论坛风格切换
 
  • 帖子
  • 日志
  • 用户
  • 版块
  • 群组
帖子
购买邀请后未收到邀请联系sdbeta@qq.com
  • 1810阅读
  • 0回复

[软件资讯]PHP 5.4.4 和 5.3.14 安全更新 [复制链接]

上一主题 下一主题
离线pony8000
 

发帖
53402
今日发帖
最后登录
2024-12-22
只看楼主 倒序阅读 使用道具 楼主  发表于: 2012-06-15 22:07:28
PHP 5.4.14和5.3.14发布,更新日期2012-06-15 。 ncdj/C  
上个版本是2012-05-08的5.4.3/5.3.13修正了30多个Bug以及几个安全漏洞。 ;km^ OO$  
The release fixes multiple security issues: A weakness in the DES implementation of crypt and a heap overflow issue in the phar extension.PHP 5.4.4 and PHP 5.3.14 fixes over 30 bugs. Please note that the use of php://fd streams is now restricted to the CLI SAPI mkuK$Mj  
l>*L Am5  
更新列表: CNl @8&R  
Version 5.4.4 36MNaQt'e  
06-June-2012 r?2J   
CLI SAPIImplemented FR #61977 (Need CLI web-server support for files with .htm & svg extensions)Improved performance while sending error page, this also fixed bug Fixed bug #61785 (Memory leak when access a non-exists file without router)Fixed bug #61546 (functions related to current script failed when chdir() in cli sapi)CoreFixed missing bound check in iptcparse()Fixed CVE-2012-2143Fixed bug #62097 (fix for for bug #54547)Fixed bug #62005 (unexpected behavior when incrementally assigning to a member of a null object)Fixed bug #61978 (Object recursion not detected for classes that implement JsonSerializable)Fixed bug #61991 (long overflow in realpath_cache_get())Fixed bug #61922 (ZTS build doesn't accept zend.script_encoding config)Fixed bug #61827 (incorrect e processing on Windows)Fixed bug #61782 (__clone/__destruct do not match other methods when checking access controls)Fixed bug #61761 ('Overriding' a private static method with a different signature causes crash)Fixed bug #61730 (Segfault from array_walk modifying an array passed by reference)Fixed bug #61728 (PHP crash when calling ob_start in request_shutdown phase)Fixed bug #61660 (bin2hex(hex2bin($data)) != $data)Fixed bug #61650 (ini parser crashes when using ${xxxx} ini variables (without apache2))Fixed bug #61605 (header_remove() does not remove all headers)Fixed bug #54547 (wrong equality of string numbers)Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename set to null)Changed php://fd to be available only for CLICURLFixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)COMFixed bug #62146 com_dotnet cannot be built sharedFileinfoFixed bug #61812 (Uninitialised value used in libmagic)FPMFixed bug #61812 (Uninitialised value used in libmagic)Fixed bug #61565 where php_stream_open_wrapper_ex tries to open a directory descriptor under windowsFixed bug #61566 failure caused by the posix lseek and read versions under windows in cdf_read()IconvFixed a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv library. See https://bugs.gentoo.org/show_bug.cgi?id=364139 for detailIntlFixed bug #62082 (Memory corruption in internal function get_icu_disp_value_src_php()JSONFixed bug #61537 (json_encode() incorrectly truncates/discards information)LibXMLFixed bug #61617 (Libxml tests failed(ht is already destroyed))PDOFixed bug #61755 (A parsing bug in the prepared statements can lead to access violations)PharFixed bug #61065 (Secunia SA44335) (CVE-2012-2386)StreamsFixed bug #61961 (file_get_contents leaks when access empty file with maxlen set)zlibFixed bug #61820 (using ob_gzhandler will complain about headers already sent when no compression)Fixed bug #61443 (can't change zlib.output_compression on the fly)Fixed bug #60761 (zlib.output_compression fails on refresh) (Tv~$\=  
:x3"Cj  
Version 5.3.14 BF/l#)$yK  
06-June-2012 w`_"R6  
CLI SAPIFixed bug #61546 (functions related to current script failed when chdir() in cli sapi)CoreFixed CVE-2012-2143Fixed bug #62005 (unexpected behavior when incrementally assigning to a member of a null object)Fixed bug #61730 (Segfault from array_walk modifying an array passed by reference)Fixed missing bound check in iptcparse()Fixed bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64)Fixed bug #54197 ([PATH=] sections incompatibility with user_ini.filename set to null)Fixed bug #61713 (Logic error in charset detection for htmlentities)Fixed bug #61991 (long overflow in realpath_cache_get())Changed php://fd to be available only for CLI.CURLFixed bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)COMFixed bug #62146 com_dotnet cannot be built sharedFileinfoFixed bug #61812 (Uninitialised value used in libmagic)IconvFixed a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv library. See https://bugs.gentoo.org/show_bug.cgi?id=364139 for detailIntlFixed bug #62082 (Memory corruption in internal function get_icu_disp_value_src_php()JSONFixed bug #61537 (json_encode() incorrectly truncates/discards information)PDOFixed bug #61755 (A parsing bug in the prepared statements can lead to access violations)PharFixed bug #61065 (Secunia SA44335)StreamsFixed bug #61961 (file_get_contents leaks when access empty file with maxlen set) b_w(F_0  
下载: &cZl2ynPi  
http://cn.php.net/distributions/php-5.4.4.tar.bz2 -8Q}*Z  
http://cn.php.net/distributions/php-5.3.14.tar.bz2
精品软件:百度搜闪电软件园  最新软件百度搜:闪电下载吧
有问题联系 sdbeta@qq.com