Thursday, September 4, 2008

Security Update: PHP

A new PHP package has been released for Slackware 10.2 and 11.0 to fix security issues. This might be the last PHP series supported, so those who still loves PHP 4, please get ready to upgrade to PHP 5.x. Here's the email from Slackware Security Team:
[slackware-security] php (SSA:2008-247-01)

New php packages are available for Slackware 10.2 and 11.0 to fix security issues. These releases are the last to contain PHP 4.4.x, which was upgraded to version 4.4.9 to fix PCRE issues and other bugs.

Please note that this is the FINAL release of PHP4, and it has already passed the announced end-of-life. Sites should seriously consider migrating to PHP5 rather than upgrading to php-4.4.9.

Here are the details from the Slackware 11.0 ChangeLog:
+--------------------------+
patches/packages/php-4.4.9-
i486-1_slack11.0.tgz:
Upgraded to php-4.4.9. This upgrades the bundled PCRE library to fix security issues, as well as fixing a few other security related bugs.
See the PHP4 ChangeLog for more details:
http://www.php.net/ChangeLog-4.php#4.4.9
Please note: PHP4 has been officially discontinued since last year, and reached the announced EOL on 2008-08-08. Sites should consider migrating to a supported release.
(* Security fix *)
+--------------------------+