PHP 5.2.13 addresses security holes

An update which fixes around 40 bugs is available for the PHP 5.2 development branch. Version 5.2.13 comes highly recommended for all PHP 5.2.x users, as it includes a number of security-related fixes. These include a bug when validating the safe_mode configuration variable in the tempnam() function which arises when the path does not end in /). An open_basedir/safe_mode bypass vulnerability in the session extension has also been fixed.

Read more at H-online

Comments are closed.