{"id":571,"date":"2011-03-20T01:25:08","date_gmt":"2011-03-20T05:25:08","guid":{"rendered":"http:\/\/mrhost.ca\/system\/?p=571"},"modified":"2011-05-23T01:37:16","modified_gmt":"2011-05-23T05:37:16","slug":"php-5-3-6-upgrade","status":"publish","type":"post","link":"https:\/\/mrhost.ca\/system\/2011\/03\/php-5-3-6-upgrade\/","title":{"rendered":"PHP 5.3.6 Upgrade"},"content":{"rendered":"<p>This evening all Mr.Host web servers have been upgraded to PHP 5.3.6.<\/p>\n<p><strong>Security Enhancements and Fixes in PHP 5.3.6:<\/strong><\/p>\n<ul>\n<li>Enforce security in the fastcgi protocol parsing with fpm SAPI.<\/li>\n<li>Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)<\/li>\n<li>Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)<\/li>\n<li>Fixed bug #54055 (buffer overrun with high values for precision ini setting).<\/li>\n<li>Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)<\/li>\n<li>Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive). (CVE-2011-0421)<\/li>\n<\/ul>\n<p><strong>Key enhancements in PHP 5.3.6 include:<\/strong><\/p>\n<ul>\n<li>Upgraded bundled Sqlite3 to version 3.7.4.<\/li>\n<li>Upgraded bundled PCRE to version 8.11.<\/li>\n<li>Added ability to connect to HTTPS sites through proxy with basic authentication using stream_context\/http\/header\/Proxy-Authorization.<\/li>\n<li>Added options to debug backtrace functions.<\/li>\n<li>Changed default value of ini directive serialize_precision from 100 to 17.<\/li>\n<li>Fixed Bug #53971 (isset() and empty() produce apparently spurious runtime error).<\/li>\n<li>Fixed Bug #53958 (Closures can&#8217;t &#8216;use&#8217; shared variables by value and by reference).<\/li>\n<li>Fixed bug #53577 (Regression introduced in 5.3.4 in open_basedir with a trailing forward slash).<\/li>\n<li>Over 60 other bug fixes.<\/li>\n<\/ul>\n<p>For a full list of changes in PHP 5.3.6, see the\u00a0<a href=\"http:\/\/php.net\/ChangeLog-5.php#5.3.6\" target=\"_blank\">ChangeLog<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>This evening all Mr.Host web servers have been upgraded to PHP 5.3.6. Security Enhancements and Fixes in PHP 5.3.6: Enforce security in the fastcgi protocol parsing with fpm SAPI. Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153) Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092) Fixed bug #54055 (buffer overrun with high values for precision [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[4,7,3],"tags":[],"_links":{"self":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/571"}],"collection":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/comments?post=571"}],"version-history":[{"count":3,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/571\/revisions"}],"predecessor-version":[{"id":575,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/571\/revisions\/575"}],"wp:attachment":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/media?parent=571"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/categories?post=571"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/tags?post=571"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}