Some vulnerabilities were discovered and corrected in php-5.3.1: - Added max_file_uploads INI directive, which can be set to limit the number of file uploads per-request to 20 by default, to prevent possible DOS via temporary file exhaustion. - Added missing sanity checks around exif processing. - Fixed a safe_mode bypass in tempnam identified by Grzegorz Stachowiak. - Fixed a open_basedir bypa ...