Changelog ========= 0.3.0 - `Dentalium elephantinum `__ 2018/07/17 --------------------------------------------------------------------------------------------------------------- New features ^^^^^^^^^^^^ - Session cookies can now be [encrypted](https://github.com/nbs-system/snuffleupagus/pull/178) - Some occurrences of [type juggling](https://github.com/nbs-system/snuffleupagus/pull/186) can now be eradicated - It's [now possible](https://github.com/nbs-system/snuffleupagus/pull/187) to hook `echo` and `print` Improvements ^^^^^^^^^^^^ - The `.filename()` filter is [now matching](https://github.com/nbs-system/snuffleupagus/pull/167) on the file where the function is called instead on the one where it's defined. - Vastly [optimize](https://github.com/nbs-system/snuffleupagus/issues/166) the way we hook native functions - The format of the logs has been streamlined to ease their processing Bug fixes ^^^^^^^^^ - Better handling of filters for built-in functions - Fix various possible integer overflows - Fix an [annoying memory leak]( https://github.com/nbs-system/snuffleupagus/issues/192#issuecomment-404538124 ) impacting mostly `mod_php` 0.2.2 - `Elephant Moraine `__ 2018/04/12 --------------------------------------------------------------------------------------------------------- New features ^^^^^^^^^^^^ - The `.dump()` filter is now supported for `unserialize`, `readonly_exec`, and `eval` black/whitelist Improvements ^^^^^^^^^^^^ - Add some assertions - Add more rules examples - Provide a script to check for malicious file uploads - Significant performances improvement (at least +20%) - Significantly improve the performances of our default rules set - Our readme file is now shinier - Minor code simplification Bug fixes ^^^^^^^^^ - Fix a crash related to variadic functions 0.2.1 - `Elephant Point `__ 2018/02/07 ------------------------------------------------------------------------------------------------------- Bug fixes ^^^^^^^^^ - The testsuite can now be successfully run as root - Fix a double execution when snuffleupagus is used with some other extensions - Fix an execution-context related crash Improvements ^^^^^^^^^^^^ - Support PCRE2, since it's `required for PHP7.3 `__ - Improve a bit the portability of the code - Minor code simplification 0.2.0 - `Elephant Rally `__ - 2018/01/18 --------------------------------------------------------------------------------------------------------- New features ^^^^^^^^^^^^ - `Glob `__ support in ``sp.configuration_file`` - Whitelist/blacklist functions in ``eval`` - ``phpinfo`` shows if the configuration is valid or not Bug fixes ^^^^^^^^^ - Off-by-one in configuration parsing fixed - Minor cookie-encryption related memory leaks fixes - Various crashes spotted by `fr33tux `__ fixes - Configuration files with windows EOL are correctly handled Improvements ^^^^^^^^^^^^ - General code clean-up - Documentation overhaul - Compilation on FreeBSD and CentOS - Select which cookies to encrypt via regular expressions - Match on return values from user-defined functions External contributions ^^^^^^^^^^^^^^^^^^^^^^ - Simplification and clean up of our linked-list implementation by `smagnin `__ 0.1.0 - `Mighty Mammoth `__ - 2017/12/21 --------------------------------------------------------------------------------------------------------- - Initial release