/PHP-8.3/ |
H A D | SECURITY.md | 3 Please report security vulnerabilities on GitHub at: 4 <https://github.com/php/php-src/security/advisories/new> 7 somebody about a PHP security issue that might not be a bug report, please write 8 to <security@php.net>. 17 https://github.com/php/policies/blob/main/security-classification.rst
|
H A D | CONTRIBUTING.md | 358 … release the PHP 8.0.x series. This is an old stable version and is open for security fixes only. | 375 1. All non-security bugfix changes should first go to the lowest bugfix branch 376 (i.e. 8.0) and then get merged up to all other branches. All security fixes 377 should go to the lowest security fixes branch (i.e 7.4). If a change is not
|
H A D | php.ini-production | 76 ; php.ini-production contains settings which hold security, performance and 78 ; compatibility with older or less security-conscious applications. We 406 ; (e.g. by adding its signature to the Web server header). It is no security 766 ; see documentation for security issues. The alternate is to use the 792 ; cgi.force_redirect is necessary to provide security running PHP as a CGI under 806 ; cause security issues, KNOW WHAT YOU ARE DOING FIRST. 820 ; of the web tree and people will not be able to circumvent .htaccess security. 824 ; security tokens of the calling client. This allows IIS to define the 825 ; security context that the request runs under. mod_fastcgi under Apache 1492 ; Use of trans sid may risk your users' security. [all …]
|
H A D | php.ini-development | 76 ; php.ini-production contains settings which hold security, performance and 78 ; compatibility with older or less security-conscious applications. We 404 ; (e.g. by adding its signature to the Web server header). It is no security 764 ; see documentation for security issues. The alternate is to use the 790 ; cgi.force_redirect is necessary to provide security running PHP as a CGI under 804 ; cause security issues, KNOW WHAT YOU ARE DOING FIRST. 818 ; of the web tree and people will not be able to circumvent .htaccess security. 822 ; security tokens of the calling client. This allows IIS to define the 823 ; security context that the request runs under. mod_fastcgi under Apache 1490 ; Use of trans sid may risk your users' security. [all …]
|
H A D | UPGRADING | 622 buffer overflows, and is not a security feature.
|
H A D | README.REDIST.BINS | 175 as part of a software package, or anywhere else to improve security,
|
/PHP-8.3/Zend/tests/ |
H A D | bug77494.phpt | 15 Warning: CURLFile() has been disabled for security reasons in %sbug77494.php on line 2 20 Warning: ErrorException() has been disabled for security reasons in %s on line %d
|
H A D | errmsg_021.phpt | 16 Warning: test() has been disabled for security reasons in %s on line %d
|
/PHP-8.3/TSRM/ |
H A D | tsrm_win32.c | 451 SECURITY_ATTRIBUTES security; in popen_ex() local 501 security.nLength = sizeof(SECURITY_ATTRIBUTES); in popen_ex() 502 security.bInheritHandle = TRUE; in popen_ex() 503 security.lpSecurityDescriptor = NULL; in popen_ex() 505 if (!type_len || !CreatePipe(&in, &out, &security, 2048L)) { in popen_ex() 539 …DuplicateTokenEx(thread_token, MAXIMUM_ALLOWED, &security, SecurityImpersonation, TokenPrimary, &t… in popen_ex() 560 …res = CreateProcessAsUserW(token_user, NULL, cmdw, &security, &security, security.bInheritHandle, … in popen_ex() 563 …res = CreateProcessW(NULL, cmdw, &security, &security, security.bInheritHandle, dwCreateFlags, env… in popen_ex()
|
/PHP-8.3/.github/ISSUE_TEMPLATE/ |
H A D | config.yml | 8 about: Please report security issues in this private bug tracker.
|
/PHP-8.3/docs/ |
H A D | input-filter.md | 8 which a company-wide or site-wide security policy can be enforced. It is 10 functions. To implement your own security policy you will need to write a 13 implement your own security policy, read on.
