This evening all Mr.Host web servers have been upgraded to PHP 5.3.1
Security Enhancements and Fixes in PHP 5.3.1:
- Added “max_file_uploads” INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion.
- Added missing sanity checks around exif processing.
- Fixed a safe_mode bypass in tempnam().
- Fixed a open_basedir bypass in posix_mkfifo().
- Fixed failing safe_mode_include_dir.
Further details about the PHP 5.3.1 release can be found in theĀ release announcement, and the full list of changes are available in theĀ ChangeLog.