"During the development of Hardened-PHP which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered that range from bufferoverflows, over information leak vulnerabilities and path truncation vulnerabilities to safe_mode restriction bypass vulnerabilities," according to a security advisory from the Hardened PHP Project released last week. Details for the vulnerabilities are available from the Hardened PHP Project.
PHP Security Holes Plugged
Bugs range from buffer overflows, over-information-leak and path-truncation vulnerabilities to safe_mode restriction bypass vulnerabilities
The PHP Group released PHP 4.3.1 and PHP 5.0.3 which plug serious security holes in implementations of the popular Web site scripting language, the group said in a statement on it's Web site. All users were urged to upgrade to either of these releases as soon as possible.
"During the development of Hardened-PHP which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered that range from bufferoverflows, over information leak vulnerabilities and path truncation vulnerabilities to safe_mode restriction bypass vulnerabilities," according to a security advisory from the Hardened PHP Project released last week. Details for the vulnerabilities are available from the Hardened PHP Project.
Patches for these vulnerabilities are available from the PHP Group.
"During the development of Hardened-PHP which adds security hardening features to the PHP codebase, several vulnerabilities within PHP were discovered that range from bufferoverflows, over information leak vulnerabilities and path truncation vulnerabilities to safe_mode restriction bypass vulnerabilities," according to a security advisory from the Hardened PHP Project released last week. Details for the vulnerabilities are available from the Hardened PHP Project.
