PHP 5.3.7發布

PHP開發團隊向大家宣布即將提供PHP 5.3.7的版本。此版本側重于提高超過90個bug修復，其中一些是與安全相關的PHP5.3.x分支將更穩定。

安全性增強，在PHP 5.3.7修復：

• Updated crypt_blowfish to 1.2. (CVE-2011-2483)
• Fixed crash in error_log(). Reported by Mateusz Kocielski
• Fixed buffer overflow on overlog salt in crypt().
• Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
• Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
• Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)

在PHP 5.3.7主要增強功能包括：

• Upgraded bundled Sqlite3 to version 3.7.7.1
• Upgraded bundled PCRE to version 8.12
• Fixed bug #54910 (Crash when calling call_user_func with unknown function name)
• Fixed bug #54585 (track_errors causes segfault)
• Fixed bug #54262 (Crash when assigning value to a dimension in a non-array)
• Fixed a crash inside dtor for error handling
• Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off)
• Fixed bug #54935 php_win_err can lead to crash
• Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption)
• Fixed bug #54305 (Crash in gc_remove_zval_from_buffer)
• Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value)
• Fixed bug #54529 (SAPI crashes on apache_config.c:197)
• Fixed bug #54283 (new DatePeriod(NULL) causes crash).
• Fixed bug #54269 (Short exception message buffer causes crash)
• Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries)
• Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters)
• Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and SplTempFileObject crash when user-space classes don't call the parent constructor)
• Fixed bug #54292 (Wrong parameter causes crash in SplFileObject::__construct())
• Fixed bug #54291 (Crash iterating DirectoryIterator for dir name starting with \0)
• Fixed bug #54281 (Crash in non-initialized RecursiveIteratorIterator)
• Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket)
• Fixed bug #54681 (addGlob() crashes on invalid flags)
• Over 80 other bug fixes.

Linux源碼包下載：

• PHP 5.3.7 (tar.bz2) [10,883Kb] - 18 August 2011
  md5: 2d47d003c96de4e88863ff38da61af33
• PHP 5.3.7 (tar.gz) [14,414Kb] - 18 August 2011
  md5: 1ec460bf3a40cea4079ee80076558d51

Windows版本下載：

Download source code [19.78MB]

VC9 x86 Non Thread Safe (2011-Aug-18 09:55:21)

• Zip [14.93MB]
  sha1: 230298e3503510fc2be3ef2c9a73e10d82cb93a9
• Debug Pack [7.91MB]
  sha1: b5b2fe391a83b3caef03436b31396900842289d1

VC9 x86 Thread Safe (2011-Aug-18 09:41:08)

• Zip [15.06MB]
  sha1: df591eb9a3638d7233e9087f642924b2d6cddda0
• Debug Pack [8.25MB]
  sha1: 08c329f1e00a75c8feff54d02a54daa0098b1aea

關于PHP

PHP，是英文超級文本預處理語言Hypertext Preprocessor的縮寫。PHP 是一種 HTML 內嵌式的語言，是一種在服務器端執行的嵌入HTML文檔的腳本語言，語言的風格有類似于C語言，被廣泛的運用。

PHP 獨特的語法混合了 C、Java、Perl 以及 PHP 自創新的語法。它可以比 CGI或者Perl更快速的執行動態網頁。用PHP做出的動態頁面與其他的編程語言相比，PHP是將程序嵌入到HTML文檔中去執行，執行效率比完全生成 HTML標記的CGI要高許多；PHP還可以執行編譯后代碼，編譯可以達到加密和優化代碼運行，使代碼運行更快。PHP具有非常強大的功能，所有的CGI 的功能PHP都能實現，而且支持幾乎所有流行的數據庫以及操作系統。最重要的是PHP可以用C、C++進行程序的擴展！