感谢西部数码代理的投递 PHP 5.4.5和5.3.15发布。 上个版本是2012-06-15的5.4.4/5.3.14修正了30多个Bug以及几个安全漏洞。经过1个RC. This release fixes over 30 bugs and includes a fix for a security related overflow issue in the stream implementation. Version 5.4.5 19-July-2012 Core Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent) Fixed bug #62373 (serialize() generates wrong reference to the object). Fixed bug #62357 (compile failure: (S) Arguments missing for built-in function __memcmp) Fixed bug #61998 (Using traits with method aliases appears to result in crash during execution) Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon) Fixed potential overflow in _php_stream_scandir (CVE-2012-2688) EXIF Fixed information leak in ext exi FPM Fixed bug #62205 (php-fpm segfaults (null passed to strstr) Fixed bug #62160 (Add process.priority to set nice(2) priorities) Fixed bug #62153 (when using unix sockets, multiples FPM instances) Fixed bug #62033 (php-fpm exits with status 0 on some failures to start) Fixed bug #61839 (Unable to cross-compile PHP with --enable-fpm) Fixed bug #61835 (php-fpm is not allowed to run as root) Fixed bug #61295 (php-fpm should not fail with commented 'user' Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests) Fixed bug #61045 (fpm don't send error log to fastcgi clients). (fat) for non-root start) Fixed bug #61026 (FPM pools can listen on the same address). (fat) can be launched without errors) Iconv Fixed bug #55042 (Erealloc in iconv.c unsafe) Intl Fixed bug #62083 (grapheme_extract() memory leaks) Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice) Fixed bug #62070 (Collator::getSortKey() returns garbage) Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern) Fixed bug #60785 (memory leak in IntlDateFormatter constructor) ResourceBundle constructor now accepts NULL for the first two arguments JSON Fixed bug #61359 (json_encode() calls too many reallocs) libxml Fixed bug #62266 (Custom extension segfaults during xmlParseFile with FPM SAPI) Phar Fixed bug #62227 (Invalid phar stream path causes crash) Readline Fixed bug #62186 (readline fails to compile - void function should not return a value) Reflection Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault) Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant) Sockets Fixed bug #62025 (__ss_family was changed on AIX 5.3) SPL Fixed bug #62433 (Inconsistent behavior of RecursiveDirectoryIterator to dot files) Fixed bug #62262 (RecursiveArrayIterator does not implement Countable) XML Writer Fixed bug #62064 (memory leak in the XML Writer module) Zip Upgraded libzip to 0.10. Version 5.3.15 19-July-2012 Zend Engine Fixed bug #51094 (parse_ini_file() with INI_SCANNER_RAW cuts a value that includes a semi-colon) COM Fixed bug #62146 com_dotnet cannot be built shared Core Fixed potential overflow in _php_stream_scandir, CVE-2012-2688 Fixed bug #62432 (ReflectionMethod random corrupt memory on high concurrent) Fixed bug #62443 (Crypt SHA256/512 Segfaults With Malformed Salt) Fileinfo Fixed magic file regex support FPM Fixed bug #61045 (fpm don't send error log to fastcgi clients) Fixed bug #61835 (php-fpm is not allowed to run as root) Fixed bug #61295 (php-fpm should not fail with commented 'user' for non-root start) Fixed bug #61026 (FPM pools can listen on the same address) Fixed bug #62033 (php-fpm exits with status 0 on some failures to start) Fixed bug #62153 (when using unix sockets, multiples FPM instances can be launched without errors) Fixed bug #62160 (Add process.priority to set nice(2) priorities) Fixed bug #61218 (FPM drops connection while receiving some binary values in FastCGI requests) Fixed bug #62205 (php-fpm segfaults (null passed to strstr)) Intl Fixed bug #62083 (grapheme_extract() memory leaks) Fixed bug #62081 (IntlDateFormatter constructor leaks memory when called twice) Fixed bug #62070 (Collator::getSortKey() returns garbage) Fixed bug #62017 (datefmt_create with incorrectly encoded timezone leaks pattern) Fixed bug #60785 (memory leak in IntlDateFormatter constructor) JSON Reverted fix for bug #61537 Phar Fixed bug #62227 (Invalid phar stream path causes crash) Reflection Fixed bug #62384 (Attempting to invoke a Closure more than once causes segfault) Fixed bug #62202 (ReflectionParameter::getDefaultValue() memory leaks with constant) SPL Fixed bug #62262 (RecursiveArrayIterator does not implement Countable) SQLite Fixed open_basedir bypass, CVE-2012-3365 XML Write Fixed bug #62064 (memory leak in the XML Writer module) Zip Upgraded libzip to 0.10 下载: http://us3.php.net/distributions/php-5.4.5.tar.bz2 http://us3.php.net/distributions/php-5.3.15.tar.bz2
