1<?php 2$_SERVER['BASE_PAGE'] = 'releases/5_1_3.php'; 3include_once __DIR__ . '/../include/prepend.inc'; 4site_header("PHP 5.1.3 Release Announcement"); 5?> 6 7<h1>PHP 5.1.3. Release Announcement</h1> 8<p> 9The PHP development team is proud to announce the release of <a href="/downloads.php">PHP 5.1.3</a>. 10This release combines small number of feature enhancements with a significant amount of bug fixes and resolves a number of security issues. 11All PHP users are encouraged to upgrade to this release as soon as possible. 12</p> 13 14<p> 15The security issues resolved include the following: 16<ul> 17 <li>Disallow certain characters in session names.</li> 18 <li>Fixed a buffer overflow inside the wordwrap() function.</li> 19 <li>Prevent jumps to parent directory via the 2nd parameter of the tempnam() function.</li> 20 <li>Enforce safe_mode for the source parameter of the copy() function.</li> 21 <li>Fixed cross-site scripting inside the phpinfo() function.</li> 22 <li>Fixed offset/length parameter validation inside the substr_compare() function.</li> 23 <li>Fixed a heap corruption inside the session extension.</li> 24 <li>Fixed a bug that would allow variable to survive unset().</li> 25</ul> 26</p> 27 28<p> 29The feature enhancements include the following notables: 30<ul> 31 <li>The use of the var keyword to declare properties no longer raises a deprecation E_STRICT.</li> 32 <li>FastCGI interface was completely reimplemented.</li> 33 <li>Multitude of improvements to the SPL, SimpleXML, GD, CURL and Reflection extensions.</li> 34 <li>Support for many additional date formats added to the strtotime() function.</li> 35 <li>A number of performance improvements added to the engine and the core extensions.</li> 36 <li>Added imap_savebody() that allows message body to be written to a file.</li> 37 <li>Added lchown() and lchgrp() to change user/group ownership of symlinks.</li> 38 <li>Upgraded bundled PCRE library to version 6.6</li> 39</ul> 40</p> 41 42<p> 43The release also includes over 120 bug fixes with a focus on: 44<ul> 45 <li>Make auto_globals_jit work without too many INI changes.</li> 46 <li>Fixed tiger hash algorithm generating wrong results on big endian platforms.</li> 47 <li>Fixed a number of errors in the SOAP extension.</li> 48 <li>Fixed recursion handling in the serialize() functionality.</li> 49 <li>Make is_*() function account of open_basedir restrictions.</li> 50 <li>Fixed a number of crashes in the DOM and PDO extensions.</li> 51 <li>Addressed a number of regressions in the strtotime() function.</li> 52 <li>Make memory_limit work in Win32 systems.</li> 53 <li>Fixed a deadlock in the sqlite extension caused by the sqlite_fetch_column_types() function.</li> 54 <li>Fixed memory leaks in the realpath() cache.</li> 55</ul> 56</p> 57 58<p> 59 For a full list of changes in PHP 5.1.3, see the 60 <a href="/ChangeLog-5.php#5.1.3">ChangeLog</a>. 61</p> 62 63<?php site_footer(); ?> 64
