Monthly Archives: June 2009

PHP 5.2.10 Released!

PHP 5.2.10 Release Announcement

The PHP development team would like to announce the immediate availability of PHP 5.2.10. This release focuses on improving the stability of the PHP 5.2.x branch with over 100 bug fixes, one of which is security related. All users of PHP are encouraged to upgrade to this release.

Version 5.2.10

  • Security Fixes
    o Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files). (Pierre)
  • Updated timezone database to version 2009.9 (2009i) (Derick)
  • Added “ignore_errors” option to http fopen wrapper. (David Zulke, Sara)
  • Added new CURL options CURLOPT_REDIR_PROTOCOLS, CURLOPT_PROTOCOLS, and CURLPROTO_* for redirect fixes in CURL 7.19.4. (Yoram Bar Haim, Stas)
  • Added support for Sun CC (FR #46595 and FR #46513). (David Soria Parra)
  • Changed default value of array_unique()’s optional sorting type parameter back to SORT_STRING to fix backwards compatibility breakage introduced in PHP 5.2.9. (Moriyoshi)
  • Fixed memory corruptions while reading properties of zip files. (Ilia)
  • Fixed memory leak in ob_get_clean/ob_get_flush. (Christian)
  • Fixed segfault on invalid session.save_path. (Hannes)
  • Fixed leaks in imap when a mail_criteria is used. (Pierre)
  • Fixed missing erealloc() in fix for Bug #40091 in spl_autoload_register. (Greg)
  • Fixed bug #48562 (Reference recursion causes segfault when used in wddx_serialize_vars()). (Felipe)
  • Fixed bug #48557 (Numeric string keys in Apache Hashmaps are not cast to integers). (David Zuelke)
  • Fixed bug #48518 (curl crashes when writing into invalid file handle). (Tony)
  • Fixed bug #48514 (cURL extension uses same resource name for simple and multi APIs). (Felipe)
  • Fixed bug #48469 (ldap_get_entries() leaks memory on empty search results). (Patrick)
  • Fixed bug #48456 (CPPFLAGS not restored properly in phpize.m4). (Jani, spisek at kerio dot com)
  • Fixed bug #48448 (Compile failure under IRIX 6.5.30 building cast.c). (Kalle)
  • Fixed bug #48441 (ldap_search() sizelimit, timelimit and deref options persist). (Patrick)
  • Fixed bug #48434 (Improve memory_get_usage() accuracy). (Arnaud)
  • Fixed bug #48416 (Force a cache limit in ereg() to stop excessive memory usage). (Scott)
  • Fixed bug #48409 (Crash when exception is thrown while passing function arguments). (Arnaud)
  • Fixed bug #48378 (exif_read_data() segfaults on certain corrupted .jpeg files). (Pierre)
  • Fixed bug #48359 (Script hangs on snmprealwalk if OID is not increasing). (Ilia, simonov at gmail dot com)
  • Fixed bug #48336 (ReflectionProperty::getDeclaringClass() does not work with redeclared property). (patch by Markus dot Lidel at shadowconnect dot com)
  • Fixed bug #48326 (constant MSG_DONTWAIT not defined). (Arnaud)
  • Fixed bug #48313 (fgetcsv() does not return null for empty rows). (Ilia)
  • Fixed bug #48309 (stream_copy_to_stream() and fpasstru() do not update stream position of plain files). (Arnaud)
  • Fixed bug #48307 (stream_copy_to_stream() copies 0 bytes when $source is a socket). (Arnaud)
  • Fixed bug #48273 (snmp*_real_walk() returns SNMP errors as values). (Ilia, lytboris at gmail dot com)
  • Fixed bug #48256 (Crash due to double-linking of history.o). (tstarling at wikimedia dot org)
  • Fixed bug #48248 (SIGSEGV when access to private property via &__get). (Felipe)
  • Fixed bug #48247 (Crash on errors during startup). (Stas)
  • Fixed bug #48240 (DBA Segmentation fault dba_nextkey). (Felipe)
  • Fixed bug #48224 (Incorrect shuffle in array_rand). (Etienne)
  • Fixed bug #48221 (memory leak when passing invalid xslt parameter). (Felipe)
  • Fixed bug #48207 (CURLOPT_(FILE|WRITEHEADER options do not error out when working with a non-writable stream). (Ilia)
