Wednesday, November 08, 2006
PHP 5.2.0 Release Announcement
The PHP development team is proud to announce the immediate release of PHP 5.2.0. This release is a major improvement in the 5.X series, which includes a large number of new features, bug fixes and security enhancements.
The key features of PHP 5.2.0 include:
Security Enhancements and Fixes in PHP 5.2.0:
All users of PHP, especially those using earlier PHP 5 releases are advised to upgrade to this release as soon as possible. This release also obsoletes the 5.1 branch of PHP.
For users upgrading from PHP 5.0 and PHP 5.1 there is an upgrading guide available here, detailing the changes between those releases and PHP 5.2.0.
The key features of PHP 5.2.0 include:
- New memory manager for the Zend Engine with improved performance and a more accurate memory usage tracking.
- Input filtering extension was added and enabled by default.
- JSON extension was added and enabled by default.
- ZIP extension for creating and editing zip files was introduced.
- Hooks for tracking file upload progress were introduced.
- Introduced E_RECOVERABLE_ERROR error mode.
- Introduced DateTime and DateTimeZone objects with methods to manipulate date/time information.
- Upgraded bundled SQLite, PCRE libraries.
- Upgraded OpenSSL, MySQL and PostgreSQL client libraries for Windows installations.
- Many performance improvements.
- Over 200 bug fixes.
Security Enhancements and Fixes in PHP 5.2.0:
- Made PostgreSQL escaping functions in PostgreSQL and PDO extension keep track of character set encoding whenever possible.
- Added allow_url_include, set to Off by default to disallow use of URLs for include and require.
- Disable realpath cache when open_basedir and safe_mode are being used.
- Improved safe_mode enforcement for error_log() function.
- Fixed a possible buffer overflow in the underlying code responsible for htmlspecialchars() and htmlentities() functions.
- Added missing safe_mode and open_basedir checks for the cURL extension.
- Fixed overflow is str_repeat() & wordwrap() functions on 64bit machines.
- Fixed handling of long paths inside the tempnam() function.
- Fixed safe_mode/open_basedir checks for session.save_path, allowing them to account for extra parameters.
- Fixed ini setting overload in the ini_restore() function.
All users of PHP, especially those using earlier PHP 5 releases are advised to upgrade to this release as soon as possible. This release also obsoletes the 5.1 branch of PHP.
For users upgrading from PHP 5.0 and PHP 5.1 there is an upgrading guide available here, detailing the changes between those releases and PHP 5.2.0.