该版本主要在安全方面进行了改进,同时修复了一些bug:
- Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus)
- Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus)
- Added "max_file_uploads" INI directive, which can be set to limit
the number of file uploads per-request to 20 by default, to prevent
possible DOS via temporary file exhaustion, identified by Bogdan Calin.
(CVE-2009-4017, Ilia)
- Added protection for $_SESSION from interrupt corruption and
improved "session.save_path" check, identified by Stefan Esser.
(CVE-2009-4143, Stas)
- Fixed bug #49785 (insufficient input string validation of
htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)
下载PHP 5.2.12
