Upgraded versions of PHP available (v.5.5.33, v.5.6.19 and v.7.0.4)

Posted on Posted in PHP

The corrective releases of PHP 7.0.4, 5.6.19 and 5.5.33 have been published recently.

The releases include more than 20 changes, including eliminated several known vulnerabilities, like integer overflow leading to heap overflow when using the following functions:

  1. php_implode()
  2. filter_var/addcslashes
  3. php_str_to_str_ex()

These vulnerabilities can lead to code execution if an attacker is performing certain string operations.

Origin URL: http://php.net/index.php#id2016-03-03-1

Leave a Reply

Your email address will not be published. Required fields are marked *