Tag Archives: PHP 5.2.13

Stability, security-focused PHP 5.2.13 released today

PHP 5.2.13 was released today, fixing over 40 bugs.  PHP recommends that all users on the 5.2 branch upgrade as soon as possible.  Included below are various bugs fixed in this release, and links to the official changelog, release announcement, and download page.

  • Improved LCG entropy (security)
  • Fixed safe_mode validation inside tempnam() when… (security)
  • Fixed open_basedir/safe_mode bypass in session extension (security)
  • Upgraded to PCRE 7.9
  • Fixed strip_tags() bug that removed parameters over 1023 bytes even when in exclude list
  • Regarding define() and defined()
    • :: was allowed to be included within constant name using define(), issuing a fatal error vs. E_WARNING
    • defined() no longer requires a class to exist when testing class constant
  • PHP 5.2.13 Changelog
  • PHP 5.2.13 Release Announcement
  • Download PHP 5.2.13