Chinaunix首页 | 论坛 | 博客
  • 博客访问: 104573041
  • 博文数量: 19283
  • 博客积分: 9968
  • 博客等级: 上将
  • 技术积分: 196062
  • 用 户 组: 普通用户
  • 注册时间: 2007-02-07 14:28
文章分类

全部博文(19283)

文章存档

2011年(1)

2009年(125)

2008年(19094)

2007年(63)

分类: LINUX

2008-05-29 15:51:16

开发团队已经于早些时候宣布了 PHP 5.2.1 可用的消息,据悉,本次发布主要是增强了 5.x 分支的稳定性和安全性。PHP 官方建议使用者升级到最新版。

在 PHP 5.2.1 发布公告中所列出的安全增强和修正有:

* Fixed a possible safe_mode & open_basedir bypasses inside the session extension.
* Prevent search engine from indexing the phpinfo() page.
* Fixed a number of input processing bugs inside the filter extension.
* Fixed unserialize() abuse on 64 bit systems with certain input strings.
* Fixed possible overflows and stack corruptions in the session extension.
* Fixed an underflow inside the internal sapi_header_op() function.
* Fixed allocation bugs caused by attempts to allocate negative values in some code paths.
* Fixed possible stack overflows inside zip, imap & sqlite extensions.
* Fixed several possible buffer overflows inside the stream filters.
* Fixed non-validated resource destruction inside the shmop extension.
* Fixed a possible overflow in the str_replace() function.
* Fixed possible clobbering of super-globals in several code paths.
* Fixed a possible information disclosure inside the wddx extension.
* Fixed a possible string format vulnerability in *print() functions on 64 bit systems.
* Fixed a possible buffer overflow inside mail() and ibase_{delete,add,modify}_user() functions.
* Fixed a string format vulnerability inside the odbc_result_all() function.
* Memory limit is now enabled by default.
* Added internal heap protection.
* Extended filter extension support for $_SERVER IN cgi AND apache2 SAPIs.

你可以从下面的链接下载到 PHP 的最新版,其中包括完整的源码包和用于 Windows 平台的二进制包。

Download

阅读(411) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~