Assets 2

Security bugfix release: All users are encouraged to upgrade to this version as soon as possible.

Changelog:
- removed code compatibility for PHP <5.4 (lots of code + ifdefs)
- allow https location for suhosin.filter.action
- fixed newline detection for suhosin.mail.protect
- Added suhosin.upload.max_newlines to protect againt DOS attack via many
MIME headers in RFC1867 uploads (CVE-2015-4024)
- mail related test cases now work on linux

Assets 2

This hotfix release changes the newly introduced array index blacklist to not block '-' by default due to incompatibilities with widely used software.
Also, the version string shows '0.9.37.1' now (without '-dev').

@bef bef released this Dec 3, 2014 · 2 commits to 0.9.37 since this release

Assets 2
suhosin-0.9.37

changelog for release 0.9.37
Pre-release

@bef bef released this Nov 24, 2014 · 8 commits to 0.9.37 since this release

Assets 2

First release candidate of Suhosin Extension 0.9.37

@stefanesser stefanesser released this Jun 11, 2014 · 146 commits to master since this release

Assets 2

Release of Suhosin Extension 0.9.36

Feb 24, 2014
Release of Suhosin Extension 0.9.35
Feb 15, 2014
First release candiate of Suhosin Extension 0.9.35