PHP

4.4.3

Released on 3 Aug 2006
Project description.
PHP is a popular general-purpose scripting language that is especially suited to web development
PHP 4.4.3 Changelog
  • Added control character checks for cURL extension's open_basedir/safe_mode checks.
  • Added overflow checks to wordwrap() function.
  • Added a check for special characters in the session name.
  • Improved safe_mode check for the error_log() function.
  • Updated PCRE to version 6.6.
  • Fixed handling of extremely long paths inside tempnam() function.
  • Fixed XSS inside phpinfo() with long inputs.
  • Fixed a possible buffer overflow inside create_named_pipe() for Win32 systems in libmysql.c.
  • Fixed bug #37720 (merge_php_config scrambles values).
  • Fixed bug #37569 (WDDX incorrectly encodes high-ascii characters).
  • Fixed bug #37510 (session_regenerate_id changes session_id() even on failure).
  • Fixed bug #37360 (Memory errors with a corrupt GIF file).
  • Fixed bug #37348 (Make PEAR install ignore open_basedir).
  • Fixed bug #37346 (Crashes when using an invalid colormap format).
  • Fixed bug #37162 (wddx does not build as a shared extension).
  • Fixed bug #37046 (foreach breaks static scope).
  • Fixed bug #37045 (Fixed check for special chars for http redirects).
  • Fixed bug #36857 (Added support for partial content fetching to the HTTP streams wrapper).
  • Fixed bug #36776 (node_list_wrapper_dtor segfault).
  • Fixed bug #36459 (Incorrect adding PHPSESSID to links, which contains \r\n).
  • Fixed bug #36458 (sleep() accepts negative values).
  • Fixed bug #36242 (Possible memory corruption in stream_select()).
  • Fixed bug #36223 (curl bypasses open_basedir restrictions).
  • Fixed bug #36205 (Memory leaks on duplicate cookies).
  • Fixed bug #36148 (unpack("H*hex", $data) is adding an extra character to the end of the string).
  • Fixed bug #36017 (fopen() crashes PHP when opening a URL).