Toggle mobile navigation

Twitter Facebook LinkedIn GooglePlus

[Nucleus] PHP 5.3.29-27 (Security Update)

By sshinn

Please note this is an important security update. It is highly recommended to upgrade to to version 5.3.29-27 PHP, and PHP Panda.

Changelog:

  • Security fix for CVE-2014-8142
  • Security fix for CVE-2014-9425

Additionally, the following CVE does *NOT* effect Nucleus builds of PHP:

* CVE-2014-9427 — PHP-CGI Out of Bounds Read Code Execution Vulnerability

Vulnerability scans reporting PHP 5.3.29 as being vulnerable to the above CVE are false positive results. The following test case can be used:

1)
printf “#” > CVE-2014-9427.php

2)
php-cgi CVE-2014-9427.php

A vulnerable version would return a Segmentation Fault.

Latest Tweets

×