HardenedPHP - another day, another security fix

Older versions of PHP are like swiss cheese - they are full of holes. More and more known holes appear with every passing day for PHP version 5.4 and older … holes that no one patches. This is where HardenedPHP comes in - it patches those holes so that your servers can remain secure.

On Mar 31, 2016 new versions of PHP were released. With them, a bunch of security issues were disclosed as well:

alt-php44-4.4.9-46

* security bug 71798: Integer Overflow in php_raw_url_encode

alt-php51-5.1.6-52

* security bug 71798: Integer Overflow in php_raw_url_encode

alt-php52-5.2.17-79

* security bug 71860: Invalid memory write in phar on filename with \0 in name

* security bug 71798: Integer Overflow in php_raw_url_encode

alt-php53-5.3.29-29

* security bug 71860: Invalid memory write in phar on filename with \0 in name

* security bug 71798: Integer Overflow in php_raw_url_encode

alt-php54-5.4.45-9

* security bug 71860: Invalid memory write in phar on filename with \0 in name

* security bug 71704: php_snmp_error() Format String Vulnerability

* security bug 71798: Integer Overflow in php_raw_url_encode

All those issues have been fixed by our team in HardenedPHP. So no matter which version of PHP you run, they have all been fixed.

To update run the command:

yum groupupdate alt-php