xref: /web-php/releases/4_3_10.php (revision f1cb7e74) 
1<?php
2$_SERVER['BASE_PAGE'] = 'releases/4_3_10.php';
3include_once __DIR__ . '/../include/prepend.inc';
4site_header("PHP 4.3.10 Release Announcement");
5?>
6
7<h1>PHP 4.3.10 Release Announcement</h1>
8<p>[ <a href="/releases/4_3_10_fr.php">Version Fran&ccedil;aise</a> ]</p>
9<p>
10PHP Development Team would like to announce the immediate release of <a href="/downloads.php">PHP 4.3.10</a>. This is a
11maintenance release that in addition to over 30 non-critical bug fixes addresses several very
12serious security issues.
13</p>
14<p>
15These include the following:
16</p>
17<p>
18<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1018">CAN-2004-1018</a> - shmop_write() out of bounds memory write access.<br>
19<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1018">CAN-2004-1018</a> - integer overflow/underflow in pack() and unpack() functions.<br>
20<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1019">CAN-2004-1019</a> - possible information disclosure, double free and negative reference index array underflow in deserialization code.<br>
21<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1020">CAN-2004-1020</a> - addslashes() not escaping \0 correctly.<br>
22<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1063">CAN-2004-1063</a> - safe_mode execution directory bypass.<br>
23<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1064">CAN-2004-1064</a> - arbitrary file access through path truncation.<br>
24<a href="http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1065">CAN-2004-1065</a> - exif_read_data() overflow on long sectionname.<br>
25magic_quotes_gpc could lead to one level directory traversal with file uploads.
26</p>
27<p>All Users of PHP are strongly encouraged to upgrade to this release as soon as possible.</p>
28
29<h2>Bugfix release</h2>
30
31<p>
32 Aside from the above mentioned issues this release includes the following important fixes:
33</p>
34
35<ul>
36<li> Possible crash inside ftp_get().</li>
37<li> get_current_user() crashes on Windows.</li>
38<li> Possible crash in ctype_digit() on large numbers.</li>
39<li> Crash when parsing <i>?getvariable[][</i>.</li>
40<li> Possible crash in the curl_getinfo() function.</li>
41<li> Double free when openssl_csr_new fails.</li>
42<li> Crash when using unknown/unsupported session.save_handler and/or session.serialize_handler.</li>
43<li> Prevent infinite recursion in url redirection.</li>
44<li> Ensure that temporary files created by GD are removed.</li>
45<li> Crash in fgetcsv() with negative length.</li>
46<li> Improved performance of the foreach() construct.</li>
47<li> Improved number handling on non-English locales.</li>
48</ul>
49
50<p>
51 For a full list of changes in PHP 4.3.10, see the
52 <a href="/ChangeLog-4.php#4.3.10">ChangeLog</a>.
53 </p>
54
55<?php site_footer(); ?>
56