Nyheter på PHPportalen

På PHPportalen försöker vi i så hög grad som möjligt engagera våra medlemmar. Därför har du som medlem chansen att vara med och hjälpa till. Nedan finner du en länk till en sida där du kan lägga till nyheter till vårt nyhetsarkiv. Våra trivsel- och förhållningsregler gäller givetvis även här. Posta inte heller någonting som inte är av allmänt intresse, reklam i alla dess former kommer redigeras bort.

Lägg till nyhet


PHP 4.4.4 och PHP 5.1.5 - 2006-08-17 20:24:52

PHP 4.4.4 and PHP 5.1.5 Released

[17-Aug-2006] PHP development team would like to announce the immediate availability of PHP 5.1.5 and 4.4.4. The two releases address a series of security problems discovered since PHP 5.1.4 and 4.4.3, respectively. These include the following:

* Added missing safe_mode/open_basedir checks inside the error_log(), file_exists(), imap_open() and imap_reopen() functions.
* Fixed overflows inside str_repeat() and wordwrap() functions on 64bit systems.
* Fixed possible open_basedir/safe_mode bypass in cURL extension and on PHP 5.1.5 with realpath cache.
* Fixed overflow in GD extension on invalid GIF images.
* Fixed a buffer overflow inside sscanf() function.
* Fixed an out of bounds read inside stripos() function.
* Fixed memory_limit restriction on 64 bit system.

Nyheten inskickad av insyman    



PHP 4.4.3 - 2006-08-03 14:09:33

The PHP development team is proud to announce the release of PHP 4.4.3. This release combines small number of bug fixes and resolves a number of security issues. All PHP users are encouraged to upgrade to this release as soon as possible.

The security issues resolved include the following:

* Disallow certain characters in session names.
* Fixed a buffer overflow inside the wordwrap() function.
* Prevent jumps to parent directory via the 2nd parameter of the tempnam() function.
* Improved safe_mode check for the error_log() function.
* Fixed cross-site scripting inside the phpinfo() function.
* Fixed offset/length parameter validation inside the substr_compare() function.

The release also includes about 20 bug fixes and an upgraded PCRE library (version 6.6).

For a full list of changes in PHP 4.4.3, see the ChangeLog.

Nyheten inskickad av hagman    



Apache HTTP Server 2.2.3 - 2006-07-29 13:30:05

Apache HTTP Server 2.2.3 Released

The Apache Software Foundation and The Apache HTTP Server Project are
pleased to announce the release of version 2.2.3 of the Apache HTTP Server
("Apache").

This version of Apache is principally a bug and security fix release. The
following potential security flaws are addressed;

CVE-2006-3747: An off-by-one flaw exists in the Rewrite module,
mod_rewrite, as shipped with Apache 1.3 since 1.3.28, 2.0 since 2.0.46,
and 2.2 since 2.2.0.

Depending on the manner in which Apache HTTP Server was compiled, this
software defect may result in a vulnerability which, in combination with
certain types of Rewrite rules in the web server configuration files,
could be triggered remotely. For vulnerable builds, the nature of the
vulnerability can be denial of service (crashing of web server processes)
or potentially allow arbitrary code execution. This issue has been rated
as having important security impact by the Apache HTTP Server Security
Team.

This flaw does not affect a default installation of Apache HTTP Server.
Users who do not use, or have not enabled, the Rewrite module mod_rewrite
are not affected by this issue. This issue only affects installations
using a Rewrite rule with the following characteristics:

* The RewriteRule allows the attacker to control the initial part of the
rewritten URL (for example if the substitution URL starts with $1)
* The RewriteRule flags do NOT include any of the following flags:
Forbidden (F), Gone (G), or NoEscape (NE).

Please note that ability to exploit this issue is dependent on the stack
layout for a particular compiled version of mod_rewrite. If the compiler
used to compile Apache HTTP Server has added padding to the stack
immediately after the buffer being overwritten, it will not be possible to
exploit this issue, and Apache HTTP Server will continue operating
normally.

