PHP 发布了三个更新版本,分别是 5.4.44 、5.5.28 和 5.6.12,这三个版本主要是安全方面的更新,详细内容请看 ChangeLog。
Version 5.6.12
06 Aug 2015
- Core:
- Fixed bug #70012 (Exception lost with nested finally block).
- Fixed bug #70002 (TS issues with temporary dir handling).
- Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls).
- Fixed bug #69892 (Different arrays compare indentical due to integer key truncation).
- Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref).
- CLI server:
- Fixed bug #69655 (php -S changes MKCALENDAR request method to MKCOL).
- Fixed bug #64878 (304 responses return Content-Type header).
- GD:
- Fixed bug #53156 (imagerectangle problem with point ordering).
- Fixed bug #66387 (Stack overflow with imagefilltoborder).
- Fixed bug #70102 (imagecreatefromwebm() shifts colors).
- Fixed bug #66590 (imagewebp() doesn't pad to even length).
- Fixed bug #66882 (imagerotate by -90 degrees truncates image by 1px).
- Fixed bug #70064 (imagescale(..., IMG_BICUBIC) leaks memory).
- Fixed bug #69024 (imagescale segfault with palette based image).
- Fixed bug #53154 (Zero-height rectangle has whiskers).
- Fixed bug #67447 (imagecrop() add a black line when cropping).
- Fixed bug #68714 (copy 'n paste error).
- Fixed bug #66339 (PHP segfaults in imagexbm).
- Fixed bug #70047 (gd_info() doesn't report WebP support).
- ODBC:
- Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns).
- OpenSSL:
- Fixed bug #69882 (OpenSSL error "key values mismatch" after openssl_pkcs12_read with extra cert).
- Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure).
- Phar:
- Improved fix for bug #69441.
- Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory).
- SOAP:
- Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions).
- SPL:
- Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
- Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject).
- Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage).
- Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList).
- Standard:
- Fixed bug #70096 (Repeated iptcembed() adds superfluous FF bytes).
Version 5.5.28
06-Aug-2015
- Core:
- Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls).
- Fixed bug #69892 (Different arrays compare indentical due to integer key truncation).
- Fixed bug #70002 (TS issues with temporary dir handling).
- Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref).
- OpenSSL:
- Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure).
- Phar:
- Improved fix for bug #69441.
- Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory).
- SOAP:
- Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions).
- SPL:
- Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
- Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject).
- Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage).
- Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList).
Version 5.4.44
06-Aug-2015
- Core:
- Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls).
- Fixed bug #69892 (Different arrays compare indentical due to integer key truncation).
- Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref).
- OpenSSL:
- Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure).
- Phar:
- Improved fix for bug #69441.
- Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory).
- SOAP:
- Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions).
- SPL:
- Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items).
- Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject).
- Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage).
- Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList).
PHP 7 ,你值得拥有 http://www.linuxidc.com/Linux/2015-06/118847.htm
在 CentOS 7.x / Fedora 21 上面体验 PHP 7.0 http://www.linuxidc.com/Linux/2015-05/117960.htm
CentOS 6.3 安装LNMP (PHP 5.4,MyySQL5.6) http://www.linuxidc.com/Linux/2013-04/82069.htm
在部署LNMP的时候遇到Nginx启动失败的2个问题 http://www.linuxidc.com/Linux/2013-03/81120.htm
Ubuntu安装Nginx php5-fpm MySQL(LNMP环境搭建) http://www.linuxidc.com/Linux/2012-10/72458.htm
《细说PHP》高清扫描PDF+光盘源码+全套教学视频 http://www.linuxidc.com/Linux/2014-03/97536.htm
CentOS 6中配置PHP的LNMP的开发环境 http://www.linuxidc.com/Linux/2013-12/93869.htm