From c0e72a25f32e4916ac5eda8cb47888fd0a200b23 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Sun, 15 May 2022 18:07:23 +0200 Subject: Bump the changelog --- doc/source/changelog.rst | 52 ++++++++++++++++++++++++++++++++++-------------- 1 file changed, 37 insertions(+), 15 deletions(-) (limited to 'doc/source/changelog.rst') diff --git a/doc/source/changelog.rst b/doc/source/changelog.rst index 6eaccd2..a69ec20 100644 --- a/doc/source/changelog.rst +++ b/doc/source/changelog.rst @@ -1,32 +1,54 @@ Changelog ========= -0.8.0 - Woolly Mammoth ----------------------- +0.8.0 - `Woolly Mammoth` `__ 2022/05/15 +----------------------------------------------------------------------------------------------------- -- Massive simplification of the configuration parser -- Better memory management -- Removal of internal calls to `call_user_func` -- Check for unsupported PHP version -- Compatibility with PHP8.1 -- Suhosin features backports: - - Maximum stack depth/recursion limit - - Maximum length for session id +New features +^^^^^^^^^^^^ +* Compatibility with PHP8.1 +* Check for unsupported PHP version +* Backport of Suhosin-ng patches: + * Maximum stack depth/recursion limit + * Maximum length for session id + * $_SERVER strip/encode + * Configuration dump + * Support for conditional rules + * INI settings protection + * Output SP logs to stderr + * Ported Suhosin rules to SP + +Improvements +^^^^^^^^^^^^ +* Massive simplification of the configuration parser +* Better memory management +* Removal of internal calls to `call_user_func` +* Increased portability of the default rules access different version of PHP +* Start SP as late as possible, to hook as many things as possible + +Bug fixes +^^^^^^^^^ +* XML and Session support are now checked at runtime instead of at compile time 0.7.1 - `Proboscidea `__ 2021/08/02 ------------------------------------------------------------------------------------------------- -* Fixed possible memory-leaks when hooking via regular expressions -* Modernise the code by removing usage of `strtok` -* Prevent a possible crash during configuration reloading -* Fix the default rules to catch dangerous `chmod` calls +Improvements +^^^^^^^^^^^^ * Improve compatibility with various `libpcre` configurations/versions +* Modernise the code by removing usage of `strtok` * Improve the default rules' compatibility with php8 * Prevent XXE in php8 as well * Improve a bit the verbosity of the logs * Add a rules file for php8 +Bug fixes +^^^^^^^^^ +* Prevent a possible crash during configuration reloading +* Fix the default rules to catch dangerous `chmod` calls +* Fixed possible memory-leaks when hooking via regular expressions + 0.7.0 - `Los Elefantes `__ 2021/01/02 --------------------------------------------------------------------------------------------------- @@ -46,7 +68,7 @@ Improvements Bug fixes ^^^^^^^^^ -* The strict mode is now disableable +* The strict mode can now be disabled 0.6.0 - `Elephant in the room `__ 2020/11/06 -- cgit v1.3 From 3d206b9ae51680ae6c0f0eee3e11e667d343d3e4 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Mon, 16 May 2022 19:49:18 +0200 Subject: Bump the changelog --- debian/changelog | 7 +++++++ doc/source/changelog.rst | 11 ++++++++++- src/php_snuffleupagus.h | 2 +- 3 files changed, 18 insertions(+), 2 deletions(-) (limited to 'doc/source/changelog.rst') diff --git a/debian/changelog b/debian/changelog index 831a0f2..3282469 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +snuffleupagus (0.8.1) UNRELEASED; urgency=low + [ jvoisin ] + * Fix the version number + * Fix a test on PHP7 + + -- jvoisin Sun, 16 Apr 2022 19:45:00 +0200 + snuffleupagus (0.8.0) UNRELEASED; urgency=low [ jvoisin ] * Compatibility with PHP8.1 diff --git a/doc/source/changelog.rst b/doc/source/changelog.rst index a69ec20..794afb8 100644 --- a/doc/source/changelog.rst +++ b/doc/source/changelog.rst @@ -1,7 +1,16 @@ Changelog ========= -0.8.0 - `Woolly Mammoth` `__ 2022/05/15 +0.8.1 - `Batyr `__ 2022/05/16 +------------------------------------------------------------------------------------------- + +Bug fixes +^^^^^^^^^ +* Fix the version number +* Fix a test on PHP7 + + +0.8.0 - `Woolly Mammoth `__ 2022/05/15 ----------------------------------------------------------------------------------------------------- New features diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h index e40b31b..8faaf3a 100644 --- a/src/php_snuffleupagus.h +++ b/src/php_snuffleupagus.h @@ -1,7 +1,7 @@ #ifndef PHP_SNUFFLEUPAGUS_H #define PHP_SNUFFLEUPAGUS_H -#define PHP_SNUFFLEUPAGUS_VERSION "0.9.0" +#define PHP_SNUFFLEUPAGUS_VERSION "0.8.1" #define PHP_SNUFFLEUPAGUS_EXTNAME "snuffleupagus" #define PHP_SNUFFLEUPAGUS_AUTHOR "NBS System & Julien (jvoisin) Voisin & SektionEins GmbH" #define PHP_SNUFFLEUPAGUS_URL "https://github.com/jvoisin/snuffleupagus" -- cgit v1.3 From 79dc4956919f342a1bca3faa6c1b75293abe6663 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Tue, 17 May 2022 20:41:04 +0200 Subject: Document a breaking change --- doc/source/changelog.rst | 4 ++++ 1 file changed, 4 insertions(+) (limited to 'doc/source/changelog.rst') diff --git a/doc/source/changelog.rst b/doc/source/changelog.rst index 794afb8..4bb0583 100644 --- a/doc/source/changelog.rst +++ b/doc/source/changelog.rst @@ -9,6 +9,10 @@ Bug fixes * Fix the version number * Fix a test on PHP7 +Breaking Changes +^^^^^^^^^^^^^^^^ +* `disable_xxe` is changed to `xxe_protection` + 0.8.0 - `Woolly Mammoth `__ 2022/05/15 ----------------------------------------------------------------------------------------------------- -- cgit v1.3 From a1a7d2030f40ce1f880e9944417c6ccbb48a3c13 Mon Sep 17 00:00:00 2001 From: jvoisin Date: Fri, 20 May 2022 22:00:35 +0200 Subject: Bump the changelog --- debian/changelog | 7 +++++++ doc/source/changelog.rst | 9 +++++++++ src/php_snuffleupagus.h | 2 +- 3 files changed, 17 insertions(+), 1 deletion(-) (limited to 'doc/source/changelog.rst') diff --git a/debian/changelog b/debian/changelog index 3282469..034a34d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +snuffleupagus (0.8.2) UNRELEASED; urgency=low + [ jvoisin ] + * Fix compilation when ZTS is used + * Fix a possible infinite loop + + -- jvoisin Sun, 20 Apr 2022 22:00:00 +0200 + snuffleupagus (0.8.1) UNRELEASED; urgency=low [ jvoisin ] * Fix the version number diff --git a/doc/source/changelog.rst b/doc/source/changelog.rst index 4bb0583..a406953 100644 --- a/doc/source/changelog.rst +++ b/doc/source/changelog.rst @@ -1,6 +1,15 @@ Changelog ========= +0.8.2 - `Surus `__ 2022/05/20 +------------------------------------------------------------------------------------------- + +Bug fixes +^^^^^^^^^ +* Fix compilation when ZTS is used +* Fix a possible infinite loop + + 0.8.1 - `Batyr `__ 2022/05/16 ------------------------------------------------------------------------------------------- diff --git a/src/php_snuffleupagus.h b/src/php_snuffleupagus.h index 8faaf3a..97fa0e4 100644 --- a/src/php_snuffleupagus.h +++ b/src/php_snuffleupagus.h @@ -1,7 +1,7 @@ #ifndef PHP_SNUFFLEUPAGUS_H #define PHP_SNUFFLEUPAGUS_H -#define PHP_SNUFFLEUPAGUS_VERSION "0.8.1" +#define PHP_SNUFFLEUPAGUS_VERSION "0.8.2" #define PHP_SNUFFLEUPAGUS_EXTNAME "snuffleupagus" #define PHP_SNUFFLEUPAGUS_AUTHOR "NBS System & Julien (jvoisin) Voisin & SektionEins GmbH" #define PHP_SNUFFLEUPAGUS_URL "https://github.com/jvoisin/snuffleupagus" -- cgit v1.3