[ddh-sys] apt-listchanges: news for less
root
root op ddh.nl
Za Dec 12 19:29:54 CET 2009
php5 (5.2.6.dfsg.1-1+lenny4) stable-security; urgency=high
* Maximum number of file uploads per request limited
To prevent Denial of Service attacks by exhausting the number of
available temporary file names, the max_file_uploads option
introduced in PHP 5.3.1 has been backported.
Due to the nature of this new option a default limit has been set
to 50, hoping it is sensible enough to not to cause disruptions on
existing services.
The value of this new limit can be changed in the php.ini file.
If you installed the php5-suhosin extension there was a limiting
mechanism in place already. In this case you may want to make sure
the new limit imposed by PHP itself is not smaller than suhosin's.
-- Raphael Geissert <geissert op debian.org> Sat, 21 Nov 2009 18:13:48 -0600
More information about the ddh-sys
mailing list