PHP5.3.9前时区功能内存泄漏允许远程攻击者触发多字符串函数调用拒绝服务(模拟耗用),而php_date_parse_tzfile缓存处理不当
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00013.html
http://lists.opensuse.org/opensuse-security-announce/2012-03/msg00016.html
https://bugs.php.net/bug.php?id=53502
https://bugzilla.redhat.com/show_bug.cgi?id=783609