2009年11月20日

[installer 2146] PHP 5.3.1

PHP 5.3.1 出ています。

http://www.php.net/archive/2009.php#id2009-11-19-1 より:
BEGIN-----------------------------------------------------
PHP 5.3.1 Released!
[19-Nov-2009]
The PHP development team would like to announce the immediate
availability of PHP 5.3.1. This release focuses on improving the

stability of the PHP 5.3.x branch with over 100 bug fixes, some of
which are security related. All users of PHP are encouraged to upgrade
to this release.

Security Enhancements and Fixes in PHP 5.3.1:

o Added "max_file_uploads" INI directive, which can be set to limit
the number of file uploads per-request to 20 by default, to prevent
possible DOS via temporary file exhaustion.
o Added missing sanity checks around exif processing.
o Fixed a safe_mode bypass in tempnam().
o Fixed a open_basedir bypass in posix_mkfifo().
o Fixed failing safe_mode_include_dir.

Further details about the PHP 5.3.1 release can be found in the
release announcement, and the full list of changes are available in
the ChangeLog.
END-------------------------------------------------------

☆ PHP 5.3.1
http://www.php.net/
http://www.php.net/downloads.php#v5
http://www.php.net/distributions/php-5.3.1.tar.gz
http://static.php.net/www.php.net/distributions/php-5.3.1.tar.gz

19 Nov 2009, PHP 5.3.1

- Added "max_file_uploads" INI directive, which can be set to limit the
number of file uploads per-request to 20 by default, to prevent possible
DOS via temporary file exhaustion. (Ilia)
- Added missing sanity checks around exif processing. (Ilia)
- Added error constant when json_encode() detects an invalid UTF-8 sequence.
(Scott)
- Added support for ACL on Windows for thread safe SAPI (Apache2 for example)
and fix its support on NTS. (Pierre)

- Upgraded bundled sqlite to version 3.6.19. (Scott)
- Updated timezone database to version 2009.17 (2009q). (Derick)

- Fixed crash in com_print_typeinfo when an invalid typelib is given. (Pierre)
- Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak.
(Rasmus)
- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
Stachowiak. (Rasmus)
- Fixed certificate validation inside php_openssl_apply_verification_policy
(Ryan Sleevi, Ilia)
- Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery()
when calling using Reflection. (Felipe)
- Fixed crash when instantiating PDORow and PDOStatement through Reflection.
(Felipe)
- Fixed sanity check for the color index in imagecolortransparent. (Pierre)
- Fixed scandir/readdir when used mounted points on Windows. (Pierre)
- Fixed zlib.deflate compress filter to actually accept level parameter. (Jani)
- Fixed leak on error in popen/exec (and related functions) on Windows.
(Pierre)
- Fixed possible bad caching of symlinked directories in the realpath cache
on Windows. (Pierre)
- Fixed atime and mtime in stat related functions on Windows. (Pierre)
- Fixed spl_autoload_unregister/spl_autoload_functions wrt. Closures and
Functors. (Christian Seiler)
- Fixed open_basedir circumvention for "mail.log" ini directive.
(Maksymilian Arciemowicz, Stas)
- Fixed signature generation/validation for zip archives in ext/phar. (Greg)
- Fixed memory leak in stream_is_local(). (Felipe, Tony)
- Fixed BC break in mime_content_type(), removes the content encoding. (Scott)

- Changed ini file directives [PATH=](on Win32) and [HOST=](on all) to be case
insensitive (garretts)
- Restored shebang line check to CGI sapi (not checked by scanner anymore).
(Jani)

- Improve symbolic, mounted volume and junctions support for realpath on
Windows. (Pierre)
- Improved readlink on Windows, suppress \??\ and use the drive syntax only.
(Pierre)
- Improved dns_get_record() AAAA support on windows. Always available when
IPv6 is support is installed, format is now the same than on unix. (Pierre)
- Improved the DNS functions on OSX to use newer APIs, also use Bind 9 API
where available on other platforms. (Scott)
- Improved shared extension loading on OSX to use the standard Unix dlopen()
API. (Scott)

