升级的具体细节如下:
1、PHP 5.3.7在安全方面的改进和修复:
●Updated crypt_blowfish to 1.2. (CVE-2011-2483)
●Fixed crash in error_log(). Reported by Mateusz Kocielski
●Fixed buffer overflow on overlog salt in crypt().
●Fixed bug #54939 (File path injection vulnerability in RFC1867 File upload filename). Reported by Krzysztof Kotowicz. (CVE-2011-2202)
●Fixed stack buffer overflow in socket_connect(). (CVE-2011-1938)
●Fixed bug #54238 (use-after-free in substr_replace()). (CVE-2011-1148)
2、PHP 5.3.7的主要改进:
●Upgraded bundled Sqlite3 to version 3.7.7.1
●Upgraded bundled PCRE to version 8.12
●Fixed bug #54910 (Crash when calling call_user_func with unknown function name)
●Fixed bug #54585 (track_errors causes segfault)
●Fixed bug #54262 (Crash when assigning value to a dimension in a non-array)
●Fixed a crash inside dtor for error handling
●Fixed bug #55339 (Segfault with allow_call_time_pass_reference = Off)
●Fixed bug #54935 php_win_err can lead to crash
●Fixed bug #54332 (Crash in zend_mm_check_ptr // Heap corruption)
●Fixed bug #54305 (Crash in gc_remove_zval_from_buffer)
●Fixed bug #54580 (get_browser() segmentation fault when browscap ini directive is set through php_admin_value)
●Fixed bug #54529 (SAPI crashes on apache_config.c:197)
●Fixed bug #54283 (new DatePeriod(NULL) causes crash).
●Fixed bug #54269 (Short exception message buffer causes crash)
●Fixed Bug #54221 (mysqli::get_warnings segfault when used in multi queries)
●Fixed bug #54395 (Phar::mount() crashes when calling with wrong parameters)
●Fixed bug #54384 (Dual iterators, GlobIterator, SplFileObject and SplTempFileObject crash when user-space classes don't call the parent constructor)
●Fixed bug #54292 (Wrong parameter causes crash in SplFileObject::__construct())
●Fixed bug #54291 (Crash iterating DirectoryIterator for dir name starting with \0)
●Fixed bug #54281 (Crash in non-initialized RecursiveIteratorIterator)
●Fixed bug #54623 (Segfault when writing to a persistent socket after closing a copy of the socket)
●Fixed bug #54681 (addGlob() crashes on invalid flags)
●Over 80 other bug fixes.
关于PHP (来自维基百科)
PHP(PHP:Hypertext Preprocessor)是一种在电脑上运行的脚本语言,主要用途是在于处理动态网页,也包含了命令行运行接口(command line interface),或者产生图形用户界面(GUI)程序。
PHP最早由拉斯姆斯·勒多夫在1995年发明,而现在PHP的标准由PHP Group和开放源代码社区维护。PHP以PHP License作为许可协议,不过因为这个协议限制了PHP名称的使用,所以和开放源代码许可协议GPL不兼容。
PHP的应用范围相当广泛,尤其是在网页程序的开发上。一般来说PHP大多运行在网页服务器上,通过运行PHP代码来产生用户浏览的网页。PHP可以在多数的服务器和操作系统上运行,而且使用PHP完全是免费的。根据2007年4月的统计数据,PHP已经被安装在超过2000万个网站和100万台服务器上。