Dear Release Team, as Raphael already asked, is there a chance for such an update? On Friday 05 September 2008, Raphael Geissert wrote: > Since version 0.9.26 there are several enhancements that would help avoid > some attacks on poorly written applications. > > Relevant changelog since current version in unstable: > > * Changed PHP default POST handler to PHP’s current handler > * Fixed problem with suhosin.perdir > * Fixed problems with ext/uploadprogress > * Added suhosin.srand.ignore and suhosin.mt_srand.ignore (default: on) > * Modified rand()/srand() to use the Mersenne Twister algorithm with > separate state > * Added better internal seeding of rand() and mt_rand() here are the diffstats for changes upstream: Changelog | 20 ++ execute.c | 386 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++- php_suhosin.h | 20 ++ post_handler.c | 65 +++++---- rfc1867.c | 17 ++ suhosin.c | 9 - 6 files changed, 478 insertions(+), 39 deletions(-) Many thanks for having a look and with kind regards, Jan. -- Never write mail to <waja@spamfalle.info>, you have been warned! -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT d-- s+: a- C+++ UL++++ P+ L+++ E- W+++ N+++ o++ K++ w--- O M V- PS PE Y++ PGP++ t-- 5 X R tv- b+ DI- D++ G++ e++ h-- r+++ y+++ ------END GEEK CODE BLOCK------
Attachment:
signature.asc
Description: This is a digitally signed message part.