Slashdot Mirror

← Back to Domains

Domain: hardened-php.net

Stories and comments across the archive that link to hardened-php.net.

Stories · 4

  1. Official Support For PHP 4 Ends

    Developers · Php · · posted by Soulskill · from the we-actually-knew-ye-pretty-well dept. · 245 comments
    Da Massive writes with this excerpt from ComputerWorld: "For a technology that has been in stable release since May 22, 2000, PHP 4 has finally reached the end of its official life. With the release of PHP 4.4.9, official support has ended and the final security patch for the platform issued. ...With eight years of legacy code out there, it is likely that there are going to be a fairly large number of systems that will not migrate to PHP 5 in the near future, and a reasonable proportion of those that will not make the migration at all. For those who are not able to migrate their systems to the new version of PHP, noted PHP security expert Stefan Esser will continue to provide third party security patching for the PHP 4 line through his Suhosin product."

  2. PHP Vulnerabilities Announced

    Developers · Php · · posted by michael · from the rated-o-for-overtime dept. · 387 comments
    Simone Klassen writes "The Hardened-PHP Project has announced several serious and according to them, easy-to-exploit vulnerabilities within PHP. A flaw within the function unserialize() is rated as very critical for millions of PHP servers, because it is exposed to remote attackers through lots of very popular webapplications. The list includes forum software like phpBB2, WBB2, Invision Board and vBulletin. It is time to upgrade now."

  3. PHP Vulnerabilities Announced

    Developers · Php · · posted by michael · from the rated-o-for-overtime dept. · 387 comments
    Simone Klassen writes "The Hardened-PHP Project has announced several serious and according to them, easy-to-exploit vulnerabilities within PHP. A flaw within the function unserialize() is rated as very critical for millions of PHP servers, because it is exposed to remote attackers through lots of very popular webapplications. The list includes forum software like phpBB2, WBB2, Invision Board and vBulletin. It is time to upgrade now."

  4. Hardened PHP

    Developers · Php · · posted by michael · from the start-with-phpnuke-please dept. · 187 comments
    Frank Kreuzbach writes "Yesterday the Hardened-PHP Project has announced its existence on the PHP-general mailinglist. It is the first public patch for PHP which adds security hardening features. It is meant as a proactive approach to protect servers against known and unknown weaknesses within PHP scripts or the engine itself. It enforces restrictions on include statements, adds canary protection to allocated memory and other internal structures and protects against internal format string vulnerabilities. It has syslog support and logs every attack together with the originating ip."