diff options
| author | jvoisin | 2026-01-07 12:03:41 +0100 |
|---|---|---|
| committer | jvoisin | 2026-01-07 12:03:41 +0100 |
| commit | 5f944e2b1085bdd07b75f7c13bec2b2ad49ea09e (patch) | |
| tree | 8fda8d018096a70697659a85cfe198b6efafb209 /debian/changelog | |
| parent | 9278dc77bab2a219e770a1b31dd6797bc9070e37 (diff) | |
Bump the changelogv0.13.0
Diffstat (limited to 'debian/changelog')
| -rw-r--r-- | debian/changelog | 52 |
1 files changed, 31 insertions, 21 deletions
diff --git a/debian/changelog b/debian/changelog index 4d48990..9e3d2f3 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -1,3 +1,13 @@ | |||
| 1 | snuffleupagus (0.13.0) UNRELEASED; urgency=low | ||
| 2 | [ jvoisin ] | ||
| 3 | * Compatibility with PHP8.5 | ||
| 4 | * Add the possibility to log to a file | ||
| 5 | * Improve .drop() logging reliability when set_error_handler is used | ||
| 6 | * Improve simulation mode for unserialize() when no HMAC key is provided | ||
| 7 | * Fix a possible arbitrary code execution on misconfigured upload_validation deployments | ||
| 8 | |||
| 9 | -- jvoisin <julien.voisin+snuffleupagus@dustri.org> Wed, 07 Jan 2026 18:00:00 +0200 | ||
| 10 | |||
| 1 | snuffleupagus (0.12.0) UNRELEASED; urgency=low | 11 | snuffleupagus (0.12.0) UNRELEASED; urgency=low |
| 2 | [ jvoisin ] | 12 | [ jvoisin ] |
| 3 | * Unify the default rules across all php versions | 13 | * Unify the default rules across all php versions |
| @@ -12,22 +22,22 @@ snuffleupagus (0.12.0) UNRELEASED; urgency=low | |||
| 12 | 22 | ||
| 13 | snuffleupagus (0.11.0) UNRELEASED; urgency=low | 23 | snuffleupagus (0.11.0) UNRELEASED; urgency=low |
| 14 | [ jvoisin ] | 24 | [ jvoisin ] |
| 15 | * Compatibility with PHP8.4 | 25 | * Compatibility with PHP8.4 |
| 16 | * Fixed compilation on FreeBSD | 26 | * Fixed compilation on FreeBSD |
| 17 | * Update the internal deprecation checks | 27 | * Update the internal deprecation checks |
| 18 | 28 | ||
| 19 | [ cgzones ] | 29 | [ cgzones ] |
| 20 | * Print key and value on INI violations | 30 | * Print key and value on INI violations |
| 21 | * Improve `scripts/generate_rules.php` with regard to functions from global space prefixed with `\` | 31 | * Improve `scripts/generate_rules.php` with regard to functions from global space prefixed with `\` |
| 22 | * Add option to specify the allowed "php" wrapper types | 32 | * Add option to specify the allowed "php" wrapper types |
| 23 | * Make 'phar' filenames work in `sp.disabled_functions` | 33 | * Make 'phar' filenames work in `sp.disabled_functions` |
| 24 | * Improve the documentation | 34 | * Improve the documentation |
| 25 | * Improve the default set of rules, especially with regard to portability | 35 | * Improve the default set of rules, especially with regard to portability |
| 26 | * Improve the Debian packaging | 36 | * Improve the Debian packaging |
| 27 | * Improve behaviour when dealing with broken configuration file | 37 | * Improve behaviour when dealing with broken configuration file |
| 28 | * Don't whitelist files if the function name is actually a method of a class in `scripts/generate_rules.php` | 38 | * Don't whitelist files if the function name is actually a method of a class in `scripts/generate_rules.php` |
| 29 | * Ignore function definition in `scripts/generate_rules.php` | 39 | * Ignore function definition in `scripts/generate_rules.php` |
| 30 | * Improve configuration dumping | 40 | * Improve configuration dumping |
| 31 | 41 | ||
| 32 | -- jvoisin <julien.voisin+snuffleupagus@dustri.org> Fri, 06 Sep 2024 14:30:00 +0200 | 42 | -- jvoisin <julien.voisin+snuffleupagus@dustri.org> Fri, 06 Sep 2024 14:30:00 +0200 |
| 33 | 43 | ||
| @@ -35,7 +45,7 @@ snuffleupagus (0.10.0) UNRELEASED; urgency=low | |||
| 35 | [ jvoisin ] | 45 | [ jvoisin ] |
| 36 | * Compatibility with PHP8.3 | 46 | * Compatibility with PHP8.3 |
| 37 | * Add `sp.log_max_len` to limit the maximum size of the log messages | 47 | * Add `sp.log_max_len` to limit the maximum size of the log messages |
| 38 | * Add an example configuration for Xenforo 2.2.12 | 48 | * Add an example configuration for Xenforo 2.2.12 |
| 39 | * Url encode functions arguments when logging them | 49 | * Url encode functions arguments when logging them |
| 40 | 50 | ||
| 41 | -- jvoisin <julien.voisin+snuffleupagus@dustri.org> Wed, 20 Sep 2023 15:25:00 +0200 | 51 | -- jvoisin <julien.voisin+snuffleupagus@dustri.org> Wed, 20 Sep 2023 15:25:00 +0200 |
| @@ -100,15 +110,15 @@ snuffleupagus (0.8.0) UNRELEASED; urgency=low | |||
| 100 | 110 | ||
| 101 | snuffleupagus (0.7.1) UNRELEASED; urgency=low | 111 | snuffleupagus (0.7.1) UNRELEASED; urgency=low |
| 102 | [ jvoisin ] | 112 | [ jvoisin ] |
| 103 | * Fixed possible memory-leaks when hooking via regular expressions | 113 | * Fixed possible memory-leaks when hooking via regular expressions |
| 104 | * Modernise the code by removing usage of `strtok` | 114 | * Modernise the code by removing usage of `strtok` |
| 105 | * Prevent a possible crash during configuration reloading | 115 | * Prevent a possible crash during configuration reloading |
| 106 | * Fix the default rules to catch dangerous `chmod` calls | 116 | * Fix the default rules to catch dangerous `chmod` calls |
| 107 | * Improve compatibility with various `libpcre` configurations/versions | 117 | * Improve compatibility with various `libpcre` configurations/versions |
| 108 | * Improve the default rules' compatibility with php8 | 118 | * Improve the default rules' compatibility with php8 |
| 109 | * Prevent XXE in php8 as well | 119 | * Prevent XXE in php8 as well |
| 110 | * Improve a bit the verbosity of the logs | 120 | * Improve a bit the verbosity of the logs |
| 111 | * Add a rules file for php8 | 121 | * Add a rules file for php8 |
| 112 | 122 | ||
| 113 | -- jvoisin <julien.voisin+snuffleupagus@dustri.org> Sun, 02 Aug 2021 19:29:00 +0200 | 123 | -- jvoisin <julien.voisin+snuffleupagus@dustri.org> Sun, 02 Aug 2021 19:29:00 +0200 |
| 114 | 124 | ||