The PHP development team is proud to announce the release of PHP 5.1.2.
This release combines small feature enhancements with a fair number of bug fixes and addresses three security issues. All PHP 5 users are encouraged to upgrade to this release.
The security issues resolved include the following:
* HTTP Response Splitting has been addressed in ext/session and in the
header() function. Header() can no longer be used to send multiple response headers in a single call.
* Format string vulnerability in ext/mysqli.
* Possible cross-site scripting problems in certain error conditions.
The feature enhancements include the following notables:
* Hash extension was added to core and is now enabled by default. This extension provides support for most common hashing algorithms without reliance on 3rd party libraries.
* XMLWriter was added and enabled by default.
* New OCI8 extension that includes numerous fixes.
* PNG compression support added to the GD extension.
* Added --enable-gcov configure option to enable C-level code coverage.
* getNamespaces() and getDocNamespaces() methods added to SimpleXML extension.
The release also includes over 85 bug fixes with a focus on:
* Correction of the many regressions in the strtotime() function.
* Fixes of several crashes, leaks and memory corruptions found in the imap, pdo, gd, mysqli, mcrypt and soap extensions.
* Corrected problems with the usage of SSI and virtual() in the Apache2 SAPI.
* Build fixes for iconv and sybase_ct extensions.
* Fixed the previously broken Sun(rise|set) functions.
* SQLite libraries upgraded to 2.8.17 and 3.2.8
* Win32 binaries now include libxml2-2.6.22 and libxslt-1.1.15.