On the PHP Security blog today, Stefan Esser points out one of the latest episodes of the Pro::PHP Podcast in which Ed Finkler got to talk a little bit about PHP security (seeing as how he's involved with the PHPSecInfo project). One of the things he (Ed) specifically mentions in the interview is the Month of PHP Bugs that Stefan recently wrapped up.

Today I learned about a podcast interview of Ed Finkler one of the members of the PHP Security Consortium. I heard through the first 30 minutes and was kinda bored because it was not really about PHP Security but about educating PHP developers, which is a subtopic of PHP Application Security which itself is a subtopic of PHP Security. I already wanted to switch it off when at around 34:32 they started talking about the Month of PHP Bugs.

Stefan also notes that Ed didn't mention that several of the MoPB issues had already been released to the PHP group but had yet to of been corrected. Be sure to check out the podcast for yourself, though and see what you think of Ed's comments about PHP security and the MoPB initiative.

On the PHP Security blog today, Stefan Esser points out one of the latest episodes of the Pro::PHP Podcast in which Ed Finkler got to talk a little bit about PHP security (seeing as how he's involved with the PHPSecInfo project). One of the things he (Ed) specifically mentions in the interview is the Month of PHP Bugs that Stefan recently wrapped up.

Today I learned about a podcast interview of Ed Finkler one of the members of the PHP Security Consortium. I heard through the first 30 minutes and was kinda bored because it was not really about PHP Security but about educating PHP developers, which is a subtopic of PHP Application Security which itself is a subtopic of PHP Security. I already wanted to switch it off when at around 34:32 they started talking about the Month of PHP Bugs.

Stefan also notes that Ed didn't mention that several of the MoPB issues had already been released to the PHP group but had yet to of been corrected. Be sure to check out the podcast for yourself, though and see what you think of Ed's comments about PHP security and the MoPB initiative.

Frank Lopez has tipped us off to a new article over on the ComputerWorld website of an interview by Howard Dahdah with Stefan Esser about the recently passed Month of PHP Bugs project he's just wrapped.

Last month, Stefan Esser, an independent security consultant and a founder of both the Hardened-PHP Project and PHP Security Response Team (which he has since left), launched his Month of PHP Bugs as a way of improving the security of PHP by outing flaws in its source code.

Making himself a target for criticism through this undertaking (the PHP developer community is a spirited bunch), Esser was surprised at the positive feedback he received at the conclusion of the project. He speaks here with Howard Dahdah.

They talk about the outcome of the project, what he (Esser) thinks he's achieved, what kind of feedback he's gotten about it, and what kind of impact this should have on the opinions the use of PHP for businesses and developers all across the community.

Frank Lopez has tipped us off to a new article over on the ComputerWorld website of an interview by Howard Dahdah with Stefan Esser about the recently passed Month of PHP Bugs project he's just wrapped.

Last month, Stefan Esser, an independent security consultant and a founder of both the Hardened-PHP Project and PHP Security Response Team (which he has since left), launched his Month of PHP Bugs as a way of improving the security of PHP by outing flaws in its source code.

Making himself a target for criticism through this undertaking (the PHP developer community is a spirited bunch), Esser was surprised at the positive feedback he received at the conclusion of the project. He speaks here with Howard Dahdah.

They talk about the outcome of the project, what he (Esser) thinks he's achieved, what kind of feedback he's gotten about it, and what kind of impact this should have on the opinions the use of PHP for businesses and developers all across the community.

Ilia Alshanetsky has posted a new release announcement for the latest Release Candidate in the PHP 5.2.x series - PHP 5.2.2RC1.

The focus of this release is twofold, number one we are continuing to stabilize the language, with over 60 bug fixes. The second goal was to improve the security of the language through an internal audit as well as by addressing previously unknown bugs identified by MOPB. As you can imagine both these goals result in a rather extensive set of changes, so testing to make sure no new bugs or regressions were introduced is critical.

He stresses the importance of testing this release because of a real push to get this release (with all of its bugfixes) out as soon as possible.

Downloads:

• BZipped download
• GZipped download

Ilia Alshanetsky has posted a new release announcement for the latest Release Candidate in the PHP 5.2.x series - PHP 5.2.2RC1.

The focus of this release is twofold, number one we are continuing to stabilize the language, with over 60 bug fixes. The second goal was to improve the security of the language through an internal audit as well as by addressing previously unknown bugs identified by MOPB. As you can imagine both these goals result in a rather extensive set of changes, so testing to make sure no new bugs or regressions were introduced is critical.

He stresses the importance of testing this release because of a real push to get this release (with all of its bugfixes) out as soon as possible.

Downloads:

• BZipped download
• GZipped download