1<?php 2$_SERVER['BASE_PAGE'] = 'releases/5_1_5.php'; 3include_once __DIR__ . '/../include/prepend.inc'; 4site_header("PHP 5.1.5 Release Announcement"); 5?> 6 7<h1>PHP 5.1.5 Release Announcement</h1> 8<p> 9This release address a series of locally exploitable security problems discovered since PHP 5.1.4. 10All PHP users are encouraged to upgrade to this release as soon as possible. 11</p> 12 13<p> 14This release provides the following security fixes: 15<ul> 16 <li>Added missing safe_mode/open_basedir checks inside the error_log(), file_exists(), imap_open() and imap_reopen() functions.</li> 17 <li>Fixed overflows inside str_repeat() and wordwrap() functions on 64bit systems.</li> 18 <li>Fixed possible open_basedir/safe_mode bypass in cURL extension and with realpath cache.</li> 19 <li>Fixed overflow in GD extension on invalid GIF images.</li> 20 <li>Fixed a buffer overflow inside sscanf() function.</li> 21 <li>Fixed an out of bounds read inside stripos() function.</li> 22 <li>Fixed memory_limit restriction on 64 bit system.</li> 23</ul> 24</p> 25 26<p> 27In addition to the security fixes, both releases include a small number of non-security related bug fixes. 28</p> 29 30<p> 31 For a full list of changes in PHP 5.1.5, see the 32 <a href="/ChangeLog-5.php#5.1.5">ChangeLog</a>. 33</p> 34 35<?php site_footer(); ?> 36
