#native_company# #native_desc#

PHP 5.3.1 released for 5 security flaws, 113 bugs

By Scott Clark
on November 23, 2009

The first update to PHP 5.3 is now available providing 5 security fixes in addition a long list of bug fixes to the popular open source dynamic language.

PHP 5.3 was released at the end of June, so the 5.3.1 point update has been in the works for five months at this point.

On the security fix front two of the bug fixes are for safe mode items which could have left a PHP system at risk:

Fixed a safe_mode bypass in tempnam().

Fixed bug #50063 (safe_mode_include_dir fails).
The three other fixes are a collection of different issues.

Among them is a new “max_file_uploads” INI directive, which according to the PHP 5.3.1 release notes, “…can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.” Sanity check are added to exif processing and there is a fix for an open_basedir bypass in posix_mkfifo().

While the security fixes are obviously an important reason for PHP users to migrate immediately, the long list of non-security items is also noteworthy. There are 113 named PHP bugs that have been fixed in PHP 5.3.1.

On top of that there are an additional 28 improvements in PHP 5.3.1 that don’t have an official PHP bug number attached to them. So the grand total of items addressed in the PHP 5.3.1 update is (5 security + 113 numbered bugs + 28 un-numbered bugs) 146 items. That’s not a trivial amount of change in a code base.

Read the whole story at http://blog.internetnews.com/skerner/2009/11/php-531-released-for-5-securit.html