forked from pool/roundcubemail
Aeneas Jaißle
482045f6a9
- update to 1.6.8 This is a security update to the stable version 1.6 of Roundcube Webmail. It provides fixes to recently reported security vulnerabilities: * Fix XSS vulnerability in post-processing of sanitized HTML content [CVE-2024-42009] * Fix XSS vulnerability in serving of attachments other than HTML or SVG [CVE-2024-42008] * Fix information leak (access to remote content) via insufficient CSS filtering [CVE-2024-42010] - For further changes, see https://github.com/roundcube/roundcubemail/releases/tag/1.6.8 OBS-URL: https://build.opensuse.org/request/show/1191891 OBS-URL: https://build.opensuse.org/package/show/server:php:applications/roundcubemail?expand=0&rev=174
23 lines
1.0 KiB
PHP
23 lines
1.0 KiB
PHP
php_admin_flag display_errors off
|
|
php_admin_flag log_errors on
|
|
#php_admin_value error_log logs/errors
|
|
|
|
php_admin_flag magic_quotes_gpc off
|
|
php_admin_flag magic_quotes_runtime off
|
|
php_admin_flag register_globals off
|
|
php_admin_flag suhosin.session.encrypt off
|
|
php_admin_flag zlib.output_compression off
|
|
|
|
php_admin_value upload_max_filesize 5M
|
|
php_admin_value post_max_size 6M
|
|
php_admin_value memory_limit 64M
|
|
|
|
php_admin_flag session.auto_start off
|
|
#php_admin_value session.cookie_path /
|
|
#php_admin_value session.hash_function sha256
|
|
php_admin_value session.gc_maxlifetime 21600
|
|
php_admin_value session.gc_divisor 500
|
|
php_admin_value session.gc_probability 1
|
|
# http://bugs.php.net/bug.php?id=30766
|
|
php_admin_value mbstring.func_overload 0
|