Hardening-Patch v0.4.3 released
13. September 2005
The Hardened-PHP Project is proud to announce the immediate release of Hardening-Patch 0.4.3
This new release features:
- an additional fileupload hook that allows skipping a fileupload just by target variable name
- support for whitelists and blacklists for URLs in include-filenames*
(*) up to Hardening-Patch v0.4.2 all URLs in include-filenames are forbidden, as protection against typical remote code inclusion vulnerabilities. This is still the default behaviour, but it is now possible to specify a white- or blacklist for URL schemes that are either allowed or forbidden in include/require statements.