The PHP development team would like to announce the immediate availability of PHP 5.3.1.
This release focuses on improving the stability of the PHP 5.3.x branch with over 100 bug fixes, some of which are security related. All users of PHP are encouraged to upgrade to this release.
Security Enhancements and Fixes in PHP 5.3.1:
- Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.
- Added missing sanity checks around exif processing.
- Fixed a safe_mode bypass in tempnam().
- Fixed a open_basedir bypass in posix_mkfifo().
- Fixed failing safe_mode_include_dir.
註: 本文轉載自網路 非原創
轉載自 PHP 原文