  • Fixed bug #48206 (Iterating over an invalid data structure with RecursiveIteratorIterator leads to a segfault). (Scott)
  • Fixed bug #48204 (xmlwriter_open_uri() does not emit warnings on invalid paths). (Ilia)
  • Fixed bug #48203 (Crash when CURLOPT_STDERR is set to regular file). (Jani)
  • Fixed bug #48202 (Out of Memory error message when passing invalid file path) (Pierre)
  • Fixed bug #48156 (Added support for lcov v1.7). (Ilia)
  • Fixed bug #48132 (configure check for curl ssl support fails with –disable-rpath). (Jani)
  • Fixed bug #48131 (Don’t try to bind ipv4 addresses to ipv6 ips via bindto). (Ilia)
  • Fixed bug #48070 (PDO_OCI: Segfault when using persistent connection). (Pierre, Matteo, jarismar dot php at gmail dot com)
  • Fixed bug #48058 (Year formatter goes wrong with out-of-int range). (Derick)
  • Fixed bug #48038 (odbc_execute changes variables used to form params array). (Felipe)
  • Fixed bug #47997 (stream_copy_to_stream returns 1 on empty streams). (Arnaud)
  • Fixed bug #47991 (SSL streams fail if error stack contains items). (Mikko)
  • Fixed bug #47981 (error handler not called regardless). (Hannes)
  • Fixed bug #47969 (ezmlm_hash() returns different values depend on OS). (Ilia)
  • Fixed bug #47946 (ImageConvolution overwrites background). (Ilia)
  • Fixed bug #47940 (memory leaks in imap_body). (Pierre, Jake Levitt)
  • Fixed bug #47937 (system() calls sapi_flush() regardless of output buffering). (Ilia)
  • Fixed bug #47903 (“@” operator does not work with string offsets). (Felipe)
  • Fixed bug #47893 (CLI aborts on non blocking stdout). (Arnaud)
  • Fixed bug #47849 (Non-deep import loses the namespace). (Rob)
  • Fixed bug #47845 (PDO_Firebird omits first row from query). (Lars W)
  • Fixed bug #47836 (array operator [] inconsistency when the array has PHP_INT_MAX index value). (Matt)
  • Fixed bug #47831 (Compile warning for strnlen() in main/spprintf.c). (Ilia, rainer dot jung at kippdata dot de)
  • Fixed bug #47828 (openssl_x509_parse() segfaults when a UTF-8 conversion fails). (Scott, Kees Cook, Pierre)
  • Fixed bug #47818 (Segfault due to bound callback param). (Felipe)
  • Fixed bug #47801 (__call() accessed via parent:: operator is provided incorrect method name). (Felipe)
  • Fixed bug #47769 (Strange extends PDO). (Felipe)
  • Fixed bug #47745 (FILTER_VALIDATE_INT doesn’t allow minimum integer). (Dmitry)
  • Fixed bug #47721 (Alignment issues in mbstring and sysvshm extension) (crrodriguez at opensuse dot org, Ilia)
  • Fixed bug #47704 (PHP crashes on some “bad” operations with string offsets). (Dmitry)
  • Fixed bug #47695 (build error when xmlrpc and iconv are compiled against different iconv versions). (Scott)
  • Fixed bug #47667 (ZipArchive::OVERWRITE seems to have no effect). (Mikko, Pierre)
  • Fixed bug #47644 (Valid integers are truncated with json_decode()). (Scott)
  • Fixed bug #47639 (pg_copy_from() WARNING: nonstandard use of \\ in a string literal). (Ilia)
  • Fixed bug #47616 (curl keeps crashing). (Felipe)
  • Fixed bug #47598 (FILTER_VALIDATE_EMAIL is locale aware). (Ilia)
  • Fixed bug #47566 (pcntl_wexitstatus() returns signed status). (patch by james at jamesreno dot com)
  • Fixed bug #47564 (unpacking unsigned long 32bit bit endian returns wrong result). (Ilia)
  • Fixed bug #47487 (performance degraded when reading large chunks after fix of bug #44607). (Arnaud)
  • Fixed bug #47468 (enable cli|cgi-only extensions for embed sapi). (Jani)
  • Fixed bug #47435 (FILTER_FLAG_NO_PRIV_RANGE does not work with ipv6 addresses in the filter extension). (Ilia)
  • Fixed bug #47430 (Errors after writing to nodeValue parameter of an absent previousSibling). (Rob)
