Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

  PHP
  Available for:  OS X Lion v10.7.5, OS X Lion Server v10.7.5,
  OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1
  Impact:  Multiple vulnerabilities in PHP
  Description:  Multiple vulnerabilities existed in PHP, the most
  serious of which may have led to arbitrary code execution <…>
Didn't know it's in Mac OS X… But yeah, it is… /usr/bin/php


Oddly enough, the release notes states they upgraded to "5.4.22"... but "/usr/bin/php -v" gives "5.4.24" here.


Both the webserver (Apache) and PHP are off by default and have to be enabled separately, the latter by editing a config file.

Essentially, only Mac-owning web developers who enable these things (and serve PHP from their box to the world) are affected by any security problems in PHP. I imagine that most such web developers actually only dev locally and push the code to another server. It's nice that they updated them anyway.




Consider applying for YC's Summer 2026 batch! Applications are open till May 4

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: