--- php-suhosin-0.9.33.orig/debian/control +++ php-suhosin-0.9.33/debian/control @@ -0,0 +1,24 @@ +Source: php-suhosin +Section: php +Priority: optional +Maintainer: php-suhosin maintainers +Uploaders: Alexander Wirt , Jan Wagner +Build-Depends: debhelper (>= 5), php5-dev (>= 5.2.0), dpatch +Homepage: http://www.hardened-php.net/suhosin/ +Vcs-Browser: https://scm.uncompleted.org/projects/debian/repository/show/php-suhosin +Vcs-Svn: https://scm.uncompleted.org/svn/debian/php-suhosin/trunk +Standards-Version: 3.9.1 + +Package: php5-suhosin +Architecture: any +Depends: ${shlibs:Depends}, ${php:Depends}, ${misc:Depends} +Description: advanced protection module for php5 + This package provides a module for suhosin functions. + . + Suhosin is an advanced protection system for PHP installations. It was + designed to protect servers and users from known and unknown flaws in PHP + applications and the PHP core. Suhosin comes in two independent parts, that + can be used separately or in combination. The first part is a small patch + against the PHP core, that implements a few low-level protections against + bufferoverflows or format string vulnerabilities and the second part is a + powerful PHP extension that implements all the other protections. --- php-suhosin-0.9.33.orig/debian/README.source +++ php-suhosin-0.9.33/debian/README.source @@ -0,0 +1,3 @@ +We use dpatch for patch handling inside our package(s). Please see +/usr/share/doc/dpatch/README.source.gz (if you have installed dpatch) for +documentation about dpatch. --- php-suhosin-0.9.33.orig/debian/php5-suhosin.examples +++ php-suhosin-0.9.33/debian/php5-suhosin.examples @@ -0,0 +1 @@ +suhosin.ini --- php-suhosin-0.9.33.orig/debian/watch +++ php-suhosin-0.9.33/debian/watch @@ -0,0 +1,3 @@ +version=3 +http://www.hardened-php.net/suhosin/download.html http://download.suhosin.org/suhosin-(.*)\.tar.gz +http://www.hardened-php.net/suhosin/download.html http://download.suhosin.org/suhosin-(.*)\.tgz --- php-suhosin-0.9.33.orig/debian/changelog +++ php-suhosin-0.9.33/debian/changelog @@ -0,0 +1,226 @@ +php-suhosin (0.9.33-1) unstable; urgency=low + + * New upstream version (Closes: #657190, #631283) + - Fixed stack based buffer overflow in transparent cookie encryption + - Fixed environment variables for logging do not go through the filter + extension anymore + - Fixed that disabling HTTP response splitting protection also disabled + NUL byte protection in HTTP headers + - Removed crypt() support - because not used for PHP >= 5.3.0 anyway + * Update watch file, upstream changed naming scheme + + -- Jan Wagner Tue, 24 Jan 2012 23:09:33 +0100 + +php-suhosin (0.9.32.1-1) unstable; urgency=low + + * New upstream version (Closes: #584509) + - Improved random number seed generation more by adding /dev/urandom juice + - Fixed missing header file resulting in wrong php_combined_lcg() prototype + being used + - Added support for memory_limit > 2GB + - Fixed missing header file resulting in compile errors + * Drop 10_fix_function_prototype, integrated upstream + * Update watch file + * Bump standards version to 3.9.1, no changes needed + + -- Jan Wagner Thu, 19 Aug 2010 10:02:52 +0200 + +php-suhosin (0.9.31-1) unstable; urgency=low + + * New upstream version + - Added line ending characters %0a and %0d to the list of dangerous + characters handled by suhosin.server.encode and suhosin.server.strip + - Fixed crash bug with PHP 5.3.x and session module (due to changed session + globals struct) + - Added ! protection to PHP session serializer + - Fixed simulation mode now also affects (dis)allowed functions + - Fixed missing return (1); in random number generator replacements + - Fixed random number generator replacement error case behaviour in PHP + 5.3.x + - Fixed error case handling in function_exists() PHP 5.3.x + - Merged changes/fixes in import_request_variables()/extract() from upstream + PHP + - Fixed suhosin_header_handler to be PHP 5.3.x compatible + - Merge fixes and new features of PHP's file upload code to suhosin + - Fix ZTS build of session.c + - Increased session identifier entropy by using /dev/urandom if available + * Install upstream suhosin.ini into /usr/share/doc/php5-suhosin/examples/ + * Add dpatch build-infrastructure + * Add 10_fix_function_prototype.dpatch, to fix function prototype, thanks + Stefan Esser (Closes: #539307) + + -- Jan Wagner Tue, 13 Apr 2010 13:42:29 +0200 + +php-suhosin (0.9.29-2) unstable; urgency=low + + * Update address of the Maintainers List + * Bump Standards-Version to 3.8.4, no changes needed + * Migrate Vcs-Fields over to scm.uncompleted.org + * Add 1.0 to debian/source/format + * Add ${misc:Depends} to dependencies + + -- Jan Wagner Mon, 15 Mar 2010 21:52:04 +0100 + +php-suhosin (0.9.29-1) unstable; urgency=low + + * New upstream version + * update our suhosin.ini + * bump standards version to 3.8.3 (no changes needed) + + -- Jan Wagner Sun, 20 Sep 2009 23:08:24 +0200 + +php-suhosin (0.9.28-1) unstable; urgency=low + + * New upstream version + - Fixed crash bug with PHP 5.2.10 caused by a + change in extension load order of ext/session + (Closes: #538820) + + -- Alexander Wirt Fri, 14 Aug 2009 08:09:56 +0200 + +php-suhosin (0.9.27-2) UNRELEASED; urgency=low + + * add suhosin.srand.ignore and suhosin.mt_srand.ignore with their default + settings to suhosin.ini + * change Section to 'php' + * bump standards version to 3.8.2 (no changes needed) + * add link to documentation into suhosin.ini + * add "Copyright" to packaging copyright to make lintian happy + + -- Jan Wagner Thu, 16 Oct 2008 16:25:04 +0200 + +php-suhosin (0.9.27-1) unstable; urgency=low + + * new upstream release (closes: #497871) + * declare license situation of execute.c in copyright file + + -- Jan Wagner Wed, 18 Jun 2008 15:16:33 +0200 + +php-suhosin (0.9.24-1) unstable; urgency=low + + * new upstream release + * bump copyright of packaging to 2008 and remove trailing whitespaces + * Updating standards version to 3.8.0, no changes needed + + -- Jan Wagner Wed, 18 Jun 2008 13:46:15 +0200 + +php-suhosin (0.9.23-1) unstable; urgency=low + + * new upstream release + * fix watch file, since URL changed recently (closes: #459994). + + -- Jan Wagner Thu, 17 Jan 2008 16:19:36 +0100 + +php-suhosin (0.9.22-1) unstable; urgency=low + + [ Jan Wagner ] + * new upstream release (closes: #454382) + + - Removed LFS warning message because it crashed on several systems + - Fixed function_exists() now checks the Suhosin permissions + - Fixed crypt() salt no longer uses Blowfish by default + - Fixed .htaccess/perdir support + - Fixed compilation problem on OS/X + - Added protection against some attacks through _SERVER variables + - Added suhosin.server.strip and suhosin.server.encode + - Added error message that warns about the LFS binary incompatibility + + * added Vcs- fields, moved Homepage into source header's field + * add watch file + + [ Alexander Wirt ] + * Bump standards version + * Don't ignore errors from make clean + * Update copyright file + + -- Alexander Wirt Thu, 06 Dec 2007 10:53:43 +0100 + +php-suhosin (0.9.20-1) unstable; urgency=low + + * new upstream + * remove php4-suhosin (closes: #418321). + * ship suhosin.ini with the implizit default values + + -- Jan Wagner Wed, 23 May 2007 09:04:18 +0200 + +php-suhosin (0.9.18-1) unstable; urgency=low + + [ Jan Wagner ] + * new upstream (Closes: #416444) + + [ Alexander Wirt ] + * Fix suhosin.ini comment (Closes: #416111) + + -- Alexander Wirt Thu, 29 Mar 2007 08:27:09 +0200 + +php-suhosin (0.9.16-1) unstable; urgency=low + + * new upstream + * removed re2c from builddeps + + -- Jan Wagner Sun, 3 