脚本语言PHP最新稳定版5.5.10发布.2014-03-06.上个版本是2014-02-06的5.5.9。修正了 CVE-2014-1943, CVE-2014-2270,CVE-2013-7327等大约10个Bug.5.4未更新还是2014-02-06的5.4.25.5.3除非重大安全漏洞已不做常规更新(5.3.28)。
完全改进:
Version 5.5.10
6-Mar-2014
Core:
Fixed bug #66574 (Allow multiple paths in php_ini_scanned_path).
Date:
Fixed bug #45528 (Allow the DateTimeZone constructor to accept timezones per offset too).
Fileinfo:
Fixed bug #66731 (file: infinite recursion (CVE-2014-1943)).
Fixed bug #66820 (out-of-bounds memory access in fileinfo (CVE-2014-2270)).
GD:
Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer (CVE-2013-7327)).
JSON:
Fixed bug #65753 (JsonSerializeable couldn't implement on module extension).
LDAP:
Implemented ldap_modify_batch (https://wiki.php.net/rfc/ldap_modify_batch).
Openssl:
Fixed bug #66501 (Add EC key support to php_openssl_is_private_key).
PCRE:
Upgraded to PCRE 8.34.
Pgsql:
Added warning for dangerous client encoding and remove possible injections for pg_insert()/pg_update()/pg_delete()/pg_select().
下载:http://us3.php.net/distributions/php-5.5.10.tar.bz2
来自:oschina开源中国社区
