Hopefully this release will be enough bug-free that I don't need to make
v1.2 releases for next few months.
* maildir: When saving, filenames now always contain ,S=
Previously this was done only when quota plugin was loaded. It's
required for zlib plugin and may be useful for other things too.
+ lazy-expunge: Support a single-namespace configuration. If a mailbox
is deleted, its messages are merged with its old expunged messages
(if there were any).
+ expire: Settings now support spaces in mailbox names by using
- maildir: v1.2.7 and v1.2.8 caused assert-crashes in
- maildir_copy_preserve_filename=yes could have caused crashes.
- Maildir++ quota: % limits weren't updated when limits were read
- virtual: v1.2.8 didn't fully fix the "lots of mailboxes" bug
- virtual: Fixed updating virtual mailbox based on flag changes.
- fts-squat: Fixed searching multi-byte characters.
--- php.ini-dist-5211 2009-02-14 01:55:18.000000000 +0900
+++ php.ini-dist-5212 2009-11-05 22:29:34.000000000 +0900
@@ -552,6 +552,9 @@
upload_max_filesize = 2M
+; Maximum number of files that can be uploaded via a single request
+max_file_uploads = 20
; Fopen wrappers ;
Security Enhancements and Fixes in PHP 5.2.12:
* Fixed a safe_mode bypass in tempnam() identified by Grzegorz Stachowiak. (CVE-2009-3557, Rasmus)
* Fixed a open_basedir bypass in posix_mkfifo() identified by Grzegorz Stachowiak. (CVE-2009-3558, Rasmus)
* Added "max_file_uploads" INI directive, which can be set to limit the number of file uploads
per-request to 20 by default, to prevent possible DOS via temporary file exhaustion,
identified by Bogdan Calin. (CVE-2009-4017, Ilia)
* Added protection for $_SESSION from interrupt corruption and improved "session.save_path"
check, identified by Stefan Esser. (CVE-2009-4143, Stas)
* Fixed bug #49785 (insufficient input string validation of htmlspecialchars()). (CVE-2009-4142, Moriyoshi, hello at iwamot dot com)
・詳細はphpサイトの ChangeLog を参照して下さい