- Fixed bug #50063 (safe_mode_include_dir fails). (Johannes, christian at
elmerot dot se)
- Fixed bug #50052 (Different Hashes on Windows and Linux on wrong Salt size).
(Pierre)
- Fixed bug #49910 (no support for ././@LongLink for long filenames in phar
tar support). (Greg)
- Fixed bug #49908 (throwing exception in __autoload crashes when interface
is not defined). (Felipe)
- Fixed bug #49847 (exec() fails to return data inside 2nd parameter, given
output lines >4095 bytes). (Ilia)
- Fixed bug #49809 (time_sleep_until() is not available on OpenSolaris). (Jani)
- Fixed bug #49757 (long2ip() can return wrong value in a multi-threaded
applications). (Ilia, Florian Anderiasch)
- Fixed bug #49738 (calling mcrypt after mcrypt_generic_deinit crashes).
(Sriram Natarajan)
- Fixed bug #49732 (crashes when using fileinfo when timestamp conversion
fails). (Pierre)
- Fixed bug #49698 (Unexpected change in strnatcasecmp()). (Rasmus)
- Fixed bug #49630 (imap_listscan function missing). (Felipe)
- Fixed bug #49572 (use of C++ style comments causes build failure).
(Sriram Natarajan)
- Fixed bug #49531 (CURLOPT_INFILESIZE sometimes causes warning "CURLPROTO_FILE
cannot be set"). (Felipe)
- Fixed bug #49517 (cURL's CURLOPT_FILE prevents file from being deleted after
fclose). (Ilia)
- Fixed bug #49470 (FILTER_SANITIZE_EMAIL allows disallowed characters).
(Ilia)
- Fixed bug #49447 (php engine need to correctly check for socket API
return status on windows). (Sriram Natarajan)
- Fixed bug #49391 (ldap.c utilizing deprecated ldap_modify_s). (Ilia)
- Fixed bug #49361 (wordwrap() wraps incorrectly on end of line boundaries).
(Ilia, code-it at mail dot ru)
- Fixed bug #49372 (segfault in php_curl_option_curl). (Pierre)
- Fixed bug #49306 (inside pdo_mysql default socket settings are ignored).
(Ilia)
- Fixed bug #49289 (bcmath module doesn't compile with phpize configure).
(Jani)
- Fixed bug #49286 (php://input (php_stream_input_read) is broken). (Jani)
- Fixed bug #49269 (Ternary operator fails on Iterator object when used inside
foreach declaration). (Etienne, Dmitry)
- Fixed bug #49236 (Missing PHP_SUBST(PDO_MYSQL_SHARED_LIBADD)). (Jani)
- Fixed bug #49223 (Inconsistency using get_defined_constants). (Garrett)
- Fixed bug #49193 (gdJpegGetVersionString() inside gd_compact identifies
wrong type in declaration). (Ilia)
- Fixed bug #49183 (dns_get_record does not return NAPTR records). (Pierre)
- Fixed bug #49144 (Import of schema from different host transmits original
authentication details). (Dmitry)
- Fixed bug #49142 (crash when exception thrown from __tostring()).
(David Soria Parra)
- Fixed bug #49986 (Missing ICU DLLs on windows package). (Pierre)
- Fixed bug #49132 (posix_times returns false without error).
(phpbugs at gunnu dot us)
- Fixed bug #49125 (Error in dba_exists C code). (jdornan at stanford dot edu)
- Fixed bug #49122 (undefined reference to mysqlnd_stmt_next_result on compile
with --with-mysqli and MySQL 6.0). (Jani)
- Fixed bug #49108 (2nd scan_dir produces segfault). (Felipe)
- Fixed bug #49098 (mysqli segfault on error). (Rasmus)
- Fixed bug #49095 (proc_get_status['exitcode'] fails on win32). (Felipe)
- Fixed bug #49092 (ReflectionFunction fails to work with functions in fully
qualified namespaces). (Kalle, Jani)
- Fixed bug #49074 (private class static fields can be modified by using
reflection). (Jani)
- Fixed bug #49072 (feof never returns true for damaged file in zip). (Pierre)
