Severe security issue in PHP <= 8.3.7. Upgrade now

admin

PHP 8.3.7 and earlier contain a severe security issue that is exploitable remotely : https://github.com/watchtowrlabs/CVE-2024-4577 .
The PHP group has released a new version 8.3.8 which fixes the flaw. Upgrading to the latest version is highly recommended.
We have prepared the preconfigured packages for the new version 8.3.8. They are available for both 32 and 64-bit Windows 8 and later and for macOS from https://aprelium.com/downloads .
IMPORTANT : PHP 8.3 may be not compatible with some of your old scripts - Be cautious when upgrading and have a look on the migration guide available on PHP's site: https://www.php.net/manual/en/migration83.php .

tfh

Since this exploit allowes Remote Code Execution, maybe send an e-mail to users would be more appropiate?

admin

tfh wrote
Since this exploit allowes Remote Code Execution, maybe send an e-mail to users would be more appropiate?

We don't maintain a list of users who have downloaded PHP from our Web site.