summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS7
-rw-r--r--configure.in2
-rw-r--r--main/php_version.h6
-rw-r--r--php.ini-development8
-rw-r--r--php.ini-production8
5 files changed, 26 insertions, 5 deletions
diff --git a/NEWS b/NEWS
index 645efed29a..f71f95272f 100644
--- a/NEWS
+++ b/NEWS
@@ -1,6 +1,6 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
-?? ??? 2013, PHP 5.5.3
+?? ??? 2013, PHP 5.5.4
- Core:
. Fixed bug #65470 (Segmentation fault in zend_error() with
@@ -15,6 +15,11 @@ PHP NEWS
. Fixed bug #64802 (openssl_x509_parse fails to parse subject properly in
some cases). (Mark Jones)
+22 Aug 2013, PHP 5.5.3
+
+- Openssl:
+ . Fixed UMR in fix for CVE-2013-4248.
+
15 Aug 2013, PHP 5.5.2
- Core:
diff --git a/configure.in b/configure.in
index 19c96d4151..47ce23c520 100644
--- a/configure.in
+++ b/configure.in
@@ -119,7 +119,7 @@ int zend_sprintf(char *buffer, const char *format, ...);
PHP_MAJOR_VERSION=5
PHP_MINOR_VERSION=5
-PHP_RELEASE_VERSION=2
+PHP_RELEASE_VERSION=4
PHP_EXTRA_VERSION="-dev"
PHP_VERSION="$PHP_MAJOR_VERSION.$PHP_MINOR_VERSION.$PHP_RELEASE_VERSION$PHP_EXTRA_VERSION"
PHP_VERSION_ID=`expr [$]PHP_MAJOR_VERSION \* 10000 + [$]PHP_MINOR_VERSION \* 100 + [$]PHP_RELEASE_VERSION`
diff --git a/main/php_version.h b/main/php_version.h
index e760d29346..4a538a4138 100644
--- a/main/php_version.h
+++ b/main/php_version.h
@@ -2,7 +2,7 @@
/* edit configure.in to change version number */
#define PHP_MAJOR_VERSION 5
#define PHP_MINOR_VERSION 5
-#define PHP_RELEASE_VERSION 2
+#define PHP_RELEASE_VERSION 4
#define PHP_EXTRA_VERSION "-dev"
-#define PHP_VERSION "5.5.2-dev"
-#define PHP_VERSION_ID 50502
+#define PHP_VERSION "5.5.4-dev"
+#define PHP_VERSION_ID 50504
diff --git a/php.ini-development b/php.ini-development
index 7197dae6fc..43ab1de26a 100644
--- a/php.ini-development
+++ b/php.ini-development
@@ -1398,6 +1398,14 @@ session.save_handler = files
; http://php.net/session.save-path
;session.save_path = "/tmp"
+; Whether to use strict session mode.
+; Strict session mode does not accept uninitialized session ID and regenerate
+; session ID if browser sends uninitialized session ID. Strict mode protects
+; applications from session fixation via session adoption vulnerability. It is
+; disabled by default for maximum compatibility, but enabling it is encouraged.
+; https://wiki.php.net/rfc/strict_sessions
+session.use_strict_mode = 0
+
; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1
diff --git a/php.ini-production b/php.ini-production
index 5590d2c448..0014c4e251 100644
--- a/php.ini-production
+++ b/php.ini-production
@@ -1398,6 +1398,14 @@ session.save_handler = files
; http://php.net/session.save-path
;session.save_path = "/tmp"
+; Whether to use strict session mode.
+; Strict session mode does not accept uninitialized session ID and regenerate
+; session ID if browser sends uninitialized session ID. Strict mode protects
+; applications from session fixation via session adoption vulnerability. It is
+; disabled by default for maximum compatibility, but enabling it is encouraged.
+; https://wiki.php.net/rfc/strict_sessions
+session.use_strict_mode = 0
+
; Whether to use cookies.
; http://php.net/session.use-cookies
session.use_cookies = 1
View Lorry Controller Status