[es] - Izašao PHP 4.3.0

Aleksandar Marković
Part Time Freelance Journalist

Član broj: 219
Poruke: 5220
*.verat.net

Sajt: www.akcenat.info

+8 Profil

Izašao PHP 4.3.0

^{28.12.2002. u 15:01 - pre 259 meseci}

Changes in Current Version:

* This version finalizes the separate command line interface (CLI) that can be used for developing shell and desktop applications
* A very important "under the hood" feature is the streams API
* This iteration of the build system, among other things, replaces the slow recursive make with one global Makefile and eases the integration of proper dependencies
* GD library is now bundled with the distribution and it is recommended to always use the bundled version
* Vpopmail and cybermut extensions are moved to PECL
* Several deprecated extensions (aspell, ccvs, cybercash, icap) and SAPIs (fastcgi, fhttpd) are removed
* Various security fixes (imap, mysql, mcrypt, file upload, gd, etc)
* Apache2 filter is improved, but is still considered experimental
* Significant improvements in dba, gd, pcntl, sybase, and xslt extensions
* Zend Engine has some fixes and minor performance enhancements

http://www.php.net

_{Quaerite et invenietis | Everything in life is Luck -- Donald Trump | http://www.akcenat.info | Momenat – Vaša instant doza vesti | Part Time Freelance Journalist}

Odgovor na temu

Goran Rakić
Beograd

Moderator
Član broj: 999
Poruke: 3766

Sajt: blog.goranrakic.com

+125 Profil

Re: Izašao PHP 4.3.0

^{28.12.2002. u 15:16 - pre 259 meseci}

video sam juče, probao sam još i RC varijante. Streamovi su strava.

http://sr.libreoffice.org — slobodan kancelarijski paket, obrada teksta, tablice,
prezentacije, legalno bez troškova licenciranja

Odgovor na temu

CONFIQ
♫♪♥♪♫

Član broj: 4218
Poruke: 1994
*.red.bezeqint.net

ICQ: 82327428

+10 Profil

Re: Izašao PHP 4.3.0

^{28.12.2002. u 17:12 - pre 259 meseci}

Meni se sviđa to što greške pokazuje sa linkovima prema php.net-u a ne kontam šta radi funkcija debug_backtrace() ?

Odgovor na temu

01011011

Član broj: 561
Poruke: 2341
*.dialup.mindspring.com

+2 Profil

Re: Izašao PHP 4.3.0

^{31.12.2002. u 11:09 - pre 259 meseci}

Meni se svidja sto sam konacno uspio da instaliram ovu verziju :)

Odgovor na temu

Goran Rakić
Beograd

Moderator
Član broj: 999
Poruke: 3766

Sajt: blog.goranrakic.com

+125 Profil

Re: Izašao PHP 4.3.0

^{04.01.2003. u 17:40 - pre 259 meseci}

Citat:

A vulnerability in the wordwrap() function has been fixed in the 4.3.0 version of PHP. The buffer overflow could, in theory, allow a malicious attacker to cause PHP to unwittingly execute code of his or her choosing.

If your application uses the wordwrap() function and you run PHP 4.1.2 or above, you may want to consider upgrading to the latest version of PHP, 4.3.0. Applications that do not use wordwrap() should be unaffected (although 4.3.0 is a great upgrade anyway!)

http://sr.libreoffice.org — slobodan kancelarijski paket, obrada teksta, tablice,
prezentacije, legalno bez troškova licenciranja

Odgovor na temu

CONFIQ
♫♪♥♪♫

Član broj: 4218
Poruke: 1994
*.red.bezeqint.net

ICQ: 82327428

+10 Profil

Izašao PHP 4.3.1

^{17.02.2003. u 18:38 - pre 257 meseci}

Izašala i 4.3.1 pre 5 min.

Citat:

Description

PHP contains code for preventing direct access to the CGI binary with
configure option "--enable-force-cgi-redirect" and php.ini option
"cgi.force_redirect". In PHP 4.3.0 there is a bug which renders these
options useless.

NOTE: This bug does NOT affect any of the other SAPI modules.
(such as the Apache or ISAPI modules, etc.)

Impact

Anyone with access to websites hosted on a web server which employs
the CGI module may exploit this vulnerability to gain access to any file
readable by the user under which the webserver runs.

A remote attacker could also trick PHP into executing arbitrary PHP code
if attacker is able to inject the code into files accessible by the CGI.
This could be for example the web server access-logs.

Solution

The PHP Group has released a new PHP version, 4.3.1, which incorporates
a fix for the vulnerability. All users of affected PHP versions are
encouraged to upgrade to this latest version. The downloads web site at

http://www.php.net/downloads.php

has the new 4.3.1 source tarballs, Windows binaries and source patch
from 4.3.0 available for download. You will only need to upgrade if
you're using the CGI module of PHP 4.3.0. There are no other bugfixes
contained in this release.

Workaround

None.

Credits

The PHP Group would like to thank Kosmas Skiadopoulos for discovering
this vulnerability.

Copyright (c) 2003 The PHP Group.

Odgovor na temu

Vuk Nikolić
Vuk Nikolić
Banovo Brdo, Beograd

Član broj: 4895
Poruke: 244
*.beograd-2.tehnicom.net

ICQ: 42139643
Sajt: www.letva.org

Profil

Re: Izašao PHP 4.3.0

^{27.04.2003. u 02:02 - pre 255 meseci}

na mandrake 9.1 je php 4.3.1. :)

http://www.vuknikolic.com
http://www.klopaj.com

Odgovor na temu