-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2010-11845 2010-08-03 00:04:09 --------------------------------------------------------------------------------
Name : php-suhosin Product : Fedora 13 Version : 0.9.32.1 Release : 1.fc13 URL : http://www.hardened-php.net/suhosin/ Summary : Suhosin is an advanced protection system for PHP installations Description : Suhosin is an advanced protection system for PHP installations. It was designed to protect servers and users from known and unknown flaws in PHP applications and the PHP core. -------------------------------------------------------------------------------- Update Information: Update to version 0.9.32.1 - Fixed missing header file resulting in compile errors - Added support for memory_limit > 2GB - Fixed missing header file resulting in wrong php_combined_lcg() prototype being used - Improved random number seed generation more by adding /dev/urandom juice - Fix ZTS build of session.c - Increased session identifier entropy by using /dev/urandom if available - Added line ending characters 0a and 0d to the list of dangerous characters handled by suhosin.server.encode and suhosin.server.strip - Fixed crash bug with PHP 5.3.x and session module (due to changed session globals struct) - Added ! protection to PHP session serializer - Fixed simulation mode now also affects (dis)allowed functions - Fixed missing return (1); in random number generator replacements - Fixed random number generator replacement error case behaviour in PHP 5.3.x - Fixed error case handling in function_exists() PHP 5.3.x - Merged changes/fixes in import_request_variables()/extract() from upstream PHP - Fixed suhosin_header_handler to be PHP 5.3.x compatible - Merge fixes and new features of PHP's file upload code to suhosin -------------------------------------------------------------------------------- ChangeLog: * Sat Jul 31 2010 Bart Vanbrabant <[email protected]> - 0.9.32.1-1 Update to version 0.9.32.1 - Fixed missing header file resulting in compile errors - Added support for memory_limit > 2GB - Fixed missing header file resulting in wrong php_combined_lcg() prototype being used - Improved random number seed generation more by adding /dev/urandom juice - Fix ZTS build of session.c - Increased session identifier entropy by using /dev/urandom if available - Added line ending characters 0a and 0d to the list of dangerous characters handled by suhosin.server.encode and suhosin.server.strip - Fixed crash bug with PHP 5.3.x and session module (due to changed session globals struct) - Added ! protection to PHP session serializer - Fixed simulation mode now also affects (dis)allowed functions - Fixed missing return (1); in random number generator replacements - Fixed random number generator replacement error case behaviour in PHP 5.3.x - Fixed error case handling in function_exists() PHP 5.3.x - Merged changes/fixes in import_request_variables()/extract() from upstream PHP - Fixed suhosin_header_handler to be PHP 5.3.x compatible - Merge fixes and new features of PHP's file upload code to suhosin -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php-suhosin' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/package-announce
