经过4个RC版,PHP 5.3.9正式版总算发布了。2012-01-11 上一个版本还是2011-08-23的5.3.8 这个版本当然修正了那个hash 碰撞攻击bug.此外还有大量的bug修正,请使用PHP 5.3的同学尽快升级
Security Enhancements and Fixes in PHP 5.3.9:
Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885)
Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566)
Key enhancements in PHP 5.3.9 include:
Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of).
Fixed bug #55609 (mysqlnd cannot be built shared)
Many changes to the FPM SAPI module
完全改进:http://www.php.net/ChangeLog-5.php#5.3.9
下载:http://cn.php.net/distributions/php-5.3.9.tar.bz2
原文:http://www.oschina.net/news/24706/php-5-3-9
【编辑推荐】