2009年12月18日

[installer 2180] PHP 5.2.12

PHP 5.2.12 出ています。

http://www.php.net/archive/2009.php#id2009-12-17-1 によると:

Security Enhancements and Fixes in PHP 5.2.12:

o Fixed a safe_mode bypass in tempnam() identified by Grzegorz
Stachowiak. (CVE-2009-3557, Rasmus)

o Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
Stachowiak. (CVE-2009-3558, Rasmus)
o Added "max_file_uploads" INI directive, which can be set to limit
the number of file uploads per-request to 20 by default, to prevent
possible DOS via temporary file exhaustion, identified by Bogdan
Calin. (CVE-2009-4017, Ilia)
o Added protection for $_SESSION from interrupt corruption and
improved "session.save_path" check, identified by Stefan
Esser. (CVE-2009-4143, Stas)
o Fixed bug #49785 (insufficient input string validation of
htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot
com)

ということで、複数のセキュリティホールの修正が含まれています。

☆ PHP 5.2.12
http://www.php.net/
http://www.php.net/downloads.php#v5
http://www.php.net/distributions/php-5.2.12.tar.gz
http://static.php.net/www.php.net/distributions/php-5.2.12.tar.gz

17 Dec 2009, PHP 5.2.12

- Added LIBXML_PARSEHUGE constant to overrides the maximum text size of a
single text node when using libxml2.7.3+. (Kalle)
- Added protection for $_SESSION from interrupt corruption and improved
"session.save_path" check. (Stas)
- Added "max_file_uploads" INI directive, which can be set to limit the
number of file uploads per-request to 20 by default, to prevent possible
DOS via temporary file exhaustion. (Ilia)

- Improved fix for bug #50006 (Segfault caused by uksort()). (Stas)
- Fixed error_log() to be binary safe when using message_type 3. (Jani)
- Fixed unnecessary invocation of setitimer when timeouts have been disabled.
(Arvind Srinivasan)
- Fixed crash in com_print_typeinfo when an invalid typelib is given.
(Pierre)
- Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak.
(Rasmus)
- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz
Stachowiak. (Rasmus)
- Fixed crash in SQLiteDatabase::ArrayQuery() and SQLiteDatabase::SingleQuery()
when calling using Reflection. (Felipe)
- Fixed crash when instantiating PDORow and PDOStatement through Reflection.
(Felipe)
- Fixed memory leak in openssl_pkcs12_export_to_file(). (Felipe)

- Updated timezone database to version 2009.19 (2009s). (Derick)

- Changed "post_max_size" php.ini directive to allow unlimited post size by
setting it to 0. (Rasmus)

