PHP 5.3.6 发布(修复60多处bug)

PHP是一种新型的CGI程序编写语言,易学易用,运行速度快,可以方便快捷地编写出功能强大,运行速度快,并可同时运行于 Windows、Unix、Linux平台的Web后台程序, 内置了对文件上传、密码认证、Cookies操作、邮件收发、动态GIF生成等功能,PHP 直接为很多数据库提供原本的连接,包括Oracle、Sybase、Postgres、Mysql、Informix、Dbase、Solid、 Access等,完全支持ODBC接口,用户更换平台时,无需变换PHP代码,可即拿即用.

经过三个RC后，php 5.3.6 今天正式发布.此版本共修复了超过60个包含安全性在内的bug.

下载:http://cn2.php.net/distributions/php-5.3.6.tar.bz2

Security Enhancements and Fixes in PHP 5.3.6:

   * Enforce security in the fastcgi protocol parsing with fpm SAPI.
   * Fixed bug #54247 (format-string vulnerability on Phar).
     (CVE-2011-1153)
   * Fixed bug #54193 (Integer overflow in shmop_read()).
     (CVE-2011-1092)
   * Fixed bug #54055 (buffer overrun with high values for precision
     ini setting).
   * Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
   * Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty
     archive). (CVE-2011-0421)

Key enhancements in PHP 5.3.6 include:

   * Upgraded bundled Sqlite3 to version 3.7.4.
   * Upgraded bundled PCRE to version 8.11.
   * Added ability to connect to HTTPS sites through proxy with basic
     authentication using stream_context/http/header/