26Feb

PHP 5.3.10 and MySQL 5.5.21 Upgrade


This evening all Mr.Host web servers have been upgraded to PHP 5.3.10 and MySQL 5.5.21

PHP 5.3.10

Security Fixes in PHP 5.3.10:

  • Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830.

Security Enhancements and Fixes in PHP 5.3.9:

  • Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885)
  • Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566)

Key enhancements in PHP 5.3.9 include:

  • Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of).
  • Fixed bug #55609 (mysqlnd cannot be built shared)
  • Many changes to the FPM SAPI module

MySQL 5.5.21

A full list of MySQL 5.5.21 changes is available here:

http://dev.mysql.com/doc/refman/5.5/en/news-5-5-21.html