php 是一种新型的 CGI 程序编写语言,易学易用,运行速度快,可以方便快捷地编写出功能强
大,运行速度快,
并可同时运行于 Windows、Unix、linux 平台的 Web 后台程序, 内置了对文件
上传、密码认证、Cookies 操作、邮件收发、动态 GIF 生成等功能,PHP 直接为很多数据库提供
原本的连接,包括 Oracle、Sybase、Postgres、MySQL、Informix、Dbase、Solid
、access 等,完全支
持 ODBC 接口,用户更换平台时,无需变换 PHP 代码,可即拿即用.
http://cn.php.net/distributions/php-5.2.12.tar.bz2 (源码)
http://cn.php.net/distributions/php-5.2.12-Win32.zip (win 二进制包)
查看 ChangeLog: http://www.php.net/ChangeLog-5.php#5.2.12
Security Enhancements and Fixes in PHP 5.2.12:
Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557,
Rasmus)
Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-
3558, Rasmus)
Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-
request to 20 by default, to PRevent possible DOS via temporary file exhaustion, identified by
Bogdan Calin. (CVE-2009-4017, Ilia)
Added protection for $_session from interrupt corruption and improved "session.save_path"
check, identified by Stefan Esser. (CVE-2009-4143, Stas)
Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142,
Moriyoshi, hello at iwamot dot com)
-
资料引用:http://www.knowsky.com/540861.html