{"id":880,"date":"2013-10-27T19:04:02","date_gmt":"2013-10-27T23:04:02","guid":{"rendered":"http:\/\/mrhost.ca\/system\/?p=880"},"modified":"2013-10-27T19:04:02","modified_gmt":"2013-10-27T23:04:02","slug":"apache-2-2-20-and-php-5-3-27-upgrade","status":"publish","type":"post","link":"https:\/\/mrhost.ca\/system\/2013\/10\/apache-2-2-20-and-php-5-3-27-upgrade\/","title":{"rendered":"Apache 2.2.25 and PHP 5.3.27 Upgrade"},"content":{"rendered":"<p>This evening all Mr.Host web servers were upgraded to Apache 2.2.25 and PHP 5.3.27.<\/p>\n<h3>Apache 2.2.25<\/h3>\n<p>This version of Apache is principally a security and bug fix legacy release, including the following security fixes:<\/p>\n<ul>\n<li>SECURITY:\u00a0<a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-1896\">CVE-2013-1896<\/a>\u00a0(cve.mitre.org) mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the request body as XML) pointing to a URI that is not configured for DAV will trigger a segfault.<\/li>\n<li>SECURITY:\u00a0<a href=\"http:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2013-1862\">CVE-2013-1862<\/a>\u00a0(cve.mitre.org) mod_rewrite: Ensure that client data written to the RewriteLog is escaped to prevent terminal escape sequences from entering the log file.<\/li>\n<\/ul>\n<h3>PHP 5.3.27<\/h3>\n<ul>\n<li>Core:\n<ul>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/64966\">#64966<\/a>\u00a0(segfault in zend_do_fcall_common_helper_SPEC).<\/li>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/64960\">#64960<\/a>\u00a0(Segfault in gc_zval_possible_root).<\/li>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/64934\">#64934<\/a>\u00a0(Apache2 TS crash with get_browser()).<\/li>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/63186\">#63186<\/a>\u00a0(compile failure on netbsd).<\/li>\n<\/ul>\n<\/li>\n<li>DateTime:\n<ul>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/53437\">#53437<\/a>\u00a0(Crash when using unserialized DatePeriod instance).<\/li>\n<\/ul>\n<\/li>\n<li>PDO_firebird:\n<ul>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/64037\">#64037<\/a>\u00a0(Firebird return wrong value for numeric field).<\/li>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/62024\">#62024<\/a>\u00a0(Cannot insert second row with null using parametrized query).<\/li>\n<\/ul>\n<\/li>\n<li>PDO_pgsql:\n<ul>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/64949\">#64949<\/a>\u00a0(Buffer overflow in _pdo_pgsql_error).<\/li>\n<\/ul>\n<\/li>\n<li>pgsql:\n<ul>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/64609\">#64609<\/a>\u00a0(pg_convert enum type support).<\/li>\n<\/ul>\n<\/li>\n<li>SPL:\n<ul>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/64997\">#64997<\/a>\u00a0(Segfault while using RecursiveIteratorIterator on 64-bits systems).<\/li>\n<\/ul>\n<\/li>\n<li>XML:\n<ul>\n<li>Fixed bug\u00a0<a href=\"http:\/\/bugs.php.net\/65236\">#65236<\/a>\u00a0(heap corruption in xml parser).<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>This evening all Mr.Host web servers were upgraded to Apache 2.2.25 and PHP 5.3.27. Apache 2.2.25 This version of Apache is principally a security and bug fix legacy release, including the following security fixes: SECURITY:\u00a0CVE-2013-1896\u00a0(cve.mitre.org) mod_dav: Sending a MERGE request against a URI handled by mod_dav_svn with the source href (sent as part of the [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[13,7,3],"tags":[],"_links":{"self":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/880"}],"collection":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/comments?post=880"}],"version-history":[{"count":3,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/880\/revisions"}],"predecessor-version":[{"id":883,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/posts\/880\/revisions\/883"}],"wp:attachment":[{"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/media?parent=880"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/categories?post=880"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mrhost.ca\/system\/wp-json\/wp\/v2\/tags?post=880"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}