summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--NEWS7
-rwxr-xr-xUPGRADING5
2 files changed, 12 insertions, 0 deletions
diff --git a/NEWS b/NEWS
index 82d4ca1572..c01b43ed7b 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,12 @@
PHP NEWS
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
+?? ??? 2013, PHP 5.5.3
+
+- Sessions:
+ . Implemented strict sessions RFC (https://wiki.php.net/rfc/strict_sessions)
+ which protects against session fixation attacks and session collisions.
+ (Yasuo Ohgaki)
+
?? ??? 2013, PHP 5.5.2
- Core:
diff --git a/UPGRADING b/UPGRADING
index 14e19aa583..4985665a0f 100755
--- a/UPGRADING
+++ b/UPGRADING
@@ -412,6 +412,11 @@ None
ext/mysqli to be used with the new auth protocol, although at
coarser level.
+- Sessions:
+ - Added session.use_strict_mode in 5.5.3, which prevents session
+ fixation attacks and session collisions.
+ See also https://wiki.php.net/rfc/strict_sessions
+
- Zend OPcache (See http://php.net/manual/en/book.opcache.php)
- Added the following directives:
- opcache.enable (default "1")
View Lorry Controller Status