PHP 5.5.7/5.4.23/5.3.28 惊人发布
程序员文章站
2024-01-21 10:59:28
...
PHP 5.5.7/5.4.23/5.3.28 紧急发布
PHP 5.5.7/5.4.23/5.3.28紧急发布.2013-12-13.上个版本是2013-11-14的5.5.6/5.4.22。全部修正了一个 OpenSSL的安全漏洞(CVE-2013-6420)5.3本来已停止常规开发也更新了。 总共修正了10几个Bug(包括Opcache的几个Bug)及安全漏洞。
完全改进:
Version 5.5.7
12-Dec-2013
Core:
Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string).
Fixed bug #65969 (Chain assignment with T_LIST failure).
CLI server:
Added some MIME types to the CLI web server.
Implemented FR #65917 (getallheaders() is not supported by the built-in web server) - also implements apache_response_headers()
OPCache:
Fixed bug #66176 (Invalid constant substitution).
Fixed bug #65915 (Inconsistent results with require return value).
Fixed bug #65559 (Opcache: cache not cleared if changes occur while running).
readline:
Fixed bug #65714 (PHP cli forces the tty to cooked mode).
Openssl:
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420).
Version 5.4.23
12-Dec-2013
Core:
Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string).
Fixed bug #65947 (basename is no more working after fgetcsv in certain situation).
JSON:
Fixed whitespace part of #64874 ("json_decode handles whitespace and case-sensitivity incorrectly").
MySQLi:
Fixed bug #66043 (Segfault calling bind_param() on mysqli).
mysqlnd:
Fixed bug #66124 (mysqli under mysqlnd loses precision when bind_param with 'i').
Fixed bug #66141 (mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES after failed query).
OpenSSL:
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser).
PDO:
Fixed bug #65946 (sql_parser permanently converts values bound to strings).
Version 5.3.28
12-Dec-2013
Openssl:
Fixed handling null bytes in subjectAltName (CVE-2013-4073).
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser).
下载:
http://cn2.php.net/distributions/php-5.5.7.tar.bz2
http://cn2.php.net/distributions/php-5.4.23.tar.bz2
http://cn2.php.net/distributions/php-5.3.28.tar.bz2
------解决方案--------------------
更新的也太快了点吧
------解决方案--------------------
------解决方案--------------------
不是吧!前几天刚把php5.5.6安装上去...看来这次漏洞还不小,紧急发布
------解决方案--------------------
愁苦,那麼多服務器咋更新啊....
------解决方案--------------------
圣诞节前最后一版。
------解决方案--------------------
生产环境还是5.2.17 不准备升级 稳定才是王道
------解决方案--------------------
紧急更新。。。
------解决方案--------------------
5.3比5.2快10倍
5.4比5.3快10倍
------解决方案--------------------
对于一般站点来说,这10倍基本上是感觉不出来的,并且还要承担不稳定的风险,还不如优化一下缓存收益高。
------解决方案--------------------
Fixed whitespace part of #64874 ("json_decode handles whitespace and case-sensitivity incorrectly").
===========
这。。。难道是我上次遇到的那个问题。
PHP 5.5.7/5.4.23/5.3.28紧急发布.2013-12-13.上个版本是2013-11-14的5.5.6/5.4.22。全部修正了一个 OpenSSL的安全漏洞(CVE-2013-6420)5.3本来已停止常规开发也更新了。 总共修正了10几个Bug(包括Opcache的几个Bug)及安全漏洞。
完全改进:
Version 5.5.7
12-Dec-2013
Core:
Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string).
Fixed bug #65969 (Chain assignment with T_LIST failure).
CLI server:
Added some MIME types to the CLI web server.
Implemented FR #65917 (getallheaders() is not supported by the built-in web server) - also implements apache_response_headers()
OPCache:
Fixed bug #66176 (Invalid constant substitution).
Fixed bug #65915 (Inconsistent results with require return value).
Fixed bug #65559 (Opcache: cache not cleared if changes occur while running).
readline:
Fixed bug #65714 (PHP cli forces the tty to cooked mode).
Openssl:
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420).
Version 5.4.23
12-Dec-2013
Core:
Fixed bug #66094 (unregister_tick_function tries to cast a Closure to a string).
Fixed bug #65947 (basename is no more working after fgetcsv in certain situation).
JSON:
Fixed whitespace part of #64874 ("json_decode handles whitespace and case-sensitivity incorrectly").
MySQLi:
Fixed bug #66043 (Segfault calling bind_param() on mysqli).
mysqlnd:
Fixed bug #66124 (mysqli under mysqlnd loses precision when bind_param with 'i').
Fixed bug #66141 (mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES after failed query).
OpenSSL:
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser).
PDO:
Fixed bug #65946 (sql_parser permanently converts values bound to strings).
Version 5.3.28
12-Dec-2013
Openssl:
Fixed handling null bytes in subjectAltName (CVE-2013-4073).
Fixed memory corruption in openssl_x509_parse() (CVE-2013-6420). (Stefan Esser).
下载:
http://cn2.php.net/distributions/php-5.5.7.tar.bz2
http://cn2.php.net/distributions/php-5.4.23.tar.bz2
http://cn2.php.net/distributions/php-5.3.28.tar.bz2
------解决方案--------------------
更新的也太快了点吧
------解决方案--------------------
------解决方案--------------------
不是吧!前几天刚把php5.5.6安装上去...看来这次漏洞还不小,紧急发布
------解决方案--------------------
愁苦,那麼多服務器咋更新啊....
------解决方案--------------------
圣诞节前最后一版。
------解决方案--------------------
生产环境还是5.2.17 不准备升级 稳定才是王道
------解决方案--------------------
紧急更新。。。
------解决方案--------------------
5.3比5.2快10倍
5.4比5.3快10倍
------解决方案--------------------
对于一般站点来说,这10倍基本上是感觉不出来的,并且还要承担不稳定的风险,还不如优化一下缓存收益高。
------解决方案--------------------
Fixed whitespace part of #64874 ("json_decode handles whitespace and case-sensitivity incorrectly").
===========
这。。。难道是我上次遇到的那个问题。
相关文章
相关视频
- 谈网页编程PHP语言的发展_PHP教程
- 模拟OICQ的实现思路和核心程序三转--建议加入精...
- php新手入门经验谈_PHP教程
- 关于中英数字混的字串符分割问题_PHP教程
- PHP 5.5.7/5.4.23/5.3.28 惊...