PHP Security Updates – 5.6.36, 7.0.30, 7.1.17, and 7.2.5

May 8, 15:11 PDT
Resolved – The versions of PHP have been upgraded to 5.6.36[1], 7.0.30[2], 7.1.17[3], and 7.2.5[4], respectively. These are classified as security releases by php.net; however, the Pantheon platform was not affected by this vulnerability. Sites that are using PHP version 5.6 or later have been automatically updated and do not need to take any explicit action. PHP versions 5.5 and 5.3 have reached end-of-life, and PHP versions 5.6 and 7.0 will reach EOL in December 2018; sites still running these versions should upgrade to PHP 7.1 or later as soon as possible.[5]

[1] – http://www.php.net/ChangeLog-5.php#5.6.36
[2] – http://www.php.net/ChangeLog-7.php#7.0.30
[3] – http://www.php.net/ChangeLog-7.php#7.1.17
[4] – http://www.php.net/ChangeLog-7.php#7.2.5
[5] – https://pantheon.io/docs/php-versions/


Source: http://status.pantheon.io/history.rss