PHP 5.3.9 - 修补重大Hash冲突漏洞
PHP 5.3.9正式版发布了。
此次更新修复了诸多BUG,如Hash冲突漏洞,对于5.3.8的用户,要速度更新。
Security Enhancements and Fixes in PHP 5.3.9:
Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885) (HASH冲突问题)
Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566)
Key enhancements in PHP 5.3.9 include:
Fixed bug #55475 (is_a() triggers autoloader, new optional 3rd argument to is_a and is_subclass_of).
Fixed bug #55609 (mysqlnd cannot be built shared)
Many changes to the FPM SAPI module
Hash冲突漏洞:https://www.webshell.cc/2488.html
转载请注明来自WebShell'S Blog,本文地址:https://www.webshell.cc/2490.html