Security Enhancements and Fixes in PHP 4.4.7 only
Posted on May 5th, 2007 by admin
- XSS in phpinfo() (MOPB-8 by Stefan Esser)
While majority of the issues outlined above are local, in some circumstances given specific code paths they can be triggered externally. Therefor, we strongly recommend that if you use code utilizing the functions and extensions identified as having had vulnerabilities in them, you consider upgrading your PHP.
For users upgrading to PHP 5.2 from PHP 5.0 and PHP 5.1, an upgrade guide is available here, detailing the changes between those releases and PHP 5.2.2.
Update: May 4th; The PHP 4.4.7 Windows build was updated due to the faulty Apache2 module shipped with the original
Discussion Area - Leave a Comment