|
H A D | release-process.md | 154 > security fixes before this version's GA. 363 there is a new release, and highlight the major changes (e.g., security 672 * Update the `tags` array to include `'security'` if this is a security release 678 ./bin/createReleaseEntry -v X.Y.Z -r # --security for security releases 761 > If it is a security release, we must note "This is a security release." 800 * `tags` array should include `security` if this is a security release 804 highlight the major important things (security fixes) and when it is 807 * Call `php bin/createReleaseEntry -v <version> [ --security ]` in your
|
/PHP-8.3/tests/basic/ |
H A D | bug55500.phpt | 2 Bug #55500 (Corrupted $_FILES indices lead to security concern)
|
/PHP-8.3/ext/openssl/tests/ |
H A D | bug65538_002.phpt | 22 Warning: remote cafile streams are disabled for security purposes in %s on line %d
|
H A D | stream_security_level.phpt | 26 // Make sure the server side starts up successfully if the default security level is
|
/PHP-8.3/ext/standard/tests/network/ |
H A D | news.rss | 24 …evelopment team announces the immediate availability of PHP 5.4.37. Six security-related bugs were…
|
/PHP-8.3/ext/phar/ |
H A D | phar_internal.h | 596 …r_get_entry_info(phar_archive_data *phar, char *path, size_t path_len, char **error, int security); 597 …fo_dir(phar_archive_data *phar, char *path, size_t path_len, char dir, char **error, int security); 598 …me_len, char *path, size_t path_len, const char *mode, char allow_dir, char **error, int security); 599 …me_len, char *path, size_t path_len, const char *mode, char allow_dir, char **error, int security);
|
H A D | util.c | 351 …har *path, size_t path_len, const char *mode, char allow_dir, char **error, int security) /* {{{ */ in phar_get_entry_data() argument 389 … allow_dir, for_create && !PHAR_G(readonly) && !phar->is_data ? NULL : error, security)) == NULL) { in phar_get_entry_data() 396 …, path_len, for_create && !PHAR_G(readonly) && !phar->is_data ? NULL : error, security)) == NULL) { in phar_get_entry_data() 517 …har *path, size_t path_len, const char *mode, char allow_dir, char **error, int security) /* {{{ */ in phar_get_or_create_entry_data() argument 535 …== phar_get_entry_data(&ret, fname, fname_len, path, path_len, mode, allow_dir, error, security)) { in phar_get_or_create_entry_data() 1208 …ry_info(phar_archive_data *phar, char *path, size_t path_len, char **error, int security) /* {{{ */ in phar_get_entry_info() argument 1210 return phar_get_entry_info_dir(phar, path, path_len, 0, error, security); in phar_get_entry_info() 1218 …ar_archive_data *phar, char *path, size_t path_len, char dir, char **error, int security) /* {{{ */ in phar_get_entry_info_dir() argument 1234 if (security && path_len >= sizeof(".phar")-1 && !memcmp(path, ".phar", sizeof(".phar")-1)) { in phar_get_entry_info_dir()
|
/PHP-8.3/ext/exif/tests/ |
H A D | bug50845.phpt | 46 …nd (LSD-41), May 5, 2016. The vehicles were loaded to support a theater security cooperation event…
|
/PHP-8.3/ext/session/tests/user_session_module/ |
H A D | save_handler.inc | 133 // security reasons for production save handler. 156 // NOTE: This handler is mandatory for session security.
|
/PHP-8.3/ext/snmp/tests/ |
H A D | snmp-object.phpt | 97 echo "SNMPv3 (default security settings)\n"; 211 SNMPv3 (default security settings)
|
/PHP-8.3/tests/security/ |
H A D | open_basedir.inc | 14 // recommended for production use as . bypasses all semblances of security..!
|
/PHP-8.3/win32/build/ |
H A D | config.w32 | 364 ARG_ENABLE("security-flags", "Disable the compiler security flags", "yes");
|
/PHP-8.3/sapi/fpm/ |
H A D | www.conf.in | 358 ; As a security precuation, this setting will be ignored if: 416 ; Note: chrooting is a great security feature and should be used whenever 456 ;security.limit_extensions = .php .php3 .php4 .php5 .php7
|
/PHP-8.3/sapi/litespeed/ |
H A D | README.md | 18 security when mod_php is used. Usually, FastCGI PHP is not an option in shared
|