Dec 2006 21:57:28 +0100 + +php-suhosin (0.9.12-1) unstable; urgency=low + + * new upstream + * fixed address of "Free Software Foundation, Inc." in changelog + + -- Jan Wagner Sun, 17 Nov 2006 15:41:36 +0100 + +php-suhosin (0.9.11-2) unstable; urgency=low + + [ Jan Wagner ] + * drop debian/po + + [ Alexander Wirt ] + * Update debian/copyright + + -- Alexander Wirt Sun, 12 Nov 2006 20:09:02 +0100 + +php-suhosin (0.9.11-1) unstable; urgency=low + + [ Jan Wagner ] + * New upstream release + + [ Alexander Wirt ] + * Initial debian upload (Closes: #392119) + + -- Alexander Wirt Sat, 11 Nov 2006 11:37:38 +0100 + +php-suhosin (0.9.10-1) unstable; urgency=low + + * New upstream release + + -- Jan Wagner Thu, 2 Nov 2006 12:50:36 +0000 + +php-suhosin (0.9.8-1) unstable; urgency=low + + * new upstream + + -- Jan Wagner Tue, 10 Oct 2006 15:46:39 +0200 + +php-suhosin (0.9.6-2) unstable; urgency=low + + * fixed up some po related stuff (make lintian happy) + + -- Jan Wagner Tue, 10 Oct 2006 15:07:28 +0200 + +php-suhosin (0.9.6-1) unstable; urgency=low + + * Added build depency to re2c (>=0.9.11) + + -- Jan Wagner Fri, 06 Oct 2006 14:09:37 +0200 + +php-suhosin (0.9.6-1~cyconet.1) unstable; urgency=low + + * Initial release + * Use the config.m4 from the php4 version of the suhosin extension, because + the php4 "phpize" can't cope with one of the tests in the php5 version. + * Use a dirty dpkg-gencontrol hack to make sure php4-suhosin has an epoch. + * Make sure we get our docs in our own doc directory, instead of dumping + them in /usr/share/doc/php[45]-common, in case we're upgrading. + * Use the new php-config[45] --phpapi option, and build-depend on new + enough versions of php[45]-dev to make sure we have it available to us. + * included mbstrings header of php5-5.1.6-1 in buildtree + + -- Jan Wagner Thu, 05 Oct 2006 14:09:37 +0200 --- php-suhosin-0.9.33.orig/debian/copyright +++ php-suhosin-0.9.33/debian/copyright @@ -0,0 +1,156 @@ +This package was debianized by Jan Wagner on +Thu, 05 Oct 2006 13:58:18 +1000 + +It was downloaded from http://www.hardened-php.net/suhosin/download.html + +Upstream Authors: Stefan Esser + +Copyright Holders (in alphabetical order): + Edin Kadribasic + Free Software Foundation, Inc. + Jani Taskinen + Jochen Obalek + Mike Scott + Rasmus Lerdorf + Solar Designer + Stefan Esser + Takahiro Tanimoto + The Hardened-PHP Project + The PHP Group + +Licenses: + + File aes.c + Copyright (c) 1999 Mike Scott + License: Public Domain + + Permission for free direct or derivative use is granted subject to + compliance with any conditions that the originators of the algorithm + place on its exploitation. + + File crypt_blowfish.c + Copyright (c) 1998-2002 Solar Designer + License: Public Domain + + It is my intent that you should be able to use this on your system, as + a part of a software package, or anywhere else to improve security, + ensure compatibility, or for any other purpose. I would appreciate it + if you give credit where it is due and keep your modifications in the + public domain as well, but I don't require that in order to let you + place this code and any modifications you make under a license of your + choice. + + Files crypt_md5.c + crypt_md5.h + Copyright (c) 1997-2006 The PHP Group + Edin Kadribasic + License: PHP license 3.01 + + Files crypt_win32.c + crypt_win32.h + Copyright (C) 1991 Jochen Obalek + License: PHP license 3.01 + + File execute.c + Copyright (c) 2006-2007 The Hardened-PHP Project + Copyright (c) 2007 SektionEins GmbH + Copyright (C) 1997 - 2002, Makoto Matsumoto and Takuji Nishimura, + Copyright (C) 2000 - 2003, Richard J. Wagner + License: PHP license 3.01 + + The file contains the following clause were the code is taken out of + ext/standard/rand.c from PHP Source with a statement that isn't + compatible