The PHP development team announces the immediate availability of PHP 5.3.11 and PHP 5.4.1. These releases focuses on improving the stability of the current PHP branches with over 60 bug fixes, some of which are security related.
Security Enhancements for both PHP 5.3.11 and PHP 5.4.1:
- Fixed bug #54374 (Insufficient validating of upload name leading to corrupted $_FILES indices). (CVE-2012-1172).
- Add open_basedir checks to readline_write_history and readline_read_history.
Security Enhancement affecting PHP 5.3.11 only:
- Fixed bug #61043 (Regression in magic_quotes_gpc fix for CVE-2012-0831).
Key enhancements in these releases include:
- Added debug info handler to DOM objects.
- Fixed bug #61172 (Add Apache 2.4 support).
All users of PHP are strongly encouraged to upgrade to PHP 5.3.11 or PHP 5.4.1.