On 3-6-2010 22:54, Jan Wagner wrote:
On Friday 07 May 2010, Olaf van der Spek wrote:
Suhosin is now installed and enabled by default. So "1. if anybody
installes a php security module, the documentation should be read" no
longer applies.
php5-suhosin is actually installed cause of 3 reasons:
On 3-6-2010 22:54, Jan Wagner wrote:
On Friday 07 May 2010, Olaf van der Spek wrote:
Suhosin is now installed and enabled by default. So "1. if anybody
installes a php security module, the documentation should be read" no
longer applies.
php5-suhosin is actually installed cause of 3 reasons:
severity 521198 important
tags 521198 + wontfix
thanks
On Friday 07 May 2010, Olaf van der Spek wrote:
> Suhosin is now installed and enabled by default. So "1. if anybody
> installes a php security module, the documentation should be read" no
> longer applies.
php5-suhosin is actually installed
Some normal forums requests fail as well using the default settings:
May 7 15:47:39 xwis suhosin[9772]: ALERT - configured request variable
name length limit exceeded - dropped variable
'/topic/162190-tiberian-sun-installation-tutorial/page__view__getlastpost'
(attacker '67.195.37.110', file
Package: php5-suhosin
Version: 0.9.31-1
Severity: normal
Suhosin is now installed and enabled by default. So "1. if anybody installes a
php security module, the documentation should be
read" no longer applies.
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=575912
It seems certain defaults ar
5 matches
Mail list logo
