PHP plugs security holes
With PHP 5.2.9 (see changeLog), the PHP development team corrects a total of 50 bugs, including a publicly-known flaw that allows attackers to read the contents of arbitrary memory locations in certain situations.
Here’s the skinny on that issue, which is rated medium-severity:
- Array index error in the imageRotate function in PHP 5.2.8 and earlier allows context-dependent attackers to read the contents of arbitrary memory locations via a crafted value of the third argument (aka the bgd_color or clrBack argument) for an indexed image.
The other security fixes in PHP 5.2.9 are:
- Fixed a crash on extract in zip when files or directories entry names contain a relative path. (Pierre)
- Fixed explode() behavior with empty string to respect negative limit. (Shire)
- Fixed a segfault when malformed string is passed to json_decode(). (Scott)
ALSO SEE:
Flaw trifecta kicks off Month of PHP Bugs
Post a Comment