- Fixed bug #49065 ("disable_functions" php.ini option does not work on
Zend extensions). (Stas)
- Fixed bug #49064 (--enable-session=shared does not work: undefined symbol:
php_url_scanner_reset_vars). (Jani)
- Fixed bug #49056 (parse_ini_file() regression in 5.3.0 when using non-ASCII
strings as option keys). (Jani)
- Fixed bug #49052 (context option headers freed too early when using
--with-curlwrappers). (Jani)
- Fixed bug #49047 (The function touch() fails on directories on Windows).
(Pierre)
- Fixed bug #49032 (SplFileObject::fscanf() variables passed by reference).
(Jani)
- Fixed bug #49027 (mysqli_options() doesn't work when using mysqlnd). (Andrey)
- Fixed bug #49026 (proc_open() can bypass safe_mode_protected_env_vars
restrictions). (Ilia)
- Fixed bug #49012 (phar tar signature algorithm reports as Unknown (0) in
getSignature() call). (Greg)
- Fixed bug #49020 (phar misinterprets ustar long filename standard).
(Greg)
- Fixed bug #49018 (phar tar stores long filenames wit prefix/name reversed).
(Greg)
- Fixed bug #49014 (dechunked filter broken when serving more than 8192 bytes
in a chunk). (andreas dot streichardt at globalpark dot com, Ilia)
- Fixed bug #49000 (PHP CLI in Interactive mode (php -a) crashes
when including files from function). (Stas)
- Fixed bug #48994 (zlib.output_compression does not output HTTP headers when
set to a string value). (Jani)
- Fixed bug #48980 (Crash when compiling with pdo_firebird). (Felipe)
- Fixed bug #48962 (cURL does not upload files with specified filename).
(Ilia)
- Fixed bug #48929 (Double \r\n after HTTP headers when "header" context
option is an array). (David Z端lke)
- Fixed bug #48913 (Too long error code strings in pdo_odbc driver).
(naf at altlinux dot ru, Felipe)
- Fixed bug #48912 (Namespace causes unexpected strict behaviour with
extract()). (Dmitry)
- Fixed bug #48909 (Segmentation fault in mysqli_stmt_execute()). (Andrey)
- Fixed bug #48899 (is_callable returns true even if method does not exist in
parent class). (Felipe)
- Fixed bug #48893 (Problems compiling with Curl). (Felipe)
- Fixed bug #48872 (string.c: errors: duplicate case values). (Kalle)
- Fixed bug #48854 (array_merge_recursive modifies arrays after first one).
(Felipe)
- Fixed bug #48805 (IPv6 socket transport is not working). (Ilia)
- Fixed bug #48802 (printf() returns incorrect outputted length). (Jani)
- Fixed bug #48880 (Random Appearing open_basedir problem). (Rasmus, Gwynne)
- Fixed bug #48791 (open office files always reported as corrupted). (Greg)
- Fixed bug #48788 (RecursiveDirectoryIterator doesn't descend into symlinked
directories). (Ilia)
- Fixed bug #48783 (make install will fail saying phar file exists). (Greg)
- Fixed bug #48774 (SIGSEGVs when using curl_copy_handle()).
(Sriram Natarajan)
- Fixed bug #48771 (rename() between volumes fails and reports no error on
Windows). (Pierre)
- Fixed bug #48768 (parse_ini_*() crash with INI_SCANNER_RAW). (Jani)
- Fixed bug #48763 (ZipArchive produces corrupt archive). (dani dot church at
gmail dot com, Pierre)
- Fixed bug #48762 (IPv6 address filter still rejects valid address). (Felipe)
- Fixed bug #48757 (ReflectionFunction::invoke() parameter issues). (Kalle)
- Fixed bug #48754 (mysql_close() crash php when no handle specified).
(Johannes, Andrey)
- Fixed bug #48752 (Crash during date parsing with invalid date). (Pierre)
- Fixed bug #48746 (Unable to browse directories within Junction Points).
(Pierre, Kanwaljeet Singla)
