php 5.2.13

PHP5 is an HTML-embedded scripting language. The goal of the language is to allow web developers to write dynamically generated pages quickly

Packager: Pınar Yanardağ

License: PHP


Build files

Bug reports

Binary packages


Release history

ReleaseRelease dateVersionUpdaterComment
752010-03-025.2.13Eren Türkay* Version bump to fix 3 security vulnerabilities (#11363)
- Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen)
- Fixed a possible open_basedir/safe_mode bypass in session extension identified by Grzegorz Stachowiak. (Ilia)
- Improved LCG entropy. (Rasmus, Samy Kamkar)
742009-12-215.2.12Eren TürkayVersion bump to fix 2 security vulnerabilities. (#11742)

- Protection for $_SESSION from interrupt corruption and improved "session.save_path" check (CVE-2009-4143)
- Insufficient input string validation of htmlspecialchars() (CVE-2009-4142)
732009-11-225.2.11Eren TürkayFix 3 important security vulnerabilities:

- It's possible to cause DOS with requests containing 160.000+ file uploads, limit max_uploads to 20. (#11580)
- Safe_mode bypass in tempnam() (CVE-2009-3557)
- Open_basedir bypass in posix_mkfifo() (CVE-2009-2558)
722009-09-235.2.11Taner TaşBugfix and security release for multiple vulnerabilities (CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, Bug#11209)
Update suhosin patch
712009-09-055.2.10Taner TaşSuhosin update
702009-06-295.2.10Pınar YanardağUpdate go-pear to 1.119.
692009-06-205.2.10Pınar YanardağVersion bump to fix Denial of Service in exif_read_data() (#10062).
682009-03-015.2.9Pınar YanardağVersion bump to fix multiple Denial of Service vulnerabilities (bug#9306).
672008-12-125.2.8Pınar YanardağVersion bump to fix multiple vulnerabilities.
662008-12-055.2.7Pınar YanardağVersion bump to fix multiple vulnerabilities (bug#8784)
652008-08-115.2.6Pınar YanardağSecurity fixes for imageloadfont() and memnstr() which might allow for arbitrary code execution.
642008-07-125.2.6Gökmen GörgenEnable mcrypt support.
632008-07-095.2.6Eren TürkayEnable cgi/fastcgi support.
622008-05-245.2.6Eren TürkayEdit libxml2 dependency. PHP should depend on the latest one.
612008-05-055.2.6Eren TürkayVersion bump and enable ctypes module. This release includes 5 security fixes:
602008-03-215.2.5Gökçen EraslanFix for printf() integer overflow
592008-02-205.2.5Bahadır KandemirAdd go-pear application.
582007-12-235.2.5İsmail DönmezUpdate to Suhosin 0.9.22
572007-11-115.2.5İsmail DönmezStable update
562007-11-055.2.4İsmail DönmezFix PHP bug #43121
552007-08-315.2.4İsmail DönmezStable update to fix multiple vulnerabilities
542007-07-105.2.3İsmail DönmezAdd proper fix for MOPB-29-2007
532007-06-095.2.3İsmail DönmezFix multiple holes
522007-06-035.2.3İsmail DönmezFix CVE-2007-2872
512007-06-015.2.3İsmail DönmezStable update
502007-05-305.2.2İsmail DönmezFix integer overflow in chunk_split()
492007-05-275.2.2İsmail DönmezFix open_basedir/safe_mode bypass inside realpath()
482007-05-225.2.2İsmail DönmezFix CVE-2007-2756
472007-05-205.2.2İsmail DönmezUpdate suhosin extension
462007-05-105.2.2İsmail DönmezFix security weakness in SOAP extension
452007-05-055.2.2İsmail DönmezFix MOPB-2007-45
442007-05-045.2.2İsmail DönmezStable update
432007-04-015.2.1Ahmet AYGÜNDependency fix.
422007-03-305.2.1İsmail DönmezFix MOPB-34-2007
412007-03-275.2.1İsmail DönmezFix MOPB-33-2007
402007-03-235.2.1İsmail DönmezFix
392007-03-235.2.1İsmail DönmezFix MOPB-29-2007
382007-03-185.2.1İsmail DönmezFix MOPB-26-2007
372007-03-165.2.1İsmail DönmezFix MOPB-24-2007
362007-03-155.2.1İsmail DönmezFix MOPB-22-2007
352007-03-145.2.1İsmail DönmezFix MOPB-20-2007 and MOPB-21-2007
342007-03-105.2.1İsmail DönmezFix CVE-2007-1001 and improve last two patches
332007-03-095.2.1İsmail DönmezFix
322007-03-075.2.1İsmail DönmezFix MOPB-14-2007
312007-03-065.2.1İsmail DönmezProvide php-cli package again
302007-03-055.2.1İsmail DönmezPut suhosin inside as an extension
292007-03-055.2.1İsmail DönmezUse suhosin as an extension
282007-02-135.2.1İsmail DönmezFix
272007-02-105.2.1Eren TürkayAdd postgresql-lib dependency
262007-02-095.2.1İsmail DönmezStable update to fix multiple vulnerabilities
252007-02-075.2.0İsmail DönmezFix CVE-2007-0455
242007-01-205.2.0Bahadır KandemirPostgreSQL support
232006-12-205.2.0İsmail DönmezFix session.save_path open_basedir bypass
222006-11-205.2.0Bahadır KandemirFixed PEAR path and dependencies, removed XPM support.
212006-11-045.2.0Bahadır KandemirFixed extension path
202006-11-045.2.0Bahadır KandemirFixed php.ini path
192006-11-045.2.0Bahadır KandemirNew release
182006-11-025.1.6İsmail DönmezFix CVE-2006-5465
172006-10-105.1.6Bahadır KandemirSuhosin Patch
162006-10-095.1.6Ahmet AYGÜNfix mail() function
152006-10-095.1.6İsmail DönmezFix CVE-2006-4625
142006-10-045.1.6İsmail DönmezPrevent possible overflow in _ecalloc (CVE-2006-4812)
132006-09-265.1.6Ahmet AYGÜNAdd ldap support, #3611.
122006-08-265.1.6Ahmet AYGÜNVersion bump.
112006-08-235.1.5Ahmet AYGÜNVersion bump.
102006-08-075.1.4Bahadır KandemirFix for sccanf arbitary code execution vulnerablity.
92006-07-105.1.4Bahadır KandemirFixed wrong dep.
82006-06-135.1.4İsmail DönmezFix CVE-2006-2660
72006-05-275.1.4İsmail DönmezFix CVE-2006-2563
62006-05-065.1.4İsmail DönmezBugfix update
52006-05-045.1.3İsmail DönmezBugfix update
42006-04-185.1.2İsmail DönmezFix CVE-2006-0996,CVE-2006-1017,CVE-2006-1494 and CVE-2006-1608
32006-04-095.1.2Bahadır KandemirFixed to install missing php.ini
22006-03-255.1.2Ahmet AYGÜNcomar script added.
12006-01-095.1.2Ahmet AYGÜNFirst release.