PHP 5.4.13 and PHP 5.3.23 released!
The PHP development team announces the immediate availability of PHP 5.4.13 and PHP 5.3.23. These releases fix about the bugs, including fixes for cve-2013-1643 and cve-2013-1635. All users of PHP is encouraged to upgrade to PHP 5.4.13.
For source downloads of Php 5.4.13 and PHP 5.3.23 * Visit our Downloads page, Windows binaries can is found on window s.php.net/download/.
Version 5.4.13
14-march-2013
Core:
Fixed bug #64235 (insteadof not work for class method in 5.4.11).
Implemented FR #64175 (Added HTTP codes as of RFC 6585).
Fixed bug #64142 (dval to lval different behavior on PPC64).
Fixed bug #64070 (inheritance with Traits failed with error).
CLI Server:
Fixed bug #64128 (buit-in Web server is broken on PPC64).
Mbstring:
Mb_split () can now handle the empty matches like Preg_split () does.
Openssl:
Fixed bug #61930 (OpenSSL corrupts SSL key resource when using Openssl_get_publickey ()).
Pdo_mysql:
Fixed bug #60840 (undefined symbol:mysqlnd_debug_std_no_trace_funcs).
Phar:
Fixed timestamp update on Phar contents modification.
Soap
Added Check that soap.wsdl_cache_dir conforms to Open_basedir (cve-2013-1635).
Disabled external entities loading (cve-2013-1643).
Spl:
Fixed bug #64264 (splfixedarray toArray problem).
Fixed bug #64228 (Recursivedirectoryiterator always assumes skip_dots).
Fixed bug #64106 (segfault on splfixedarray[][x] = y when extended).
Fixed bug #52861 (unset fails with arrayobject and deep arrays).
Snmp:
Fixed bug #64124 (IPv6 malformed).
Version 5.3.23
14-march-2013
Phar:
Fixed timestamp update on Phar contents modification.
Soap
Added Check that soap.wsdl_cache_dir conforms to Open_basedir (cve-2013-1635).
Disabled external entities loading (cve-2013-1643).
Spl:
Fixed bug #64264 (splfixedarray toArray problem).
Fixed bug #64228 (Recursivedirectoryiterator always assumes skip_dots).
Fixed bug #64106 (segfault on splfixedarray[][x] = y when extended).
Fixed bug #52861 (unset fails with arrayobject and deep arrays).
========= episode ===========
In the near future may need to do a project in Zhenjiang, if there is a nearby or Zhenjiang Phper can send me a message, the front-end design (JS (native) +html+css) feel good can also give me a message.
------Solution--------------------
Recently did not pay attention to the official website.
Amount After the release of the PHP 5.0alpha release
------Solution--------------------
Must have escalated again. Every time security issues are forced to escalate.