Page 1 of 1
PHP 5.5.32, 5.6.18 and PHP 7.0.3
Posted: Thu Feb 04, 2016 4:43 pm
by Imaging
FYI, PHP 5.5.32, 5.6.18 and PHP 7.0.3 are out:
http://php.net/archive/2016.php#id2016-02-04-3
in regards to updating the various versions and related packages in the repos.
They note that these are security releases so likely some backporting needed for the 5.4.x and 5.3.x packages as well.
Thanks.
Re: PHP 5.5.32, 5.6.18 and PHP 7.0.3
Posted: Thu Feb 04, 2016 7:10 pm
by mikeshinn
Systems running the ASL kernel are immune to the security issues addressed by these releases. Please see this forum for details:
https://www.atomicorp.com/forums/viewforum.php?f=13
Re: PHP 5.5.32, 5.6.18 and PHP 7.0.3
Posted: Fri Feb 05, 2016 4:27 pm
by scott
Also It looks like these are all issues we had already fixed in the Jan 11 & 12 updates we put out for PHP 5.3 and 5.4. Updates for the rest should be out very soon.
Re: PHP 5.5.32, 5.6.18 and PHP 7.0.3
Posted: Sat Feb 06, 2016 1:59 pm
by Imaging
Scott:
Thanks. Good to hear that the security updates were already fixed based on the January updates for PHP 5.3.x and 5.4.x.
Were the January updates intentionally patched for the security updates in 5.5.32 and 5.6.18 based on the pre-release versions or was it a by-product of other fixes?
Thanks.
Re: PHP 5.5.32, 5.6.18 and PHP 7.0.3
Posted: Sat Feb 06, 2016 2:46 pm
by scott
It was a mix, we were out ahead of them based on some published security research from other sources, and others they had addressed in their git repo. Internally the PHP team does a pretty good job on getting these into SCM, you'll note that these don't even have CVE numbers yet.
Re: PHP 5.5.32, 5.6.18 and PHP 7.0.3
Posted: Tue Feb 09, 2016 3:06 pm
by Imaging
Thanks for the clarification.