[Pkg-php-commits] [php/debian-sid] Add NEWS entry for max_file_uploads
Raphael Geissert
geissert at debian.org
Mon Jan 11 23:14:32 UTC 2010
---
debian/NEWS | 15 +++++++++++++++
1 files changed, 15 insertions(+), 0 deletions(-)
diff --git a/debian/NEWS b/debian/NEWS
index 7386db1..f1fce35 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -8,6 +8,21 @@ php5 (5.2.12.dfsg.1-3) unstable; urgency=low
commenting the <IfModule mod_userdir.c> block in
/etc/apache2/mods-available/php5.conf
+ * Maximum number of file uploads per request limited
+
+ To prevent Denial of Service attacks by exhausting the number of
+ available temporary file names, upstream introduced the max_file_uploads
+ option in 5.3.1 and 5.2.12.
+
+ Due to the nature of this new option a default limit has been set
+ to 50, hoping it is sensible enough to not to cause disruptions on
+ existing services.
+ The value of this new limit can be changed in the php.ini file.
+
+ If you installed the php5-suhosin extension there was a limiting
+ mechanism in place already. In this case you may want to make sure
+ the new limit imposed by PHP itself is not smaller than suhosin's.
+
-- Raphael Geissert <geissert at debian.org> Mon, 11 Jan 2010 16:49:28 -0600
php5 (5.2.6-1) unstable; urgency=medium
--
1.6.3.3
More information about the Pkg-php-commits
mailing list