PHP">开发团队向大家宣布即将提供PHP 5.3.7的版本。此版本侧重于提高超过90个bug修复,其中一些是与安全相关的PHP5.3.x分支将更稳定。
安全性增强,在PHP 5.3.7修复:
Updated
crypt_blowfish to 1.2. (CVE-2011-2483) Fixed crash in error_log(). Reported by Mateusz Kocielski Fixed buffer overflow on overlog salt in crypt(). Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202) Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938) Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
在PHP 5.3.7主要增强功能包括:
Upgraded bundled Sqlite3 to version 3.7.7.1 Upgraded bundled PCRE to version 8.12 Fixed bug #54910 (Crash when calling call_user_func with unknown
function name) Fixed bug #54585 (track_errors causes segfault) Fixed bug #54262 (Crash when assigning value to a dimension in a non-array) Fixed a crash inside dtor for error handling Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off) Fixed bug #54935 php_win_err can lead to crash Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption) Fixed bug #54305 (Crash in gc_remove_zval_from_buffer) Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value) Fixed bug #54529 (SAPI crashes on apache_config.c:197) Fixed bug #54283 (new DatePeriod(NULL) causes crash). Fixed bug #54269 (Short exception message buffer causes crash) Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries) Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters) Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and SplTempFileObject crash when user-space classes don't call the parent constructor) Fixed bug #54292 (Wrong parameter causes crash in SplFileObject::__construct()) Fixed bug #54291 (Crash iterating
DirectoryIterator for dir name starting with \0) Fixed bug #54281 (Crash in non-
initialized RecursiveIteratorIterator) Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket) Fixed bug #54681 (addGlob() crashes on invalid flags) Over 80 other bug fixes.
Linux源码包下载:
PHP 5.3.7 (tar.bz2) [10,883Kb] - 18 August 2011
md5: 2d47d003c96de4e88863ff38da61af33 PHP 5.3.7 (tar.gz) [14,414Kb] - 18 August 2011
md5: 1ec460bf
3a40cea4079ee80076558d51
Windows版本下载:
Download source code [19.78MB]
VC9 x86 Non Thread Safe (2011-Aug-18 09:55:21)
Zip [14.93MB]
sha1: 230298e3503510fc2be3ef2c9a73e10d82cb93a9 Debug Pack [7.91MB]
sha1: b5b2fe391a83b3caef03436b31396
900842289d1
VC9 x86 Thread Safe (2011-Aug-18 09:41:08)
Zip [15.06MB]
sha1: df591eb9a3638d7233e9087f642924b2d6cddda0 Debug Pack [8.25MB]
sha1: 08c329f1e00a75c8feff54d02a54daa0098b1aea
关于PHP
PHP,是英文超级文本预处理语言Hypertext Preprocessor的缩写。PHP 是一种 HTML 内嵌式的语言,是一种在服务器端执行的嵌入HTML文档的脚本语言,语言的风格有类似于C语言,被广泛的运用。
PHP 独特的语法混合了 C、Java、Perl 以及 PHP 自创新的语法。它可以比 CGI或者Perl更快速的执行动态网页。用PHP做出的动态页面与其他的编程语言相比,PHP是将程序嵌入到HTML文档中去执行,执行效率比完全生成HTML标记的CGI要高许多;PHP还可以执行编译后代码,编译可以达到加密和优化代码运行,使代码运行更快。PHP具有非常强大的功能,所有的CGI的功能PHP都能实现,而且支持几乎所有流行的数据库以及操作系统。最重要的是PHP可以用C、C++进行程序的扩展!