xref: /web-php/archive/entries/2021-03-30-1.xml (revision a0ee403c)
1<?xml version="1.0" encoding="utf-8"?>
2<entry xmlns="http://www.w3.org/2005/Atom">
3  <title>PHP releases on hold</title>
4  <id>https://www.php.net/archive/2021.php#2021-03-30-1</id>
5  <published>2021-03-30T19:14:46+00:00</published>
6  <updated>2021-03-30T19:14:46+00:00</updated>
7  <link href="https://www.php.net/index.php#id2021-03-30-1" rel="alternate" type="text/html"/>
8  <link href="https://www.php.net/archive/2021.php#2021-03-30-1" rel="via" type="text/html"/>
9  <category term="frontpage" label="PHP.net frontpage news"/>
10  <category term="releases" label="New PHP release"/>
11  <content type="xhtml">
12    <div xmlns="http://www.w3.org/1999/xhtml">
13     <p>
14     As <a href="https://news-web.php.net/php.internals/113838">announced</a>
15     on the php.internals mailing list, a pair of
16     <a href="https://github.com/php/php-src/commit/c730aa26bd52829a49f2ad284b181b7e82a68d7d">malicious</a>
17     <a href="https://github.com/php/php-src/commit/2b0f239b211c7544ebc7a4cd2c977a5b7a11ed8a">commits</a>
18     were made in the PHP source code repository over the weekend.
19     <i>These commits were immediately noticed and reverted,
20     and thus <b>never reached end users</b>.</i>
21     The investigation into the root cause and exact scope of the
22     compromise is still ongoing, therefore releases will be put
23     on hold for two weeks assuming no further issues are discovered.
24     </p>
25
26     <p>
27     Thank you for bearing with us while we endeavor to ensure that
28     PHP is a stable and reliable platform for web development.
29     </p>
30    </div>
31  </content>
32</entry>
33