[ddh-sys] apt-listchanges: news for less

root root op ddh.nl
Za Dec 12 19:29:54 CET 2009

php5 (5.2.6.dfsg.1-1+lenny4) stable-security; urgency=high

  * Maximum number of file uploads per request limited

  To prevent Denial of Service attacks by exhausting the number of
  available temporary file names, the max_file_uploads option
  introduced in PHP 5.3.1 has been backported.

  Due to the nature of this new option a default limit has been set
  to 50, hoping it is sensible enough to not to cause disruptions on
  existing services.
  The value of this new limit can be changed in the php.ini file.

  If you installed the php5-suhosin extension there was a limiting
  mechanism in place already. In this case you may want to make sure
  the new limit imposed by PHP itself is not smaller than suhosin's.

 -- Raphael Geissert <geissert op debian.org>  Sat, 21 Nov 2009 18:13:48 -0600

More information about the ddh-sys mailing list