PHP 5.5.20 发布,该版本修复了一些 bug 以及反序列化相关的 CVE 安全漏洞。建议所有 PHP 5.5 的用户尽快升级。 详细的改进记录包括: Core: Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks). Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly triggered). Fixed bug #68370 ("unset($this)" can make the program crash). Fixed bug #68545 (NULL pointer dereference in unserialize.c). Fixed bug #68594 (Use after free vulnerability in unserialize())(CVE-2014-8142). Date: Fixed day_of_week function as it could sometimes return negative values internally. FPM: Fixed bug #68381 (fpm_unix_init_main ignores log_level). Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all addresses). Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). Fixed bug #68423 (PHP-FPM will no longer load all pools). Fixed bug #68428 (listen.allowed_clients is IPv4 only). Fixed bug #68452 (php-fpm man page is oudated). Fixed bug #68458 (Change pm.start_servers default warning to notice). Fixed bug #68463 (listen.allowed_clients can silently result in no allowed access). Fixed bug #68391 (php-fpm conf files loading order). Fixed bug #68478 (access.log don't use prefix). Mcrypt: Fixed possible read after end of buffer and use after free. PDO_pgsql: Fixed bug #66584 (Segmentation fault on statement deallocation). Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception when not in transaction). Fixed bug #68351 (PDO:ARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving). zlib: Fixed bug #53829 (Compiling PHP with large file support will replace function gzopen by gzopen64). PHP 5.5.20 发布,建议 5.5 的用户尽快升级下载地址
