PHP 5 Upgraded for Security

Posted May 16th, 2007 in Tech Corner. Tags: , , .

We’ve updated PHP 5 on our servers to cover sixteen recently identified security issues. This only affects customers who have chosen to use PHP 5 — but since this upgrade only fixes security bugs, even those customers shouldn’t notice any changes.

This update was delayed because the Debian Linux version of this security update has a bug in the PHP strip_tags() function, which affects popular Web applications like vBulletin and Moodle. The symptom is that new “posts” in these programs have missing paragraphs if the post contains an odd number of apostrophes, which is obviously unacceptable. After discovering that, we “downgraded” to the previous working version of PHP 5 until we could resolve the issue.

The bug originated in PHP itself but has since been fixed there. Since it hasn’t yet been fixed in Debian, we’ve patched it ourselves for now. The patch is available here for those who might want the .patch file.

(By the way, this page explains how we handle security updates if you’re curious.)

  1. Recent Posts

    1. PHP versions 8.1.28, 8.2.18, and 8.3.6
    2. PHP versions 8.2.17 and 8.3.4
    3. President’s Day 2024 holiday hours
    4. PHP versions 8.1.27 and 8.2.15
    5. Martin Luther King, Jr. Day 2024 holiday hours
    6. New Year’s 2024 Holiday Hours
    7. Christmas 2023 Holiday Hours
    8. Brief scheduled maintenance December 16-17, 2023
    9. Thanksgiving 2023 Holiday Hours
    10. PHP versions 8.1.25 and 8.2.12

  2. Categories

  3. Tags

    all servers email holiday hours linux mailman maintenance mod_security mysql network php phpmyadmin security server updates spam ssl status updates webmail wordpress zapp

  4. Feeds