Looking for more information on how to do PHP the right way? Check out PHP: The Right Way

PHP.net:
PHP 4.4.2 Released
Jan 13, 2006 @ 17:45:52

According to a new post on the main PHP site, they've released the latest version in the 4.4.x series - PHP 4.4.2.

The PHP development team is proud to announce the release of PHP 4.4.2. This release address a few small security issues, and also corrects some regressions that occurred in PHP 4.4.1. All PHP 4 users are encouraged to upgrade to this release.

Further details about this release can be found in the release announcement and the full list of changes is available in the PHP 4 ChangeLog.

Some of the things that this edition fixes includes: HTTP Response Splitting has been addressed in the header() function, an XSS problem inside the error reporting functionality has been removed, and Apache 2 regression with sub-request handling on non-Linux systems has been fixed.

So, head on over and grab this lastest distribution and upgrade today!

tagged: 4.4.2 release http response splitting xss problem apache 2 4.4.2 release http response splitting xss problem apache 2

Link:

PHP.net:
PHP 4.4.2 Released
Jan 13, 2006 @ 17:45:52

According to a new post on the main PHP site, they've released the latest version in the 4.4.x series - PHP 4.4.2.

The PHP development team is proud to announce the release of PHP 4.4.2. This release address a few small security issues, and also corrects some regressions that occurred in PHP 4.4.1. All PHP 4 users are encouraged to upgrade to this release.

Further details about this release can be found in the release announcement and the full list of changes is available in the PHP 4 ChangeLog.

Some of the things that this edition fixes includes: HTTP Response Splitting has been addressed in the header() function, an XSS problem inside the error reporting functionality has been removed, and Apache 2 regression with sub-request handling on non-Linux systems has been fixed.

So, head on over and grab this lastest distribution and upgrade today!

tagged: 4.4.2 release http response splitting xss problem apache 2 4.4.2 release http response splitting xss problem apache 2

Link:

PHP Security Blog:
Goodbye HTTP Response Splitting, and thanks for all the fish
Jan 13, 2006 @ 12:54:50

On the PHP Security Blog today, Stefan Esser has this new post with comments about the latest PHP 5.x release and the HTTP response splitting it fixes.

For all those that have not yet learned about my two new advisories through the usual channels. PHP 5.1.2 was released today, fixing among other things a serious HTTP Response Splitting vulnerability in the PHP5 session extension. The fix was implemented in a way similar to the SAPI hook in our Hardening-Patch and is the first move to get some of the Hardening-Patch features into the plain PHP. It is also merged into the PHP4 code tree.

So, basically, once the latest version of the PHP 4.x series has been released, HTTP reponse splitting issues will be a thing of the past. Great work on both sides of the version fence for taking care of this issue...

tagged: security http response splitting 5.1.2 4.4.2 security http response splitting 5.1.2 4.4.2

Link:

PHP Security Blog:
Goodbye HTTP Response Splitting, and thanks for all the fish
Jan 13, 2006 @ 12:54:50

On the PHP Security Blog today, Stefan Esser has this new post with comments about the latest PHP 5.x release and the HTTP response splitting it fixes.

For all those that have not yet learned about my two new advisories through the usual channels. PHP 5.1.2 was released today, fixing among other things a serious HTTP Response Splitting vulnerability in the PHP5 session extension. The fix was implemented in a way similar to the SAPI hook in our Hardening-Patch and is the first move to get some of the Hardening-Patch features into the plain PHP. It is also merged into the PHP4 code tree.

So, basically, once the latest version of the PHP 4.x series has been released, HTTP reponse splitting issues will be a thing of the past. Great work on both sides of the version fence for taking care of this issue...

tagged: security http response splitting 5.1.2 4.4.2 security http response splitting 5.1.2 4.4.2

Link:

PHP.net:
PHP 5.1.2 Released
Jan 12, 2006 @ 15:27:12

There's a note over on the main PHP site, that the release of the latest version in the PHP 5.1.x series has been posted - PHP 5.1.2.

The PHP development team is proud to announce the release of PHP 5.1.2. This release combines small feature enhancements with a fair number of bug fixes and addresses three security issues. All PHP 5 users are encouraged to upgrade to this release.

Further details about this release can be found in the release announcement and the full list of changes is available in the PHP 5 ChangeLog.

Some of the larger changes in this new version include: "HTTP Response Splitting has been addressed in ext/session and in the header() function", "Upgraded OCI8 extension", and "Over 85 various bug fixes".

So, what are you waiting for? Get over and upgrade now!

tagged: 5.1.2 release http response splitting upgrade oci8 extension bug fixes 5.1.2 release http response splitting upgrade oci8 extension bug fixes

Link:

PHP.net:
PHP 5.1.2 Released
Jan 12, 2006 @ 15:27:12

There's a note over on the main PHP site, that the release of the latest version in the PHP 5.1.x series has been posted - PHP 5.1.2.

The PHP development team is proud to announce the release of PHP 5.1.2. This release combines small feature enhancements with a fair number of bug fixes and addresses three security issues. All PHP 5 users are encouraged to upgrade to this release.

Further details about this release can be found in the release announcement and the full list of changes is available in the PHP 5 ChangeLog.

Some of the larger changes in this new version include: "HTTP Response Splitting has been addressed in ext/session and in the header() function", "Upgraded OCI8 extension", and "Over 85 various bug fixes".

So, what are you waiting for? Get over and upgrade now!

tagged: 5.1.2 release http response splitting upgrade oci8 extension bug fixes 5.1.2 release http response splitting upgrade oci8 extension bug fixes

Link:


Trending Topics: