PHP Group Plugs Security Holes

The PHP Group on Friday issued a new version of the general-purpose scripting language to fix several potentially serious security vulnerabilities.

The open-source PHP, a project of the Apache Software Foundation (ASF), described version 4.3.2 as a strongly recommended upgrade for all users because of the "hazardous integer and buffer overflows" that have been fixed.

PHP 4.3.2 also squashes numerous bugs, 64-bit problems and contains an Apache 2.0 SAPI module.

PHP, which ships standard with a number of Web servers, including Red Hat Linux, has been busy fixing security-related problems, including an upgrade in February to fix a bug in the CGI SAPI.

The programming language has enjoyed phenomenal growth since its creation in 1995 and can be found on more than 12 million domains, according to statistics from Netcraft.

Mega portal Yahoo has switched from a proprietary system written in C/C++ to PHP for its backend programming, putting the language before a large enterprise audience.