Artificial truth

The more you see, the less you believe.

[archives] [latest] | [homepage] | [atom/rss/twitter]

Snuffleupagus 0.5.0 - Elephant Flats
Wed 12 June 2019 — download

snuffleupagus logo

We just published a new release of Snuffleupagus, the 0.5.0, named Elephant Flats, after a mud flat in Antarctica, where some glorious Elephant seals are peacefully living.

This release was done by kkadosh, and doesn't come with any major new feature, but a couple of bugfixes, a lot of internal improvements, and a coverage now close to 100%!

Changelog

Improvements

  • Tighten a bit a command-injection prevention rule in the default rules set
  • Increased the portability of the testsuite
  • Improved documentation
  • Usual code cleanup
  • Snuffleupagus will throw an informative error when compiled for PHP5
  • Snuffleupagus will throw an informative error when compiled without PCRE support
  • The testsuite is now run on Alpine, Fedora, Debian and Ubuntu.
  • Some rules against now-known vulnerabilities/techniques were added

Bug fixes

  • PHP7.4 is fully supported, without any compilation warning
  • Snuffleupagus can now be used with PHP compiled without sessions support as a builtin (which is the case on Alpine).
  • Fix a compilation warning on FreeBSD
  • Cookies hardening is now supported on PHP7.3+

As usual, if you want to help, we have some low hanging fruits

See you in your PHP stack!