The PHP development team would like to announce the immediate availability of PHP 5.3.3. This release focuses on improving the stability and security of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users are encouraged to upgrade to this release. Backwards incompatible change: Methods with the same name as the last element of a namespaced class name will no longer be treated as constructor. This change doesn't affect non-namespaced classes. <?php namespace Foo; class Bar {     public function Bar() {         // treated as constructor in PHP 5.3.0-5.3.2         // treated as regular method in PHP 5.3.3     } } ?> There is no impact on migration from 5.2.x because namespaces were only introduced in PHP 5.3. Security Enhancements and Fixes in PHP 5.3.3: Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). Fixed a possible resource destruction issues in shm_put_var(). Fixed a possible information leak because of interruption of XOR operator. Fixed a possible memory corruption because of unexpected call-time pass by refernce and following memory clobbering through callbacks. Fixed a possible memory corruption in ArrayObject::uasort(). Fixed a possible memory corruption in parse_str(). Fixed a possible memory corruption in pack(). Fixed a possible memory corruption in substr_replace(). Fixed a possible memory corruption in addcslashes(). Fixed a possible stack exhaustion inside fnmatch(). Fixed a possible dechunking filter buffer overflow. Fixed a possible arbitrary memory access inside sqlite extension. Fixed string format validation inside phar extension. Fixed handling of session variable serialization on certain prefix characters. Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). Fixed SplObjectStorage unserialization problems (CVE-2010-2225). Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. Fixed possible buffer overflows when handling error packets in mysqlnd. Key enhancements in PHP 5.3.3 include: Upgraded bundled sqlite to version 3.6.23.1. Upgraded bundled PCRE to version 8.02. Added FastCGI Process Manager (FPM) SAPI. Added stream filter support to mcrypt extension. Added full_special_chars filter to ext/filter. Fixed a possible crash because of recursive GC invocation. Fixed bug #52238 (Crash when an Exception occured in iterator_to_array). Fixed bug #52041 (Memory leak when writing on uninitialized variable returned from function). Fixed bug #52060 (Memory leak when passing a closure to method_exists()). Fixed bug #52001 (Memory allocation problems after using variable variables). Fixed bug #51723 (Content-length header is limited to 32bit integer with Apache2 on Windows). Fixed bug #48930 (__COMPILER_HALT_OFFSET__ incorrect in PHP >= 5.3). For users upgrading from PHP 5.2 there is a migration guide available on http://php.net/migration53, detailing the changes between those releases and PHP 5.3. For a full list of changes in PHP 5.3.3, see the ChangeLog.

The PHP development team would like to announce the immediate availability of PHP 5.2.14. This release focuses on improving the stability of the PHP 5.2.x branch with over 60 bug fixes, some of which are security related. This release marks the end of the active support for PHP 5.2. Following this release the PHP 5.2 series will receive no further active bug maintenance. Security fixes for PHP 5.2 might be published on a case by cases basis. All users of PHP 5.2 are encouraged to upgrade to PHP 5.3. Security Enhancements and Fixes in PHP 5.2.14: Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs. Fixed a possible interruption array leak in strrchr().(CVE-2010-2484) Fixed a possible interruption array leak in strchr(), strstr(), substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim(). Fixed a possible memory corruption in substr_replace(). Fixed SplObjectStorage unserialization problems (CVE-2010-2225). Fixed a possible stack exaustion inside fnmatch(). Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). Fixed handling of session variable serialization on certain prefix characters. Fixed a possible arbitrary memory access inside sqlite extension. Reported by Mateusz Kocielski. Key enhancements in PHP 5.2.14 include: Upgraded bundled PCRE to version 8.02. Updated timezone database to version 2010.5. Fixed bug #52238 (Crash when an Exception occured in iterator_to_array). Fixed bug #52237 (Crash when passing the reference of the property of a non-object). Fixed bug #52041 (Memory leak when writing on uninitialized variable returned from function). Fixed bug #51822 (Segfault with strange __destruct() for static class variables). Fixed bug #51552 (debug_backtrace() causes segmentation fault and/or memory issues). Fixed bug #49267 (Linking fails for iconv on MacOS: "Undefined symbols: _libiconv"). To prepare for upgrading to PHP 5.3, now that PHP 5.2's support ended, a migration guide available on http://php.net/migration53, details the changes between PHP 5.2 and PHP 5.3. For a full list of changes in PHP 5.2.14 see the ChangeLog at http://www.php.net/ChangeLog-5.php#5.2.14.

PHP is proud to announce TestFest 2010. TestFest is PHP's annual campaign to increase the overall code coverage of PHP through PHPT tests. During TestFest, PHP User Groups and individuals around the world organize local events where new tests are written and new contributors are introduced to PHP's testing suite. Last year was very successful with 887 tests submitted and a code coverage increase of 2.5%. This year we hope to do better. TestFest's own SVN repository and reporting tools are back online for this year's event. New to TestFest this year are automated test environment build tools as well as screencasts showing those build tools in action. Please visit the TestFest 2010 wiki page for all the details on events being organized in your area, or find out how you can organize your own event.

PHP | OSI Days 2010 is the premier PHP conference being organised at Asia's largest Open Source Conference - OSI Days 2010. We invite you to come and lead a tutorial / session or participate in Panel Discussions at OSI Days 2010 specifically for the PHP domain. The last date for submitting a proposal for the conference is 15th June 2010. The conference is scheduled for September 19-21, 2010 at Chennai, India. Submit a proposal now! If you are one of the following: Open Source Enthusiast Developer/ Hacker/ Techie/ Geek IT Manager/ CXO Open Source Entrepreneur Designer/ UI Expert Open Source Trainer/ Educationist We invite you to submit a proposal on one of the topics below: Cloud Computing: Tools and Platforms, Cloudnomics, Cloud for Dummies & Others PHP: PHP 5 & 6, PHP Security, Frameworks, Architecture / QA & Best Practices Drupal: Best Practices, Module Development, Theme Development, Scaling/ Management/ Performance & Others Databases: MySQL, NoSQL, CouchDB, PostgreSQL, Ingres, SQLite & Others Java Script Developer / Tools & Techniques Types of Presentation 45 minute Session minute Panel Discussion Half Day tutorial / workshop Full Day tutorial / workshop Your proposals Should be Free of Marketing talks / self promotion / company promotion: Please speak about ideas/ technology/ business and not about yourself or your company. Talk about Open Source Projects/ Products and not strictly commercial closed source products. Clearly identify your target audience and what are the pre-requisites while submitting the proposal Have a clear title and limit the scope of your proposal to something specific rather than trying to cover too much Speaker Benefits OSI Days offers its speakers tremendous opportunities for exposure and recognition as an industry leader. Your session will attract many technical & Business professionals interested in learning from your example, expertise and experience. In appreciation of your contributions as a Conference Speaker, we provide you many benefits, read them in full detail. Contact For registration and more details visit: http://osidays.com or contact Dhiraj Khare at dhiraj@osidays.com or call at +919811206582 Team, OSI Days 2010

Pivot was recently approved for graduation from the Apache Incubator. Here’s Greg Brown, one of the founding members of the project, speaking with us about what Pivot is.

You can listen to it HERE, or via iTunes.

Related links:

1. Pivot website (old address, new address)