PHP v4.4.7

本软件下载地址未录入，如想要软件请评论，我们会补上！

PHP 是一种 CGI 程序编写语言,易学易用,运行速度快,可以方便快捷地编写出功能强大,运行速度快,并可同时运行于 Windows、Unix、Linux 平台的Web后台程序,内置了对文件上传、密码认证、Cookies 操作、邮件收发、动态 GIF 生成等功能,PHP 直接为很多数据库提供原本的连接,包括Oracle、Sybase、Postgres、MySQL、Dbase、Solid、 Access 等,完全支持ODBC接口,用户更换平台时,无需变换 PHP 代码,可即拿即用.

Security Enhancements and Fixes in PHP 4.4.7:

• Fixed CVE-2007-1001, GD wbmp used with invalid image size (by Ivan Fratric)
  
• Fixed asciiz byte truncation inside mail() (MOPB-33 by Stefan Esser)
  
• Fixed a bug in mb_parse_str() that can be used to activate register_globals (MOPB-26 by Stefan Esser)
  
• Fixed unallocated memory access/double free in in array_user_key_compare() (MOPB-24 by Stefan Esser)
  
• Fixed a double free inside session_regenerate_id() (MOPB-22 by Stefan Esser)
  
• Added missin>
  g open_basedir & safe_mode checks to zip:// and bzip:// wrappers. (MOPB-21 by Stefan Esser).
  
• Limit nesting level of input variables with max_input_nesting_level as fix for (MOPB-03 by Stefan Esser)
  
• XSS in phpinfo() (MOPB-8 by Stefan Esser)
  
• Fixed CRLF injection inside FTP_putcmd(). (by loveshell[at]Bug.Center.Team)
  
• Fixed a possible super-global overwrite inside import_request_variables(). (by Stefano Di Paola, Stefan Esser)
  
• Fixed a remotely trigger-able buffer overflow inside bundled libxmlrpc library. (by Stanislav Malyshev)

While majority of the issues outlined above are local, few issues such as the XML-RPC overflows can be triggered remotely and therefor should be considered critical. If you use the XML-RPC extension consider upgrading as soon as possible.

Other improvements of PHP 4.4.7 include:

• About 10 bug fixes.

For a full list of changes in PHP 4.4.7, see the ChangeLog.