- Fixed bug #50445 (PDO-ODBC stored procedure call from Solaris 64-bit causes
segfault). (davbrown4 at yahoo dot com, Felipe)
- Fixed bug #50345 (nanosleep not detected properly on some solaris versions).
(Jani)
- Fixed bug #50323 (Allow use of ; in values via ;; in PDO DSN).
(Ilia, Pierrick)
- Fixed bug #50285 (xmlrpc does not preserve keys in encoded indexed arrays).
(Felipe)
- Fixed bug #50282 (xmlrpc_encode_request() changes object into array in
calling function). (Felipe)
- Fixed bug #50266 (conflicting types for llabs). (Jani)
- Fixed bug #50255 (isset() and empty() silently casts array to object).
(Felipe)
- Fixed bug #50219 (soap call Segmentation fault on a redirected url).
(Pierrick)
- Fixed bug #50209 (Compiling with libedit cannot find readline.h).
(tcallawa at redhat dot com)
- Fixed bug #50207 (segmentation fault when concatenating very large strings
on 64bit linux). (Ilia)
- Fixed bug #50195 (pg_copy_to() fails when table name contains schema. (Ilia)
- Fixed bug #50185 (ldap_get_entries() return false instead of an empty array
when there is no error). (Jani)
- Fixed bug #50174 (Incorrectly matched docComment). (Felipe)
- Fixed bug #50168 (FastCGI fails with wrong error on HEAD request to
non-existent file). (Dmitry)
- Fixed bug #50162 (Memory leak when fetching timestamp column from Oracle
database). (Felipe)
- Fixed bug #50158 (FILTER_VALIDATE_EMAIL fails with valid addresses
containing = or ?). (Pierrick)
- Fixed bug #50073 (parse_url() incorrect when ? in fragment). (Ilia)
- Fixed bug #50006 (Segfault caused by uksort()). (Felipe)
- Fixed bug #50005 (Throwing through Reflection modified Exception object makes
segmentation fault). (Felipe)
- Fixed bug #49990 (SNMP3 warning message about security level printed twice).
(Jani)
- Fixed bug #49985 (pdo_pgsql prepare() re-use previous aborted transaction).
(ben dot pineau at gmail dot com, Ilia, Matteo)
- Fixed bug #49972 (AppendIterator undefined function crash). (Johannes)
- Fixed bug #49921 (Curl post upload functions changed). (Ilia)
- Fixed bug #49855 (import_request_variables() always returns NULL).
(Ilia, sjoerd at php dot net)
- Fixed bug #49847 (exec() fails to return data inside 2nd parameter, given
output lines >4095 bytes). (Ilia)
- Fixed bug #49809 (time_sleep_until() is not available on OpenSolaris). (Jani)
- Fixed bug #49785 (insufficient input string validation of htmlspecialchars()).
(Moriyoshi, hello at iwamot dot com)
- Fixed bug #49757 (long2ip() can return wrong value in a multi-threaded
applications). (Ilia, Florian Anderiasch)
- Fixed bug #49738 (calling mcrypt() after mcrypt_generic_deinit() crashes).
(Sriram Natarajan)
- Fixed bug #49719 (ReflectionClass::hasProperty returns true for a private
property in base class). (Felipe)
- Fixed bug #49698 (Unexpected change in strnatcasecmp()). (Rasmus)
- Fixed bug #49677 (ini parser crashes with apache2 and using ${something} ini
variables). (Jani)
- Fixed bug #49660 (libxml 2.7.3+ limits text nodes to 10MB). (Felipe)
- Fixed bug #49647 (DOMUserData does not exist). (Rob)
- Fixed bug #49630 (imap_listscan() function missing). (Felipe)
- Fixed bug #49627 (error_log to specified file does not log time according to
date.timezone). (Dmitry)
- Fixed bug #49578 (make install-pear fails). (Hannes)
- Fixed bug #49536 (mb_detect_encoding() returns incorrect results when
mbstring.strict_mode is turned on). (Moriyoshi)
- Fixed bug #49531 (CURLOPT_INFILESIZE sometimes causes warning "CURLPROTO_FILE
cannot be set"). (Felipe)
- Fixed bug #49528 (UTF-16 strings prefixed by BOMs wrongly converted).
(Moriyoshi)
- Fixed bug #49521 (PDO fetchObject sets values before calling constructor).
(Pierrick)
- Fixed bug #49517 (cURL's CURLOPT_FILE prevents file from being deleted after
fclose()). (Ilia)
- Fixed bug #49472 (Constants defined in Interfaces can be overridden).
(Felipe)
- Fixed bug #49354 (mb_strcut() cuts wrong length when offset is in the middle
of a multibyte character). (Moriyoshi)
- Fixed bug #49332 (Build error with Snow Leopard). (Scott)
- Fixed bug #49244 (Floating point NaN cause garbage characters). (Sjoerd)
- Fixed bug #49174 (crash when extending PDOStatement and trying to set
queryString property). (Felipe)
- Fixed bug #49098 (mysqli segfault on error). (Rasmus)
- Fixed bug #48805 (IPv6 socket transport is not working). (Ilia)
- Fixed bug #48764 (PDO_pgsql::query() always uses implicit prepared statements
if v3 proto available). (Matteo, Mark Kirkwood)
- Fixed bug #47848 (importNode doesn't preserve attribute namespaces). (Rob)
- Fixed bug #45120 (PDOStatement->execute() returns true then false for same
statement). (Pierrick)
- Fixed bug #34852 (Failure in odbc_exec() using oracle-supplied odbc driver).
(tim dot tassonis at trivadis dot com)

----
こがよういちろう


投稿者 xml-rpc : 2009年12月18日 14:41
役に立ちました?:
過去のフィードバック 平均:(0) 総合:(0) 投票回数:(0)
本記事へのTrackback: http://hoop.euqset.org/blog/mt-tb2006.cgi/91527
トラックバック
コメント
コメントする




画像の中に見える文字を入力してください。