PHP

4.4.7

Released on 3 May 2007
Project description.
PHP is a popular general-purpose scripting language that is especially suited to web development
PHP 4.4.7 Changelog
  • Fixed MOPB-33-2007 (PHP mail() Message ASCIIZ Byte Truncation).
  • Fixed MOPB-32-2007 (Double free inside session_decode()).
  • Fixed MOPB-26-2007 (mb_parse_str() can be used to activate register_globals).
  • Fixed MOPB-24-2007 (Fixed unallocated memory access/double free in in array_user_key_compare()).
  • Fixed MOPB-22-2007 (PHP session_regenerate_id() Double Free Vulnerability).
  • Fixed MOPB-21-2007 (An open_basedir/safe_mode bypass inside the compress.bzip2 wraper).
  • Fixed MOPB-8-2007 (XSS in phpinfo()).
  • Fixed CVE-2007-1001 (GD wbmp used with invalid image size).
  • Fixed CVE-2007-0455 (Buffer overflow in gdImageStringFTEx, used by imagettf function).
  • Fixed bug #41252 (Calling mcrypt_generic without first calling mcrypt_generic_init crashes).
  • Fixed bug #40998 (long session array keys are truncated).
  • Fixed bug #40915 (addcslashes unexpected behavior with binary input).
  • Fixed bug #40831 (cURL extension doesn't clean up the buffer of reused handle).
  • Fixed bug #40747 (possible crash in session when save_path is out of open_basedir).
  • Fixed bug #38236 (Binary data gets corrupted on multipart/formdata POST).
  • Fixed huge CPU usage in imagearc when used with large angles (libgd bug #74).
  • Fixed CRLF injection inside ftp_putcmd().