Many developers are quick to upgrade to the latest PHP releases in order to take advantage of the latest functionality, or protect themselves and their users from potential security issues. The folks who create the PHP scripting language this week, however, are urging PHP users to avoid updating to last week’s release, due to a serious but that affects cryptographic functions.
The release with the problem, version 5.3.7, contains a flaw that deals with the crypt() function that is utilized for cryptographically hashing a text string. If a developer uses the command along with the MD5 algorithm and what is called salt characters (which are typically used to aid in randomizing the resulting hash value) PHP responds by returning the salt, but not the salted hash.
Although they were aware of the issue, they released the update anyway because it fixed several other security issues. That said, they still informed users about the problem, and asked them to hold off, stating that “Due to unfortunate issues with 5.3.7 users should wait with upgrading until 5.3.8 will be released (expected in few days)”.
Read the original article here.
The original home of HTML tutorials. HTMLGoodies is a website dedicated to publishing tutorials that cover every aspect of being a web developer. We cover programming and web development tutorials on languages and technologies such as HTML, JavaScript, and CSS. In addition, our articles cover web frameworks like Angular and React.JS, as well as popular Content Management Systems (CMS) that include WordPress, Drupal, and Joomla. Website development platforms like Shopify, Squarespace, and Wix are also featured. Topics related to solid web design and Internet Marketing also find a home on HTMLGoodies, as we discuss UX/UI Design, Search Engine Optimization (SEO), and web dev best practices.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.
