PHP developers have released updated packages. While PHP 8.4.1 provides “numerous improvements and new functions” in addition to closing security gaps, PHP 8.1.31, 8.2.26 and 8.3.14 are thorough security updates that IT managers should install immediately.
Advertisement
In PHP Update Release Announcements Programmers are being very tight-lipped about the details. For 8.4.1 they do not mention any security updates, but in the other three versions only “This is a security release. All PHP 8.(1|2|3).x users are advised to update to this version. are encouraged.” As a change entry.
PHP update fixes some important bugs
The updates address various vulnerabilities, but some affect all versions. For example, one of the most prominent vulnerabilities on 32-bit systems is ldap_escape()The function may provoke an integer overflow when accepting unfiltered long strings, resulting in write access outside the intended range – and thus enabling the execution of explicitly injected malicious code (CVE-2024-8932CVSS 9.8“risk”Serious,
Practical Software Architecture – Highlights from the special issue of iX DeveloperThose interested can find details about additional changes and security fixes of the updated PHP packages in the individual changelog:
Update packages are available on PHP download page to download Ready. In addition to the source code packages, you can find a fully compiled version for Windows there. Installation instructions for Linux and macOS are also available there. However, Linux distributions are usually provided with updated versions through the system’s software management. So under Linux administrators should call it once and find and install updates. IT managers should install updates quickly as some vulnerabilities pose serious risks.
At the end of September, PHP developers had already released security updates to the 8.1.x, 8.2.y and 8.3.z version branches. Nevertheless, some leaks were considered serious risks, making timely updates important.
(DMK)
OpenAI plans to build an AI web browser to compete with Google
