I just published a new release of
Snuffleupagus,
the hardening module for php7+ and php8+,
version 0.10.0, codename "Babar the Elephant",
named the eponymous character.
The main new feature is the PHP8.3 support, but there are a couple of
quality-of-life improvements for people using Snuffleupagus with fuzzers as
well.
Changelog
- Compatibility with PHP8.3
- Add
sp.log_max_lento limit the maximum size of the log messages - Add an example configuration for Xenforo 2.2.12
- Url encode functions arguments when logging them
- Fix a possible NULL-byte truncation when outputting parameters in the logs
- Make
readonly_execplay nice on readonly filesystems
As usual, if you want to help, we have some low hanging fruits ♥
See you in your PHP stack!