PHP 5.3.9 – 修补重大Hash冲突漏洞

分类:新闻 | 2012-01-11 | 撸过 224 次
0人扯谈

PHP 5.3.9正式版发布了。

此次更新修复了诸多BUG,如Hash冲突漏洞,对于5.3.8的用户,要速度更新。

Security Enhancements and Fixes in PHP 5.3.9:

Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885) (HASH冲突问题)
Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566)

Key enhancements in PHP 5.3.9 include:

Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of).
Fixed bug #55609 (mysqlnd cannot be built shared)
Many changes to the FPM SAPI module

下载:PHP 5.3.9 Final for Windows (15.00 MB)
下载:PHP 5.3.9 Final for Linux (10.44 MB)

Hash冲突漏洞:https://www.webshell.cc/2488.html

本站内容均为原创,转载请务必保留署名与链接!
PHP 5.3.9 – 修补重大Hash冲突漏洞:https://www.webshell.cc/2490.html
标签: ,

相关日志