with the DFSG: + "The code as Shawn received it included the following notice: + + Copyright (C) 1997 Makoto Matsumoto and Takuji Nishimura. When + you use this, send an e-mail to with + an appropriate reference to your work." + + However, this requirement has been rescinded by the copyright holder in + message <48E334A2.6050301@math.sci.hiroshima-u.ac.jp> to bug #498621. + + File rfc1867.c + Copyright (c) 1997-2006 The PHP Group + Rasmus Lerdorf + Jani Taskinen + License: PHP license 3.01 + + File mbregex/mbregex.h + Copyright (C) 1985,89,90,91,92,93,95,96,97,98 Free Software Foundation, Inc. + Takahiro Tanimoto + License: GNU General Public License + + This file is part of the GNU C Library. Its master source is NOT part + of the C library, however. The master source lives in /gd/gnu/lib. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Library General Public License as + published by the Free Software Foundation; either version 2 of the + License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Library General Public License for more details. + + You should have received a copy of the GNU Library General Public + License along with the GNU C Library; see the file COPYING.LIB. If + not, write to the Free Software Foundation, Inc., 51 Franklin St, + Fifth Floor, Boston, MA 02110-1301, USA. + + On Debian systems, the complete text of the GNU General Public License + can be found in /usr/share/common-licenses/GPL file. + + All other files: + Copyright (c) 2006 The Hardened-PHP Project + Stefan Esser + Copyright (c) 2007 SektionEins GmbH + License: PHP license 3.01 + + -------------------------------------------------------------------- + The PHP License, version 3.01 + Copyright (c) 1999 - 2006 The PHP Group. All rights reserved. + -------------------------------------------------------------------- + + Redistribution and use in source and binary forms, with or without + modification, is permitted provided that the following conditions are + met: + + 1. Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in + the documentation and/or other materials provided with the + distribution. + + 3. The name "PHP" must not be used to endorse or promote products + derived from this software without prior written permission. For + written permission, please contact group@php.net. + + 4. Products derived from this software may not be called "PHP", nor + may "PHP" appear in their name, without prior written permission + from group@php.net. You may indicate that your software works in + conjunction with PHP by saying "Foo for PHP" instead of calling it + "PHP Foo" or "phpfoo" + + 5. The PHP Group may publish revised and/or new versions of the + license from time to time. Each version will be given a + distinguishing version number. + Once covered code has been published under a particular version of + the license, you may always continue to use it under the terms of + that version. You may also choose to use such covered code under + the terms of any subsequent version of the license published by + the PHP Group. No one other than the PHP Group has the right to + modify the terms applicable to covered code created under this + License. + + 6. Redistributions of any form whatsoever must retain the following + acknowledgment: + "This product includes PHP software, freely available from + ". + +The Debian packaging is Copyright (C) 2006, 2008 Jan Wagner , +Alexander Wirt and is licensed under the GPL, see +`/usr/share/common-licenses/GPL'. --- php-suhosin-0.9.33.orig/debian/rules +++ php-suhosin-0.9.33/debian/rules @@ -0,0 +1,85 @@ +#!/usr/bin/make -f +BUILD5=$(CURDIR)/debian/php5-suhosin +PHP_EX5=$(shell /usr/bin/php-config5 --extension-dir) + +#export DH_VERBOSE=1 + +include /usr/share/dpatch/dpatch.make + +DEB_HOST_GNU_TYPE ?