The Apache HTTP Server project recommends that all users who have built
Apache from source apply the patch or upgrade to the latest level and
rebuild. Providers of Apache-based web servers in pre-compiled form will
be able to determine if this vulnerability applies to their builds. That
determination has no bearing on any other builds of Apache HTTP Server,
and Apache HTTP Server users are urged to exercise caution and apply
patches or upgrade unless they have specific instructions from the
provider of their web server. Statements from vendors can be obtained from
the US-CERT vulnerability note for this issue at:

http://www.kb.cert.org/vuls/id/395412

The Apache HTTP Server project thanks Mark Dowd of McAfee Avert Labs for
the responsible reporting of this vulnerability.

We consider this release to be the best version of Apache available, and
encourage users of all prior versions to upgrade.

Apache HTTP Server 2.2.3 is available for download from:

http://httpd.apache.org/download.cgi

Apache 2.2 offers numerous enhancements, improvements, and performance
boosts over the 2.0 codebase. For an overview of new features introduced
since 2.0 please see:

http://httpd.apache.org/docs/2.2/new_features_2_2.html

Please see the CHANGES_2.2 file, linked from the download page, for a full
list of changes.

Apache HTTP Server 1.3.37 and 2.0.59 legacy releases are also available
with this security fix. See the appropriate CHANGES from the url above.
The Apache HTTP Project developers strongly encourage all users to
migrate to Apache 2.2, as only limited maintenance is performed on these
legacy versions.

This release includes the Apache Portable Runtime (APR) version 1.2.7
bundled with the tar and zip distributions. The APR libraries libapr,
libaprutil, and (on Win32) libapriconv must all be updated to ensure
binary compatibility and address many known platform bugs.

This release builds on and extends the Apache 2.0 API. Modules written for
Apache 2.0 will need to be recompiled in order to run with Apache 2.2, but
no substantial reworking should be necessary.

http://svn.apache.org/repos/asf/httpd/httpd/branches/2.2.x/VERSIONING

When upgrading or installing this version of Apache, please bear in mind
that if you intend to use Apache with one of the threaded MPMs, you must
ensure that any modules you will be using (and the libraries they depend
on) are thread-safe.

Nyheten inskickad av hagman    



Firefox 1.5.0.5 - 2006-07-28 09:46:27

Mozilla har släppt en ny version utav deras webbläsare Firefox.
Enligt Mozilla så är det bara en säkerhets uppdatering.

Nytt i 1.5.0.5: http://www.mozilla.com/firefox/releases/1.5.0.5.html

Nyheten inskickad av Adam4444    



eWEEK Labs tests WAMP vs. LAMP stacks - 2006-07-25 14:44:49

En väldigt trevlig artikel där det har testats hejvilt med olika system.

Trevlig läsning för den som är nyfiken av resultaten olika system emellan.

eWEEK Labs tests WAMP vs. LAMP stacks:

http://www.eweek.com/article2/0,1895,1983364,00.asp

Nyheten inskickad av Azreal    



[ 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 ]
Välkommen Anonymous
Logga in
Registrera
Snabblänkar
Markera alla forum som lästa
Skriptarkivet [86 av 97]
Visa nya inlägg
Visa dina inlägg
Visa obesvarade huvudinlägg
Läs vår skola
  Introduktion
  Programmera i webbmiljö
  Installationen i Windows
  Variabler och konstanter
  Vektorer
  Operatorer
  Villkorssatser
  Slingor
Statistik
Registrerade medlemmar: 19816
Inlägg totalt: 719721
Senaste medlem: licmarcos
Online
Besökare just nu: 43,
0 registrerade,
0 dolda och
43 gäster
Besökare som mest var 501 den 2019-05-02 15:53

Våra medlemmar
Inloggade medlemmar
Bra att veta
Förhållningsregler
Trivselregler
phpBB-FAQ
För dig som vill länka
Kontakta oss på adressen: info@phpportalen.net
Webbplatsen bygger i grunden på phpBB © 2001, 2002 phpBB Group

Modifieringar har senare gjorts i systemet av PHPportalen
Sid och logotypdesign skapad av Daren Jularic