PHP

5.4.38

Released on 19 Feb 2015
Project description.
PHP is a popular general-purpose scripting language that is especially suited to web development
PHP 5.4.38 Changelog
  • Core:
    • Removed support for multi-line headers, as they are deprecated by RFC 7230.
    • Added NULL byte protection to exec, system and passthru.
    • Fixed bug #68925 (Mitigation for CVE-2015-0235 – GHOST: glibc gethostbyname buffer overflow).
    • Fixed bug #67827 (broken detection of system crypt sha256/sha512 support).
    • Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273)
  • Enchant:
    • Fixed bug #68552 (heap buffer overflow in enchant_broker_request_dict()). (CVE-2014-9705)
  • SOAP:
    • Fixed bug #67427 (SoapServer cannot handle large messages).