- Fixed bug #48745 (mysqlnd: mysql_num_fields returns wrong column count for
mysql_list_fields). (Andrey)
- Fixed bug #48740 (PHAR install fails when INSTALL_ROOT is not the final
install location). (james dot cohen at digitalwindow dot com, Greg)
- Fixed bug #48733 (CURLOPT_WRITEHEADER|CURLOPT_FILE|CURLOPT_STDERR warns on
files that have been opened with r+). (Ilia)
- Fixed bug #48719 (parse_ini_*(): scanner_mode parameter is not checked for
sanity). (Jani)
- Fixed bug #48718 (FILTER_VALIDATE_EMAIL does not allow numbers in domain
components). (Ilia)
- Fixed bug #48681 (openssl signature verification for tar archives broken).
(Greg)
- Fixed bug #48660 (parse_ini_*(): dollar sign as last character of value
fails). (Jani)
- Fixed bug #48645 (mb_convert_encoding() doesn't understand hexadecimal
html-entities). (Moriyoshi)
- Fixed bug #48637 ("file" fopen wrapper is overwritten when using
--with-curlwrappers). (Jani)
- Fixed bug #48608 (Invalid libreadline version not detected during configure).
(Jani)
- Fixed bug #48400 (imap crashes when closing stream opened with
OP_PROTOTYPE flag). (Jani)
- Fixed bug #48377 (error message unclear on converting phar with existing
file). (Greg)
- Fixed bug #48247 (Infinite loop and possible crash during startup with
errors when errors are logged). (Jani)
- Fixed bug #48198 error: 'MYSQLND_LLU_SPEC' undeclared. Cause for #48780 and
#46952 - both fixed too. (Andrey)
- Fixed bug #48189 (ibase_execute error in return param). (Kalle)
- Fixed bug #48182 (ssl handshake fails during asynchronous socket connection).
(Sriram Natarajan)
- Fixed bug #48116 (Fixed build with Openssl 1.0). (Pierre,
Al dot Smith at aeschi dot ch dot eu dot org)
- Fixed bug #48057 (Only the date fields of the first row are fetched, others
are empty). (info at programmiernutte dot net)
- Fixed bug #47481 (natcasesort() does not sort extended ASCII characters
correctly). (Herman Radtke)
- Fixed bug #47351 (Memory leak in DateTime). (Derick, Tobias John)
- Fixed bug #47273 (Encoding bug in SoapServer->fault). (Dmitry)
- Fixed bug #46682 (touch() afield returns different values on windows).
(Pierre)
- Fixed bug #46614 (Extended MySQLi class gives incorrect empty() result).
(Andrey)
- Fixed bug #46020 (with Sun Java System Web Server 7.0 on HPUX, #define HPUX).
(Uwe Schindler)
- Fixed bug #45905 (imagefilledrectangle() clipping error).
(markril at hotmail dot com, Pierre)
- Fixed bug #45554 (Inconsistent behavior of the u format char). (Derick)
- Fixed bug #45141 (setcookie will output expires years of >4 digits). (Ilia)
- Fixed bug #44683 (popen crashes when an invalid mode is passed). (Pierre)
- Fixed bug #43510 (stream_get_meta_data() does not return same mode as used
in fopen). (Jani)
- Fixed bug #42434 (ImageLine w/ antialias = 1px shorter). (wojjie at gmail dot
com, Kalle)
- Fixed bug #40013 (php_uname() does not return nodename on Netware (Guenter
Knauf)
- Fixed bug #38091 (Mail() does not use FQDN when sending SMTP helo).
(Kalle, Rick Yorgason)
- Fixed bug #28038 (Sent incorrect RCPT TO commands to SMTP server) (Garrett)
- Fixed bug #27051 (Impersonation with FastCGI does not exec process as
impersonated user). (Pierre)
- Fixed PECL bug #16842 (oci_error return false when NO_DATA_FOUND is raised).
(Chris Jones)

----
こがよういちろう


投稿者 xml-rpc : 2009年11月20日 10:50
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/90679
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。