Software 42837 Published by

PHP 4.4.3 has been released



The PHP development team is proud to announce the release of PHP 4.4.3. This release combines small number of bug fixes and resolves a number of security issues. All PHP 4.x users are encouraged to upgrade to this release as soon as possible.

The security issues resolved include the following:

Disallow certain characters in session names.
Fixed a buffer overflow inside the wordwrap() function.
Prevent jumps to parent directory via the 2nd parameter of the tempnam() function.
Improved safe_mode check for the error_log() function.
Fixed cross-site scripting inside the phpinfo() function.
The release also includes about 20 bug fixes and an upgraded PCRE library (version 6.6).

For a full list of changes in PHP 4.4.3, see the ChangeLog.
PHP 4.4.3