PHP发布5.4.4 和 5.3.14版本涉及安全更新
2012-06-17 23:53:02 来源:我爱运维网 评论:0 点击:
2012-06-15新发布了PHP的5.4.14和5.3.14版本。上个版本是2012-05-08的5.4.3/5.3.13.本次新版延修复了多个及安全漏洞及修正30多处Bugs。完整...
2012-06-15新发布了PHP的5.4.14和5.3.14版本。上个版本是2012-05-08的5.4.3/5.3.13.本次新版延修复了多个及安全漏洞及修正30多处Bugs。
完整的变更摘要:
版本5.4.4
- CLI SAPI
- Implemented FR #61977 (Need CLI web-server support for files with .htm & svg extensions)
- Improved performance while sending error page, this also 修复bug 修复bug#61785 (Memory leak when access a non-exists file without router)
- 修复bug #61546 (functions related to current script failed when chdir() in cli sapi)
- Core
- 修复missing bound check in iptcparse()
- 修复CVE-2012-2143
- 修复bug #62097 (fix for for bug #54547)
- 修复bug #62005 (unexpected behavior when incrementally assigning to a member of a null object)
- 修复bug #61978 (Object recursion not detected for classes that implement JsonSerializable)
- 修复bug #61991 (long overflow in realpath_cache_get())
- 修复bug #61922 (ZTS build doesn't accept zend.script_encoding config)
- 修复bug #61827 (incorrect \e processing on Windows)
- 修复bug #61782 (__clone/__destruct do not match other methods when checking access controls)
- 修复bug #61761 ('Overriding' a private static method with a different signature causes crash)
- 修复bug #61730 (Segfault from array_walk modifying an array passed by reference)
- 修复bug #61728 (PHP crash when calling ob_start in request_shutdown phase)
- 修复bug #61660 (bin2hex(hex2bin($data)) != $data)
- 修复bug #61650 (ini parser crashes when using ${xxxx} ini variables (without apache2))
- 修复bug #61605 (header_remove() does not remove all headers)
- 修复bug #54547 (wrong equality of string numbers)
- 修复bug #54197 ([PATH=] sections incompatibility with user_ini.filename set to null)
- Changed php://fd to be available only for CLI
- CURL
- 修复bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
- COM
- 修复bug #62146 com_dotnet cannot be built shared
- Fileinfo
- 修复bug #61812 (Uninitialised value used in libmagic)
- FPM
- Iconv
- 修复a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv library. Seehttps://bugs.gentoo.org/show_bug.cgi?id=364139 for detail
- Intl
- 修复bug #62082 (Memory corruption in internal function get_icu_disp_value_src_php()
- JSON
- 修复bug #61537 (json_encode() incorrectly truncates/discards information)
- LibXML
- 修复bug #61617 (Libxml tests failed(ht is already destroyed))
- PDO
- 修复bug #61755 (A parsing bug in the prepared statements can lead to access violations)
- Phar
- 修复bug #61065 (Secunia SA44335) (CVE-2012-2386)
- Streams
- 修复bug #61961 (file_get_contents leaks when access empty file with maxlen set)
- zlib
版本5.3.14
- CLI SAPI
- 修复bug #61546 (functions related to current script failed when chdir() in cli sapi)
- Core
- 修复CVE-2012-2143
- 修复bug #62005 (unexpected behavior when incrementally assigning to a member of a null object)
- 修复bug #61730 (Segfault from array_walk modifying an array passed by reference)
- 修复missing bound check in iptcparse()
- 修复bug #61764 ('I' unpacks n as signed if n > 2^31-1 on LP64)
- 修复bug #54197 ([PATH=] sections incompatibility with user_ini.filename set to null)
- 修复bug #61713 (Logic error in charset detection for htmlentities)
- 修复bug #61991 (long overflow in realpath_cache_get())
- Changed php://fd to be available only for CLI.
- CURL
- 修复bug #61948 (CURLOPT_COOKIEFILE '' raises open_basedir restriction)
- COM
- 修复bug #62146 com_dotnet cannot be built shared
- Fileinfo
- 修复bug #61812 (Uninitialised value used in libmagic)
- Iconv
- 修复a bug that iconv extension fails to link to the correct library when another extension makes use of a library that links to the iconv library. Seehttps://bugs.gentoo.org/show_bug.cgi?id=364139 for detail
- Intl
- 修复bug #62082 (Memory corruption in internal function get_icu_disp_value_src_php()
- JSON
- 修复bug #61537 (json_encode() incorrectly truncates/discards information)
- PDO
- 修复bug #61755 (A parsing bug in the prepared statements can lead to access violations)
- Phar
- 修复bug #61065 (Secunia SA44335)
- Streams
- 修复bug #61961 (file_get_contents leaks when access empty file with maxlen set)
PHP的5.4.14和5.3.14版本下载链接:
http://cn.php.net/distributions/php-5.4.4.tar.bz2
http://cn.php.net/distributions/php-5.3.14.tar.bz2
分享到:
收藏
收藏
评论排行
- ·Windows(Win7)下用Xming...(92)
- ·使用jmx client监控activemq(20)
- ·Hive查询OOM分析(14)
- ·复杂网络架构导致的诡异...(8)
- ·使用 OpenStack 实现云...(7)
- ·影响Java EE性能的十大问题(6)
- ·云计算平台管理的三大利...(6)
- ·Mysql数据库复制延时分析(5)
- ·OpenStack Nova开发与测...(4)
- ·LTPP一键安装包1.2 发布(4)
- ·Linux下系统或服务排障的...(4)
- ·PHP发布5.4.4 和 5.3.1...(4)
- ·RSYSLOG搭建集中日志管理服务(4)
- ·转换程序源码的编码格式[...(3)
- ·Linux 的木马程式 Wirenet 出现(3)
- ·Nginx 发布1.2.1稳定版...(3)
- ·zend framework文件读取漏洞分析(3)
- ·Percona Playback 0.3 development release(3)
- ·运维业务与CMDB集成关系一例(3)
- ·应该知道的Linux技巧(3)
频道总排行
