<p>PHP开发团队向大家宣布即将提供PHP 5.3.7的版本。此版本侧重于提高超过90个bug修复,其中一些是与安全相关的PHP5.3.x分支将更稳定。</p> <p>安全性增强,在PHP 5.3.7修复:</p> <ul> <li>Updated crypt_blowfish to 1.2. (CVE-2011-2483)</li> <li>Fixed crash in error_log(). Reported by Mateusz Kocielski</li> <li>Fixed buffer overflow on overlog salt in crypt().</li> <li>Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)</li> <li>Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)</li> <li>Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)</li> </ul> <p>在PHP 5.3.7主要增强功能包括:</p> <ul> <li>Upgraded bundled Sqlite3 to version 3.7.7.1</li> <li>Upgraded bundled PCRE to version 8.12</li> <li>Fixed bug #54910 (Crash when calling call_user_func with unknown function name)</li> <li>Fixed bug #54585 (track_errors causes segfault)</li> <li>Fixed bug #54262 (Crash when assigning value to a dimension in a non-array)</li> <li>Fixed a crash inside dtor for error handling</li> <li>Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off)</li> <li>Fixed bug #54935 php_win_err can lead to crash</li> <li>Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption)</li> <li>Fixed bug #54305 (Crash in gc_remove_zval_from_buffer)</li> <li>Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value)</li> <li>Fixed bug #54529 (SAPI crashes on apache_config.c:197)</li> <li>Fixed bug #54283 (new DatePeriod(NULL) causes crash).</li> <li>Fixed bug #54269 (Short exception message buffer causes crash)</li> <li>Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries)</li> <li>Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters)</li> <li>Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and SplTempFileObject crash when user-space classes don't call the parent constructor)</li> <li>Fixed bug #54292 (Wrong parameter causes crash in SplFileObject::__construct())</li> <li>Fixed bug #54291 (Crash iterating DirectoryIterator for dir name starting with \0)</li> <li>Fixed bug #54281 (Crash in non-initialized RecursiveIteratorIterator)</li> <li>Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket)</li> <li>Fixed bug #54681 (addGlob() crashes on invalid flags)</li> <li>Over 80 other bug fixes.</li> </ul> <p><strong>Linux源码包下载:</strong></p> <ul> <li><a href="/misc/goto?guid=4958185410429890560"><span style="color:#000099;">PHP 5.3.7 (tar.bz2)</span></a> [10,883Kb] - 18 August 2011<br /> <span class="md5sum"><span style="color:#6666cc;">md5: 2d47d003c96de4e88863ff38da61af33</span></span></li> <li><a href="/misc/goto?guid=4958185411165068296"><span style="color:#000099;">PHP 5.3.7 (tar.gz)</span></a> [14,414Kb] - 18 August 2011<br /> <span class="md5sum"><span style="color:#6666cc;">md5: 1ec460bf3a40cea4079ee80076558d51</span></span></li> </ul> <p><strong>Windows版本下载:</strong></p> <p><a href="/misc/goto?guid=4958185411904963449">Download source code</a> [19.78MB]</p> <p>VC9 x86 Non Thread Safe (2011-Aug-18 09:55:21)</p> <ul> <li><a href="/misc/goto?guid=4958185412651221152">Zip</a> [14.93MB]<br /> <span class="md5sum">sha1: 230298e3503510fc2be3ef2c9a73e10d82cb93a9</span></li> <li><a href="/misc/goto?guid=4958185413389617206">Debug Pack</a> [7.91MB]<br /> <span class="md5sum">sha1: b5b2fe391a83b3caef03436b31396900842289d1</span></li> </ul> <p>VC9 x86 Thread Safe (2011-Aug-18 09:41:08)</p> <ul> <li><a href="/misc/goto?guid=4958185414146314582">Zip</a> [15.06MB]<br /> <span class="md5sum">sha1: df591eb9a3638d7233e9087f642924b2d6cddda0</span></li> <li><a href="/misc/goto?guid=4958185414895982397">Debug Pack</a> [8.25MB]<br /> <span class="md5sum">sha1: 08c329f1e00a75c8feff54d02a54daa0098b1aea</span></li> </ul> <p><strong>关于PHP</strong></p> <p>PHP,是英文超级文本预处理语言Hypertext Preprocessor的缩写。PHP 是一种 HTML 内嵌式的语言,是一种在服务器端执行的嵌入HTML文档的脚本语言,语言的风格有类似于C语言,被广泛的运用。</p> <p>PHP 独特的语法混合了 C、Java、Perl 以及 PHP 自创新的语法。它可以比 CGI或者Perl更快速的执行动态网页。用PHP做出的动态页面与其他的编程语言相比,PHP是将程序嵌入到HTML文档中去执行,执行效率比完全生成 HTML标记的CGI要高许多;PHP还可以执行编译后代码,编译可以达到加密和优化代码运行,使代码运行更快。PHP具有非常强大的功能,所有的CGI 的功能PHP都能实现,而且支持几乎所有流行的数据库以及操作系统。最重要的是PHP可以用C、C++进行程序的扩展!</p>