Hardening-Patch v0.4.3 released




13. September 2005

The Hardened-PHP Project is proud to announce the immediate release of Hardening-Patch 0.4.3

This new release features:
- an additional fileupload hook that allows skipping a fileupload just by target variable name
- support for whitelists and blacklists for URLs in include-filenames*


(*) up to Hardening-Patch v0.4.2 all URLs in include-filenames are forbidden, as protection against typical remote code inclusion vulnerabilities. This is still the default behaviour, but it is now possible to specify a white- or blacklist for URL schemes that are either allowed or forbidden in include/require statements.
© Hardened PHP Project