PHP 5.2.3 发布

2007年06月01日 04:16 查看7766次 作者: esayr  【
文章分类:PHP5研究[新]

PHP开发团队于六一儿童节释出 PHP 5.2.3 .此版本改进5.*系列的安全和稳定性.

主要改动有:

修复chunk_split() 函数的一个整数溢出.
修复imagecreatefrompng处理时可能存在的无限循环问题.
新增mysql_set_charset()函数,以便在程序运行时改变mysql的字符串编码.
....

推荐所有5.*的用户升级到此版本.

WIN系统点这里下载:PHP 5.2.3 zip package 9,617Kb
linux系统点这里下载:PHP 5.2.3 (tar.gz) 9,123Kb

原文如下:

[01-Jun-2007] The PHP development team would like to announce the immediate availability of PHP 5.2.3. This release continues to improve the security and the stability of the 5.X branch as well as addressing two regressions introduced by the previous 5.2 releases. These regressions relate to the timeout handling over non-blocking SSL connections and the lack of HTTP_RAW_POST_DATA in certain conditions. All users are encouraged to upgrade to this release.

Further details about the PHP 5.2.3 release can be found in the release announcement for 5.2.3, the full list of changes is available in the ChangeLog for PHP 5.

Security Enhancements and Fixes in PHP 5.2.3:

  • Fixed an integer overflow inside chunk_split() (by Gerhard Wagner, CVE-2007-2872)
  • Fixed possible infinite loop in imagecreatefrompng. (by Xavier Roche, CVE-2007-2756)
  • Fixed ext/filter Email Validation Vulnerability (MOPB-45 by Stefan Esser, CVE-2007-1900)
  • Fixed bug #41492 (open_basedir/safe_mode bypass inside realpath()) (by bugs dot php dot net at chsc dot dk)
  • Improved fix for CVE-2007-1887 to work with non-bundled sqlite2 lib.
  • Added mysql_set_charset() to allow runtime altering of connection encoding.

For users upgrading to PHP 5.2 from PHP 5.0 and PHP 5.1, an upgrade guide is available here, detailing the changes between those releases and PHP 5.2.3.

责任编辑:easy

给文章打分...

平均分:0.5(44 次)

-5 -4 -3 -2 -1 0 1 2 3 4 5
2

顶一下

发表我的见解...

  • 您的大名: 留空为匿名
  • 您的主页:
  • 您的邮箱: