PHP Releases 8.5.8 and 8.4.23 with Security Patches
PHP has released PHP 8.5.8 and 8.4.23, delivering critical security patches and stability improvements to its active branches. The 8.4 update addresses a heap corruption vulnerability in openssl_encrypt using AES-WRAP-PAD, while both releases fix a Phar directory protection bypass and Opcache inheritance cache replay issues. The updates arrive as PHP maintains its dominance over 70.8% of known websites, with the 8.x branch now capturing 61.3% of the PHP ecosystem share.
PHP Releases 8.5.8 and 8.4.23 with Security Patches @ Linux Compatible
PHP Releases 8.5.8 and 8.4.23 with Security Patches
PHP has released updates 8.5.8 and 8.4.23, which include critical security patches and improvements for its active branches. The updates address significant vulnerabilities, including a memory corruption issue in OpenSSL for the 8.4 version and a Phar directory protection bypass affecting both versions. PHP continues to dominate the web, powering over 70.8% of websites, with the 8.x branch now representing 61.3% of the ecosystem. Additionally, the first alpha version of PHP 8.6.0 has been released for developers to test upcoming features, while users are encouraged to update to the latest versions for enhanced security and stability
