From InfoWorld: PHP developers, take note of the latest updates: Versions 7.0.2, 5.6.17, and 5.5.31 are now available and feature a multitude of security bug fixes.
Version 7.0.2 fixed 31 bugs, including six security vulnerabilities, in PHP 7, while version 5.6.17 fixed 14 bugs. PHP 5.5.31 closed five vulnerabilities in PHP 5.5, which is in security support mode until July 2016.
PHP 5.4 reached its end of life in October with 5.4.45 and is no longer maintained. Developers still on PHP 5.4 are strongly recommended to upgrade to a maintained version, to PHP 5.6 or PHP 7. Considering how many Web applications run PHP and how frequently they come under attack, using outdated versions makes it easier for attackers to exploit vulnerabilities.
PHP 7 was released a month ago, and the majority of the bug fixes in 7.0.2 address segmentation faults in Core and various application crash errors. Version 7.0.2 fixed 14 bugs in PHP Core; one each in CURL, DBA, Filter, FTP, FPM, GD, Mbstring, Opcache, PCRE, Readline, Session, Standard, and XMLRPC; and two in SPL and WDDX.
View: Article @ Source Site