= $(shell dpkg-architecture -qDEB_HOST_GNU_TYPE) + +CFLAGS += -O2 -Wall -fno-strict-aliasing + +# Enable IEEE-conformant floating point math on alphas (not the default) +ifeq (alpha-linux-gnu,$(DEB_HOST_GNU_TYPE)) + CFLAGS += -mieee +endif + +ifeq ($(DEB_HOST_GNU_TYPE), $(findstring $(DEB_HOST_GNU_TYPE), ia64-linux-gnu powerpc64-linux-gnu)) + CFLAGS += -g +else + CFLAGS += -gstabs +endif + +build: patch-stamp + @echo "Not use this." + +build-stamp: + dh_testdir + touch build-stamp + +build-stamp-php5: build-stamp + [ ! -f Makefile ] || $(MAKE) clean + phpize --clean + phpize5 + chmod a+x ./configure + ./configure --prefix=$(BUILD5)/usr --with-php-config=/usr/bin/php-config5 + $(MAKE) DESTDIR=$(BUILD5) + touch build-stamp-php5 + +clean: unpatch + dh_testdir + dh_testroot + rm -rf build-stamp build-stamp-php5 + [ ! -f Makefile ] || $(MAKE) distclean + # to make pbuilder happy +ifeq ($(shell which phpize),/usr/bin/phpize) + phpize --clean +endif + dh_clean + +install: build-php5 + +build-php5: +build-php5: build-stamp-php5 + dh_testdir + dh_testroot + dh_installdirs + install -D -m 644 modules/suhosin.so debian/php5-suhosin$(PHP_EX5)/suhosin.so + install -D -m 644 debian/suhosin.ini debian/php5-suhosin/etc/php5/conf.d/suhosin.ini + +binary-indep: + +binary-arch-php5: +binary-arch-php5: build-php5 + dh_testdir + dh_testroot + dh_installdirs + dh_installchangelogs Changelog + dh_installdocs CREDITS + dh_installexamples + dh_install + dh_link + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + echo "php:Depends=phpapi-`php-config5 --phpapi`" >> debian/php5-suhosin.substvars + dh_gencontrol + dh_md5sums + dh_builddeb + +binary-arch: binary-arch-php5 +binary: binary-indep binary-arch +.PHONY: build-php5 clean binary-indep binary-arch binary install --- php-suhosin-0.9.33.orig/debian/compat +++ php-suhosin-0.9.33/debian/compat @@ -0,0 +1 @@ +5 --- php-suhosin-0.9.33.orig/debian/php4-suhosin.postinst +++ php-suhosin-0.9.33/debian/php4-suhosin.postinst @@ -0,0 +1,34 @@ +#!/bin/sh + +set -e + +# Source debconf library. +. /usr/share/debconf/confmodule + +#DEBHELPER# + +if [ "$1" != "configure" ]; then + exit 0 +fi + +# here we test for upgrades from versions prior to the config-file-scan-dir +# migration. +# +# to avoid lots of scary warnings about duplicate-loaded modules, each +# module will remove its "extension=" line from each SAPI's php.ini file +# when upgrading from a "prior version". this will be the last time we +# ever muck with such files in maintainer scripts. really. promise :) + +if [ "$2" ] && dpkg --compare-versions "$2" lt "0.9.10-1"; then + extension_re='^[[:space:]]*extension[[:space:]]*=[[:space:]]*suhosin\.so$' + for SAPI in apache apache2 cgi cli; do + ini_file="/etc/php4/$SAPI/php.ini" + if [ -f "$ini_file" ]; then + if grep -q "$extension_re" $ini_file; then + sed -i -e "/$extension_re/d" $ini_file + fi + fi + done +fi + +exit 0 --- php-suhosin-0.9.33.orig/debian/php5-suhosin.postinst +++ php-suhosin-0.9.33/debian/php5-suhosin.postinst @@ -0,0 +1,34 @@ +#!/bin/sh + +set -e + +# Source debconf library. +. /usr/share/debconf/confmodule + +#DEBHELPER# + +if [ "$1" != "configure" ]; then + exit 0 +fi + +# here we test for upgrades from versions prior to the config-file-scan-dir +# migration. +# +# to avoid lots of scary warnings about duplicate-loaded modules, each +# module will remove its "extension=" line from each SAPI's php.ini file +# when upgrading from a "prior version". this will be the last time we +# ever muck with such files in maintainer scripts. really. promise :) + +if [ "$2" ] && dpkg --compare-versions "$2" lt "0.9.10-1"; then + extension_re='^[[:space:]]*extension[[:space:]]*=[[:space:]]*suhosin\.so$' + for SAPI in apache apache2 cgi cli; do + ini_file="/etc/php5/$SAPI/php.ini" + if [ -f "$ini_file" ]; then + if grep -q "$extension_re" $ini_file; then + sed -i -e "/$extension_re/d" $ini_file + fi + fi + done +fi + +exit 0 --- php-suhosin-0.9.33.orig/debian/suhosin.ini +++ php-suhosin-0.9.33/debian/suhosin.ini @@ -0,0 +1,110 @@ +; configuration for php suhosin module +extension=suhosin.so + +;;;;;;;;;;;;;;;;;;; +; Module Settings ; +;;;;;;;;;;;;;;;;;;; +; the following values are the internal default settings and set implicit +; feel free to modify to your needs +; documentation can be found at: +; http://www.hardened-php.net/suhosin/configuration.html +; or have a look into /usr/share/doc/php5-suhosin/examples/suhosin.ini.gz + +[suhosin] +; Logging Configuration +;suhosin.log.syslog = +;suhosin.log.syslog.facility = 9 +;suhosin.log.syslog.priority = 1 +;suhosin.log.sapi = +;suhosin.log.script = 0 +;suhosin.log.phpscript = 0 +;suhosin.log.script.name = +;suhosin.log.phpscript.name = +;suhosin.log.use-x-forwarded-for = off + +; Executor Options +;suhosin.executor.max_depth = 0 +;suhosin.executor.include.max_traversal = 0 +;suhosin.executor.include.whitelist = +;suhosin.executor.include.blacklist = +;suhosin.executor.include.allow_writable_files = on +;suhosin.executor.func.whitelist = +;suhosin.executor.func.blacklist = +;suhosin.executor.eval.whitelist = +;suhosin.executor.eval.blacklist = +;suhosin.executor.disable_eval = off +;suhosin.executor.disable_emodifier = off +;suhosin.executor.allow_symlink = off + +; Misc Options +;suhosin.simulation = off +;suhosin.apc_bug_workaround = off +;suhosin.sql.bailout_on_error = off +;suhosin.sql.user_prefix = +;suhosin.sql.user_postfix = +;suhosin.multiheader = off +;suhosin.mail.protect = 0 +;suhosin.memory_limit = 0 + +; Transparent Encryption Options +;suhosin.session.encrypt = on +;suhosin.session.cryptkey = +;suhosin.session.cryptua = on +;suhosin.session.cryptdocroot = on +;suhosin.session.cryptraddr = 0 +;suhosin.session.checkraddr = 0 +;suhosin.cookie.encrypt = on +;suhosin.cookie.cryptkey = +;suhosin.cookie.cryptua = on +;suhosin.cookie.cryptdocroot = on +;suhosin.cookie.cryptraddr = 0 +;suhosin.cookie.checkraddr = 0 +;suhosin.cookie.cryptlist = +;suhosin.cookie.plainlist = + +; Randomness +;suhosin.srand.ignore = on +;suhosin.mt_srand.ignore = on + +; Filtering Options +;suhosin.filter.action = +;suhosin.cookie.max_array_depth = 100 +;suhosin.cookie.max_array_index_length = 64 +;suhosin.cookie.max_name_length = 64 +;suhosin.cookie.max_totalname_length = 256 +;suhosin.cookie.max_value_length = 10000 +;suhosin.cookie.max_vars = 100 +;suhosin.cookie.disallow_nul = on +;suhosin.get.max_array_depth = 50 +;suhosin.get.max_array_index_length = 64 +;suhosin.get.max_name_length = 64 +;suhosin.get.max_totalname_length = 256 +;suhosin.get.max_value_length = 512 +;suhosin.get.max_vars = 100 +;suhosin.get.disallow_nul = on +;suhosin.post.max_array_depth = 100 +;suhosin.post.max_array_index_length = 64 +;suhosin.post.max_name_length = 64 +;suhosin.post.max_totalname_length = 256 +;suhosin.post.max_value_length = 1000000 +;suhosin.post.max_vars = 1000 +;suhosin.post.disallow_nul = on +;suhosin.request.max_array_depth = 100 +;suhosin.request.max_array_index_length = 64 +;suhosin.request.max_totalname_length = 256 +;suhosin.request.max_value_length = 1000000 +;suhosin.request.max_vars = 1000 +;suhosin.request.max_varname_length = 64 +;suhosin.request.disallow_nul = on +;suhosin.server.encode = on +;suhosin.server.strip = on +;suhosin.upload.max_uploads = 25 +;suhosin.upload.disallow_elf = on +;suhosin.upload.disallow_binary = off +;suhosin.upload.remove_binary = off +;suhosin.upload.verification_script = +;suhosin.session.max_id_length = 128 +;suhosin.coredump = off +;suhosin.protectkey = 1 +;suhosin.stealth = 1 +;suhosin.perdir = "0" --- php-suhosin-0.9.33.orig/debian/source/format +++ php-suhosin-0.9.33/debian/source/format @@ -0,0 +1 @@ +1.0