After a lengthy QA process, PHP 4.3.2 is finally out! This maintenance release solves a lot of bugs found in earlier PHP versions and is a *strongly* recommended upgrade for all PHP users. Fixes several potentially hazardous integer and buffer overflows. LinuxSecurity will track vendor advisories and post them as vendors submit them.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 After a lengthy QA process, PHP 4.3.2 is finally out! This maintenance release solves a lot of bugs found in earlier PHP versions and is a *strongly* recommended upgrade for all PHP users. PHP 4.3.2 contains, among others, following important fixes, additions and improvements: * Fixes several potentially hazardous integer and buffer overflows. * Fixes for several 64-bit problems. * New Apache 2.0 SAPI module (sapi/apache2handler, enabled with --with-apxs2). * New session_regenerate_id() function. (Important feature against malicious session planting). * Improvements to dba extension. * Improvements to thttpd SAPI module. * Dropped support for GDLIB version 1.x.x (php_gd.dll) on Windows. * An unix man page for CLI version of PHP. * New "disable_classes" php.ini option to allow administrators to disable certain classes for security reasons. * ..and huge amount other bug fixes For a full list of changes in PHP 4.3.2, see the NEWS file. (https://www.php.net/search.php md5sums: 8aec1bb2dbcca1c92835c71e2e30d9c5 *php-4.3.2.tar.bz2 8433a1d0ce679780990d4813ae094590 *php-4.3.2.tar.gz e1afea6341d97e8160bd7d93712721ec *php-4.3.2-Win32.zip cb55d0d9df6a2bf4ba666c27886d12cb *php-4.3.2-installer.exe kippis, Jani Taskinen sniper@php.net -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see https://www.gnupg.org/ iD8DBQE+1feO/HlsOzK2WlERAuExAKDYgdy/qCRur4YPdoPGrxfFqWxxmgCfdnal DtTNv9vmVAUDRh2LjM0lUH0= =GHti -----END PGP SIGNATURE-----
