diff options
| author | Christopher Jones <sixd@php.net> | 2013-08-20 05:40:22 -0700 |
|---|---|---|
| committer | Christopher Jones <sixd@php.net> | 2013-08-20 05:40:22 -0700 |
| commit | f32c0efc8f60d91f952f7c120cc6895b4358de1a (patch) | |
| tree | 16f50e26dd749e9d720aa7057e1ebbf105d70135 | |
| parent | ee7f6e7d0d75c9d69ca5f06548905a3635e75d8c (diff) | |
| parent | 4cd9796be78bfb1cc88b5ed71cbd61e56937b8e7 (diff) | |
| download | php-git-f32c0efc8f60d91f952f7c120cc6895b4358de1a.tar.gz | |
Merge branch 'PHP-5.5' of https://git.php.net/repository/php-src into PHP-5.5
* 'PHP-5.5' of https://git.php.net/repository/php-src:
Add session.use_strict_mode description to php.ini-*
bump version
Update NEWS
| -rw-r--r-- | NEWS | 7 | ||||
| -rw-r--r-- | configure.in | 2 | ||||
| -rw-r--r-- | main/php_version.h | 6 | ||||
| -rw-r--r-- | php.ini-development | 8 | ||||
| -rw-r--r-- | php.ini-production | 8 |
5 files changed, 26 insertions, 5 deletions
@@ -1,6 +1,6 @@ PHP NEWS ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||| -?? ??? 2013, PHP 5.5.3 +?? ??? 2013, PHP 5.5.4 - Core: . Fixed bug #65470 (Segmentation fault in zend_error() with @@ -15,6 +15,11 @@ PHP NEWS . Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in some cases). (Mark Jones) +22 Aug 2013, PHP 5.5.3 + +- Openssl: + . Fixed UMR in fix for CVE-2013-4248. + 15 Aug 2013, PHP 5.5.2 - Core: diff --git a/configure.in b/configure.in index 19c96d4151..47ce23c520 100644 --- a/configure.in +++ b/configure.in @@ -119,7 +119,7 @@ int zend_sprintf(char *buffer, const char *format, ...); PHP_MAJOR_VERSION=5 PHP_MINOR_VERSION=5 -PHP_RELEASE_VERSION=2 +PHP_RELEASE_VERSION=4 PHP_EXTRA_VERSION="-dev" PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION" PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 10000 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION` diff --git a/main/php_version.h b/main/php_version.h index e760d29346..4a538a4138 100644 --- a/main/php_version.h +++ b/main/php_version.h @@ -2,7 +2,7 @@ /* edit configure.in to change version number */ #define PHP_MAJOR_VERSION 5 #define PHP_MINOR_VERSION 5 -#define PHP_RELEASE_VERSION 2 +#define PHP_RELEASE_VERSION 4 #define PHP_EXTRA_VERSION "-dev" -#define PHP_VERSION "5.5.2-dev" -#define PHP_VERSION_ID 50502 +#define PHP_VERSION "5.5.4-dev" +#define PHP_VERSION_ID 50504 diff --git a/php.ini-development b/php.ini-development index 7197dae6fc..43ab1de26a 100644 --- a/php.ini-development +++ b/php.ini-development @@ -1398,6 +1398,14 @@ session.save_handler = files ; http://php.net/session.save-path ;session.save_path = "/tmp" +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + ; Whether to use cookies. ; http://php.net/session.use-cookies session.use_cookies = 1 diff --git a/php.ini-production b/php.ini-production index 5590d2c448..0014c4e251 100644 --- a/php.ini-production +++ b/php.ini-production @@ -1398,6 +1398,14 @@ session.save_handler = files ; http://php.net/session.save-path ;session.save_path = "/tmp" +; Whether to use strict session mode. +; Strict session mode does not accept uninitialized session ID and regenerate +; session ID if browser sends uninitialized session ID. Strict mode protects +; applications from session fixation via session adoption vulnerability. It is +; disabled by default for maximum compatibility, but enabling it is encouraged. +; https://wiki.php.net/rfc/strict_sessions +session.use_strict_mode = 0 + ; Whether to use cookies. ; http://php.net/session.use-cookies session.use_cookies = 1 |