Suhosin Install Guide Published: Mar 19, 2007
  • Rating

    5/5

PHP 4.4.4 and PHP 5.1.5 have been released. We urge anyone using any prior versions to update your PHP versions right away to fix a large number of security issues.

PHP.net has Announced PHP 4.4.4 and PHP 5.1.5

I'm happy to see PHP.net is finally working a little faster at updating security issues with their products. The time it took from 4.4.2 to 4.4.3 was a bit out of line - now they have found more problems and release a PHP 4.4.4 patch just 14 days after the 4.4.3 release addressing a number of critial security issues:

    * Added missing safe_mode/open_basedir checks inside the error_log(), file_exists(), imap_open() and imap_reopen() functions.
    * Fixed overflows inside str_repeat() and wordwrap() functions on 64bit systems.
    * Fixed possible open_basedir/safe_mode bypass in cURL extension and on PHP 5.1.5 with realpath cache.
    * Fixed overflow in GD extension on invalid GIF images.
    * Fixed a buffer overflow inside sscanf() function.
    * Fixed an out of bounds read inside stripos() function.
    * Fixed memory_limit restriction on 64 bit system.

Further details about this release can be found in the release announcements (5.1.5 and 4.4.4), and the full list of changes is available in the ChangeLogs (PHP 4, PHP 5).


How do I update PHP to the latest version?
That depends on the control panel you are using (if any). You can grab the latest release source and compile it or if you're using a Cpanel based system issue the command
/scripts/easyapache and select PHP 4.4.4 in the PHP menu.

Not sure how to update to the latest version or need help?
Hire an Expert and let us do it for you!

How do I know what version of PHP I am using?
You can get your servers PHP version using the following methods:
1)  create a phpinfo.php page and upload it to your web directory, then call it in your browser.
EG: phpinfo.php
<?
phpinfo();
?>

Then http://myserver.com/phpinfo.php

2) If you have shell access type in the following command:
php -v


  • Rating

    5/5

Related Articles

Comments (5)

  • Gravatar - ogy
    ogy 07:14, May 6, 2007
    does it work with on cpanel servers with phpsuexec
  • Gravatar - Steve
    Steve 15:44, May 17, 2007
    Yes Suhosin works on cPanel servers with PHPSuexec
  • Gravatar - hassson
    hassson 00:43, June 17, 2007
    I added<br />
    <br />
    include_path = ".:/usr/lib/php:/usr/local/lib/php:/usr/lib/php/extensions:/usr/lib/php/extensions/no-debug-non-zts-20020429:" ;<br />
    <br />
    And when I add<br />
    <br />
    extension_dir = /usr/lib/php/extensions/no-debug-non-zts-20020429/ ; directory in which the loadable extensions (modules) reside<br />
    <br />
    Httpd Failed
  • Gravatar - Mohammed ALHAJRI
    Mohammed ALHAJRI 22:24, July 11, 2007
    Hi,<br />
    <br />
    Good informatins and thankyou for that :)<br />
    <br />
    i have installed it and evrything is ok , just i want to know how can i make error page that appearant when any user uploade some dangrous file eg : r57.php and c99.php<br />
    <br />
    can you tell me where should i change?><br />
    <br />
    Best Regards
  • Gravatar - Intasar
    Intasar 05:40, May 28, 2011
    Thank you very much, the advanced configuration ++++++Reputation. you saved loads of time of peoples.

    Thanks again.

Add Your Thoughts

WebHostGear.com is a hosting directory, not a web host.

Copyright © 1998-2015 WebHostGear.com