PHP 5.6.0 Released 118
An anonymous reader writes The PHP team has announced the release of PHP 5.6.0. New features include constant scalar expressions, exponentiation using the ** operator, function and constant importing with the use keyword, support for file uploads larger than 2 GB, and phpdbg as an interactive integrated debugger SAPI. The team also notes important changes affecting compatibility. For example: "Array keys won't be overwritten when defining an array as a property of a class via an array literal," json_decode() is now more strict at parsing JSON syntax, and GMP resources are now objects. Here is the migration guide, the full change log, and the downloads page.
Re:Now almost as useful as python was 5 years ago! (Score:2, Interesting)
24 CVE fixes in one language system release (Score:4, Interesting)
Here are the lines matching for grep -P 'CVE-\d{4}-\d+':
Fixed bug #67390 (insecure temporary file use in the configure script). (CVE-2014-3981)
Fixed bug #66060 (Heap buffer over-read in DateInterval). (CVE-2013-6712)
Fixed bug #67716 (Segfault in cdf.c). (CVE-2014-3587)
Fixed bug #67705 (extensive backtracking in rule regular expression). (CVE-2014-3538)
Fixed bug #67327 (fileinfo: CDF infinite loop in nelements DoS). (CVE-2014-0238)
Fixed bug #67328 (fileinfo: fileinfo: numerous file_printf calls resulting in performance degradation). (CVE-2014-0237)
Fixed bug #67326 (fileinfo: cdf_read_short_sector insufficient boundary check). (CVE-2014-0207)
Fixed bug #67410 (fileinfo: mconvert incorrect handling of truncated pascal string size). (CVE-2014-3478)
Fixed bug #67411 (fileinfo: cdf_check_stream_offset insufficient boundary check). (CVE-2014-3479)
Fixed bug #67412 (fileinfo: cdf_count_chain insufficient boundary check). (CVE-2014-3480)
Fixed bug #67413 (fileinfo: cdf_read_property_info insufficient boundary check). (CVE-2014-3487)
Fixed bug #66731 (file: infinite recursion). (CVE-2014-1943)
Fixed bug #66820 (out-of-bounds memory access in fileinfo). (CVE-2014-2270)
Fixed bug #66946 (fileinfo: extensive backtracking in awk rule regular expression). (CVE-2013-7345)
Fixed bug #67060 (sapi/fpm: possible privilege escalation due to insecure default configuration). (CVE-2014-0185)
Fixed bug #67730 (Null byte injection possible with imagexxx functions). (CVE-2014-5120)
Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference). (CVE-2014-2497)
Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()). (CVE-2013-7226)
Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer). (CVE-2013-7327)
Fixed bug #67717 (segfault in dns_get_record). (CVE-2014-3597)
Fixed bug #67432 (Fix potential segfault in dns_get_record()). (CVE-2014-4049)
Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting). (CVE-2014-4698)
Fixed bug #67538 (SPL Iterators use-after-free). (CVE-2014-4670)
Fixed bug #67492 (unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion). (CVE-2014-3515)
That's not the applications written in PHP, mind you. That's the language system.