PHP 4.4.3. Release Announcement
The PHP development team is proud to announce the release of PHP 4.4.3. This release combines small number of bug fixes and resolves a number of security issues. All PHP 4.x users are encouraged to upgrade to this release as soon as possible.
The security issues resolved include the following:
- Disallow certain characters in session names.
- Fixed a buffer overflow inside the wordwrap() function.
- Prevent jumps to parent directory via the 2nd parameter of the tempnam() function.
- Improved safe_mode check for the error_log() function.
- Fixed cross-site scripting inside the phpinfo() function.
The release also includes about 20 bug fixes and an upgraded PCRE library (version 6.6).
For a full list of changes in PHP 4.4.3, see the ChangeLog.