|
Ä¿ÇÇÇâÀÌ ³ª´Â *NIX
Ä¿ÇǴнº
½Ã½ºÅÛ/³×Æ®¿÷/º¸¾ÈÀ» ´Ù·ç´Â °÷
|
|
|
|
ÀÌÀü ÁÖÁ¦ º¸±â :: ´ÙÀ½ ÁÖÁ¦ º¸±â |
±Û¾´ÀÌ |
¸Þ½ÃÁö |
truefeel Ä«Æä °ü¸®ÀÚ
°¡ÀÔ: 2003³â 7¿ù 24ÀÏ ¿Ã¸° ±Û: 1277 À§Ä¡: ´ëÇѹα¹
|
¿Ã·ÁÁü: 2012.1.11 ¼ö, 3:39 pm ÁÖÁ¦: PHP 5.3.9 Released(HashDoS ¹®Á¦ ÇØ°á ¹öÀü) |
|
|
hash table Ãæµ¹À» ÀÌ¿ëÇÑ DoS °ø°Ý(Àϸí HashDoS)À» ÇØ°áÇÑ PHP 5.3.9¹öÀüÀÌ ³ª¿Ô½À´Ï´Ù.
- php 5.3.8 Æ÷ÇÔÇÏ¿© ÀÌÀü ¹öÀü »ç¿ëÁß : ÇÊÈ÷ ¾÷±×·¹À̵å ÇÒ °Í
- php 5.3.9 RC ¶Ç´Â 5.4.0 RC4~RC5 »ç¿ëÁß : Àӽà ¾÷±×·¹À̵åÇϼ̴ø ºÐÀº ÇÊ¿äÇϸé Á¤½Ä ¹öÀüÀ» Àû¿ëÇصµ µÇ°Ú³×¿ä.
Âü°í·Î php.iniÀÇ max_input_vars default°ªÀº 1000ÀÔ´Ï´Ù.
http://www.php.net/index.php#id2012-01-11-1
Àοë: |
The PHP development team would like to announce the immediate availability of PHP 5.3.9. This release focuses on improving the stability of the PHP 5.3.x branch with over 90 bug fixes, some of which are security related.
Security Enhancements and Fixes in PHP 5.3.9:
* Added max_input_vars directive to prevent attacks based on hash collisions. (CVE-2011-4885)
* Fixed bug #60150 (Integer overflow during the parsing of invalid exif header). (CVE-2011-4566)
|
* HashDoS °ü·Ã ±Û
- php¿¡¼ hash table DoS(HashDoS) °ø°Ý ¹æ¾î ( 2012.1.4, ±Û ÁÁÀºÁøÈ£ )
- À¥¼¹ö hash table DoS(HashDoS) °ø°Ý (Áß¿ä. PHP, ASP µî ÇØ´ç) ( 2012.1.2, ±Û ÁÁÀºÁøÈ£ ) |
|
À§·Î |
|
|
|
|
»õ·Î¿î ÁÖÁ¦¸¦ ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù ´ä±ÛÀ» ¿Ã¸± ¼ö ÀÖ½À´Ï´Ù ÁÖÁ¦¸¦ ¼öÁ¤ÇÒ ¼ö ¾ø½À´Ï´Ù ¿Ã¸° ±ÛÀ» »èÁ¦ÇÒ ¼ö ¾ø½À´Ï´Ù ÅõÇ¥¸¦ ÇÒ ¼ö ¾ø½À´Ï´Ù
|
Powered by phpBB © 2001, 2005 phpBB Group
|