bjori           Wed May 23 11:32:59 2007 UTC

  Modified files:              (Branch: PHP_4_4)
    /php-src    NEWS php.ini-recommended php.ini-dist 
  Log:
  note on max_input_nesting_level
  
http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.1247.2.920.2.228&r2=1.1247.2.920.2.229&diff_format=u
Index: php-src/NEWS
diff -u php-src/NEWS:1.1247.2.920.2.228 php-src/NEWS:1.1247.2.920.2.229
--- php-src/NEWS:1.1247.2.920.2.228     Wed May 16 22:54:11 2007
+++ php-src/NEWS        Wed May 23 11:32:59 2007
@@ -1,6 +1,8 @@
 PHP 4                                                                      NEWS
 |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
 ?? ??? 2007, Version 4.4.8
+- Limit nesting level of input variables with max_input_nesting_level
+  as fix for MOPB-03-2007. (Stas)
 - Fixed bug #38798 (OpenSSL init corrected in php5 but not in php4). (Tony)
        
 04 May 2007, Version 4.4.7
http://cvs.php.net/viewvc.cgi/php-src/php.ini-recommended?r1=1.119.2.25.2.3&r2=1.119.2.25.2.4&diff_format=u
Index: php-src/php.ini-recommended
diff -u php-src/php.ini-recommended:1.119.2.25.2.3 
php-src/php.ini-recommended:1.119.2.25.2.4
--- php-src/php.ini-recommended:1.119.2.25.2.3  Fri Dec 30 17:19:43 2005
+++ php-src/php.ini-recommended Wed May 23 11:32:59 2007
@@ -243,6 +243,7 @@
 
 max_execution_time = 30     ; Maximum execution time of each script, in seconds
 max_input_time = 60    ; Maximum amount of time each script may spend parsing 
request data
+;max_input_nesting_level = 500 ; Maximum input variable nesting level
 memory_limit = 8M      ; Maximum amount of memory a script may consume (8MB)
 
 
http://cvs.php.net/viewvc.cgi/php-src/php.ini-dist?r1=1.171.2.28.2.3&r2=1.171.2.28.2.4&diff_format=u
Index: php-src/php.ini-dist
diff -u php-src/php.ini-dist:1.171.2.28.2.3 php-src/php.ini-dist:1.171.2.28.2.4
--- php-src/php.ini-dist:1.171.2.28.2.3 Fri Dec 30 17:19:43 2005
+++ php-src/php.ini-dist        Wed May 23 11:32:59 2007
@@ -229,6 +229,7 @@
 
 max_execution_time = 30     ; Maximum execution time of each script, in seconds
 max_input_time = 60    ; Maximum amount of time each script may spend parsing 
request data
+;max_input_nesting_level = 500 ; Maximum input variable nesting level
 memory_limit = 8M      ; Maximum amount of memory a script may consume (8MB)
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;

-- 
PHP CVS Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to