Path to this page:
Subject: CVS commit: wip/php-suhosin
From: Christian Gall
Date: 2007-03-05 02:59:41
Message id: E1HO2UW-00018E-MS@sc8-pr-cvs1.sourceforge.net
Log Message:
* Update to suhosin-0.9.17
Changelog:
2007.03.04: Version 0.9.17
* Added a suhosin.ini example configuration. Thanks to Mandriva Linux for \
supplying us with one
* Added new logging device: file
* Fixed that suhosin.filter.action did not affect POST limits
* Fixed behaviour of request variable limit to be an upper limit
* for the other settings instead of being additive limit
* Fixed hard_memory_limit bypass due to casting bug in PHP. Problem was \
found by: Ilia Alshanetsky
* Fixed some sql prefix/postfix problems
* Added experimental SQL injection heuristic
2006.12.02: Version 0.9.16
* Added suhosin.stealth which controls if suhosin loads in stealth mode when \
it is not the only zend_extension (Required for full compatibility with certain \
encoders that consider open source untrusted. e.g. ionCube, Zend)
* Activate suhosin.stealth by default
* Fixed that Suhosin tries handling functions disabled by disable_function. \
In v0.9.15 it was impossible to disable phpinfo() with disable_function. Problem \
was found by: Thorsten Schifferdecker
2006.11.28: Version 0.9.15
* Added a transparent protection for open phpinfo() pages by adding an HTML \
META ROBOTS tag to the output that forbids indexing and archiving
Files: