PHP 4.3.11 Release Announcement

[ Version Française ]

PHP Development Team is would like to announce the immediate release of PHP 4.3.11. This is a maintenance release that in addition to over 70 non-critical bug fixes addresses several security issues inside the exif and fbsql extensions as well as the unserialize(), swf_definepoly() and getimagesize() functions.

All Users of PHP are strongly encouraged to upgrade to this release.

Bugfix release

• Crash in bzopen() if supplied path to non-existent file.
• DOM crashing when attribute appended to Document.
• unserialize() float problem on non-English locales.
• Crash in msg_send() when non-string is stored without being serialized.
• Possible infinite loop in imap_mail_compose().
• Fixed crash in chunk_split(), when chunklen > strlen.
• session_set_save_handler crashes PHP when supplied non-existent object ref.
• Memory leak in zend_language_scanner.c.
• Compile failures of zend_strtod.c.
• Fixed crash in overloaded objects & overload() function.
• cURL functions bypass open_basedir.

For a full list of changes in PHP 4.3.11, see the ChangeLog.