Archive for March, 2007

The “Month of PHP Bugs” Begins

Friday, March 2nd, 2007

In an initiative to improve the sucurity of PHP, experts from the Hardened PHP Project have launched the "Month of PHP Bugs".

Stefan Esser’s, widely regarded as an authority on PHP security issues, plans to make daily disclosures on buffer overflows, double free vulnerabilities and trivial bypass bugs in PHP’s protection features as part of a wider goal “to make people and especially the PHP developers aware that bugs in PHP exist.”

Some of these bugs have already been addressed in PHP 5.2.1. Others are fixed by the Suhosin patches and extensions from Stefan Esser, which are freely downloadable here. Others hopefully will be addressed in the very near future by the PHP development team.

To find out more about this initiative visit the PHP Security website.