  • Fixed bug #47365 (ip2long() may allow some invalid values on certain 64bit systems). (Ilia)
  • Fixed bug #47254 (Wrong Reflection for extends class). (Felipe)
  • Fixed bug #47042 (cgi sapi is incorrectly removing SCRIPT_FILENAME). (Sriram Natarajan, David Soria Parra)
  • Fixed bug #46882 (Serialize / Unserialize misbehaviour under OS with different bit numbers). (Matt)
  • Fixed bug #46812 (get_class_vars() does not include visible private variable looking at subclass). (Arnaud)
  • Fixed bug #46386 (Digest authentication with SOAP module fails against MSSQL SOAP services). (Ilia, lordelph at gmail dot com)
  • Fixed bug #46109 (Memory leak when mysqli::init() is called multiple times). (Andrey)
  • Fixed bug #45997 (safe_mode bypass with exec/system/passthru (windows only)). (Pierre)
  • Fixed bug #45877 (Array key ‘2147483647’ left as string). (Matt)
  • Fixed bug #45822 (Near infinite-loops while parsing huge relative offsets). (Derick, Mike Sullivan)
  • Fixed bug #45799 (imagepng() crashes on empty image). (Martin McNickle, Takeshi Abe)
  • Fixed bug #45622 (isset($arrayObject->p) misbehaves with ArrayObject:: ARRAY_AS_PROPS set). (robin_fernandes at uk dot ibm dot com, Arnaud)
  • Fixed bug #45614 (ArrayIterator::current(), ::key() can show 1st private prop of wrapped object). (robin_fernandes at uk dot ibm dot com, Arnaud)
  • Fixed bug #45540 (stream_context_create creates bad http request). (Arnaud)
  • Fixed bug #45202 (zlib.output_compression can not be set with ini_set()). (Jani)
  • Fixed bug #45191 (error_log ignores date.timezone php.ini val when setting logging timestamps). (Derick)
  • Fixed bug #45092 (header HTTP context option not being used when compiled using –with-curlwrappers). (Jani)
  • Fixed bug #44996 (xmlrpc_decode() ignores time zone on iso8601.datetime). (Ilia, kawai at apache dot org)
  • Fixed bug #44827 (define() is missing error checks for class constants). (Ilia)
  • Fixed bug #44214 (Crash using preg_replace_callback() and global variables). (Nuno, Scott)
  • Fixed bug #43073 (TrueType bounding box is wrong for angle<>0). (Martin McNickle)
  • Fixed bug #42663 (gzinflate() try to allocate all memory with truncated data). (Arnaud)
  • Fixed bug #42414 (some odbc_*() functions incompatible with Oracle ODBC driver). (jhml at gmx dot net)
  • Fixed bug #42362 (HTTP status codes 204 and 304 should not be gzipped). (Scott, Edward Z. Yang)
  • Fixed bug #42143 (The constant NAN is reported as 0 on Windows) (Kanwaljeet Singla, Venkat Raman Don)
  • Fixed bug #38805 (PDO truncates text from SQL Server text data type field). (Steph)
1 Star2 Stars (+5 rating, 1 votes)

Fixed in Firefox 3.0.11 (several security issues)

We strongly recommend the update to Firefox 3.0.11.

Firefox 3.0.11 fixes several security issues found in Firefox 3.0.10 (4 Critical, 1 High, 2 Moderate, 2 Low):

MFSA 2009-32 JavaScript chrome privilege escalation
MFSA 2009-31 XUL scripts bypass content-policy checks
MFSA 2009-30 Incorrect principal set for file: resources loaded via location bar
MFSA 2009-29 Arbitrary code execution using event listeners attached to an element whose owner document is null
MFSA 2009-28 Race condition while accessing the private data of a NPObject JS wrapper class object
MFSA 2009-27 SSL tampering via non-200 responses to proxy CONNECT requests
MFSA 2009-26 Arbitrary domain cookie access by local file: resources
MFSA 2009-25 URL spoofing with invalid unicode characters
MFSA 2009-24 Crashes with evidence of memory corruption (rv:

The sooner… the safer!


1 Star2 Stars (No Ratings Yet)

A list with all posts

Lately, i have been asked if it would be possible to have a quick access to a list with all posts of
So here it is…

Click on the archive on the top menu!


1 Star2 Stars (+2 rating, 1 votes)