 5.4.38. This release fixes several bugs and addresses CVE-2015-0235 and CVE-2015-0273. All PHP 5.5 and 5.4 users are encouraged to upgrade to this version.

As always, you can get the latest source downloads from the downloads page or Windows users can get the binaries from windows.php.net. Those interested in the complete list of fixes in these releases can check out the latest entries in the Changelog.

0 comments voice your opinion now!
language release cve bugfix security changelog php55 php54

Link: http://php.net/archive/2015.php#id2015-02-19-1

PHP.net:
Release of PHP 5.4.37, 5.5.21 & 5.6.5
January 23, 2015 @ 10:03:03

The PHP.net has posted the latest releases of the language for all of the major series - PHP 5.4, 5.5 and 5.6. Each release fixes several bugs including a few security related issues:

It is strongly encouraged that you upgrade to the latest release for the major version you're using to prevent issues around these vulnerabilities. You can find these latest releases on the main downloads page or windows.php.net for the Windows binaries.

0 comments voice your opinion now!
language release cve bugfix security

Link: http://php.net/archive/2015.php#id2015-01-22-3

PHP.net:
Release of PHP 5.4.36, 5.5.20 and 5.6.4 (Includes Security Fix)
December 19, 2014 @ 10:39:54

The PHP.net has announced the releases of several new versions in all of the current major series, all correcting several bugs including a CVE-related (security) related to unserialization. This security issue was reported in CVE-2014-8142 and relates to this bug report. It is highly recommended that you upgrade your versions to correct this potential security vulnerability. The latest versions are:

As always, you can download these latest releases directly from the downloads page or http://windows.php.net/download for the Windows users. If you're interested in the other bugs fixed in these releases, check out the full Changelog.

0 comments voice your opinion now!
language release bugfix php55 php56 php54 security cve20148242

Link: http://php.net/archive/2014.php#id2014-12-18-3

Symfony Blog:
The Symfony 500 + 100 Challenge
December 12, 2014 @ 12:48:08

The Symfony blog pas posted something they're calling the Symfony 500 + 100 Challenge, an effort to kickstart some backlog cleanup of the number of issues currently in the project's backlog.

The end of the year is approaching, and we think that this is the best time to do some backlog cleaning before fresh starting the new year. Right now there are 728 pending issues in symfony/symfony repository and 177 issues in symfony/symfony-docs.

Some of those issues were reported a long time ago and they probably refer to Symfony versions that are no longer maintained. Others would have been fixed but not closed and there could also be some duplicates. That's why we ask your help to review all the pending issues in order to close irrelevant issues and achieve much more manageable levels: 500 issues or less for symfony/symfony and 100 issues or less for symfony/symfony-docs.

If you're interested in helping out, they've included a few steps to get you started locating and claiming an issue for you to work on. They also make suggestions on how to report back issues found on bugs, feature requests and general discussion items.

0 comments voice your opinion now!
symfony challenge 500+100 issues bugfix featurerequest discussion

Link: http://symfony.com/blog/the-symfony-500-100-challenge

PHP.net:
New Supported Versions Timeline Page
October 29, 2014 @ 11:18:40

The PHP.net website has introduced a new feature to help make it a bit clearer which versions of PHP are supported and which have reached their end-of-life mark. This new Supported versions page off the main site provides listings of currently supported versions and graphical timelines of past (and future) support milestones.

Each release branch of PHP is fully supported for two years from its initial stable release. During this period, bugs and security issues that have been reported are fixed and are released in regular point releases. After this two year period of active support, each branch is then supported for an additional year for critical security issues only. Releases during this period are made on an as-needed basis: there may be multiple point releases, or none, depending on the number of reports.

The page includes information on when the initial release in a series was made (like the 5.4.x or 5.5.x series), when active support did/will end and how long the timeline is for security fixes and support. As of the time of this post, PHP 5.3.x is the only series that has reached end-of-life, but the 5.4.x series is coming close being in security fix only mode now and EOL-ing completely in ten months.

0 comments voice your opinion now!
version support timeline page phpnet release bugfix security

Link: http://php.net/supported-versions.php

Anthony Ferrara:
Educate, Don't Mediate
October 21, 2014 @ 11:53:55

In his latest post Anthony Ferarra makes a suggestion about teaching developers how to solve problems via a "quick fix" versus educating them about the real problem: educate, don't mediate.

Recently, there has been a spout of attention about how to deal with eval(base64_decode("blah")); style attacks. A number of posts about "The Dreaded eval(base64_decode()) - And how to protect your site and visitors" have appeared lately. They have been suggesting how to mitigate the attacks. This is downright bad. The problem is that these posts have been suggesting things like "Disable eval()" and "Disable base64_decode()" as possible solutions. And while technically that would work, it completely misses the point, and does nothing to protect users

He suggests that developers shouldn't just look for a "quick fix" solution posted in a tutorial somewhere and go on their merry way. One danger in this is that those instructions could only be patching part of the problem, not all of it. In this case, the disable eval/base64 handling is only a code-level fix. If this exploit exists in your application, the attacker was able to get to the local file system - a much bigger problem.

0 comments voice your opinion now!
educate mediate opinion bugfix quickfix eval base64 encode decode

Link: http://blog.ircmaxell.com/2014/10/educate-dont-mediate.html

PHP.net:
PHP 5.4.34 & 5.6.2 Released
October 17, 2014 @ 10:14:07

On the main PHP.net site an announcement has been posted about the release of the two latest versions in the PHP 5.4.x and 5.6.x series - PHP 5.4.34 and 5.6.2

These releases fix several bugs in both versions including several security-related issues including CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670. In the 5.4.34 release there was also a fix put in to correct a regression issue in the OpenSSL functionality.

As both of these contain security-related fixes, it's strongly recommended that you upgrade as soon as possible. As always, you can find the latest downloads on the main downloads page or windows.php.net for the Windows users. The full list of changes in each of the versions can be found in the Changelog.

0 comments voice your opinion now!
language release bugfix security update openssl

Link: http://php.net/archive/2014.php#id2014-10-16-3


Community Events

Don't see your event here?
Let us know!


part2 application interview opinion conference voicesoftheelephpant example performance release api podcast laravel introduction php7 community configure series framework library symfony2

All content copyright, 2015 PHPDeveloper.org :: info@phpdeveloper.org - Powered by the Solar PHP Framework