date:20210805

Re: [PHP-DEV] Re: [RFC] Add parse_query_string as an alternative to parse_str

2021-08-05 Thread Kamil Tekiela

Hi Internals,

I have added implementation for
https://wiki.php.net/rfc/parse_str_alternative. If there are no other
comments, I would like to start voting on Saturday.

Regards,
Kamil

[PHP-DEV] PHP 8.1.0beta2 available for testing

2021-08-05 Thread Ben Ramsey

PHP 8.1.0beta2 has just been released and can be downloaded from:
https://downloads.php.net/~ramsey/

Or use the git tag: php-8.1.0beta2

Windows binaries are available at: https://windows.php.net/qa/

Please test it carefully, and report any bugs at https://bugs.php.net

8.1.0beta3 should be expected in 2 weeks, i.e., on Aug 19 2021.

Hash values and PGP signatures can be found below or at
https://gist.github.com/ramsey/50a79dda00c1b669ac121c89d45ee46d

Thank you, and happy testing!

Regards,
Ben Ramsey, Patrick Allaert, & Joe Watkins



php-8.1.0beta2.tar.bz2
SHA256 hash:
2f221828e463cd2956c85e063d23eb48c639c7146b8854fd7787b7222d98aea5
PGP signature:
-BEGIN PGP SIGNATURE-

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmEJSAYACgkQ+cOdwLlp
hUQXGg//e8rAe4VK8VdITY2bv8J0UAigYmw+fnFIVrSPgy04+nBfVJncp7B9YA+U
P1KEu/Mb6ckg1EIc3GqbbqNTWvqcPt2bIbV7LjPD3uQKGyG7Mc1xRws/8ryNgSBy
/C9tIQ2d0ImAahE5x+R/dmWV5hqmt70qwoie/67ie0Guwc4uAqbpORV64kQWJK8n
xg0nqaHHnmsvWxQKxufdnrOYMDQUSO7Avv8iG4x4LiW7wJ+pUC3+bpTrT80QbiCp
6PyQDAL4xleaQOa54e+5kWv7nwfm3G76DK7p1TCEeqksNq5D/c4y7DLh8KvyGlWn
U1yCJ0j61M22YLXrU07frnrKPMLKMKumIRdYf9QpLagFdTwa8LwuLb3J/mhwMpzj
XbT16KmCXFp2UMIwjV+b4qlHGr/8WoMusE+nQoCoPU1PemBqSkLN0LXGyWGbpdJb
z7V7RRmPhJl2r475c25VkGPyXm13vkNT2E7w/LNOkXrEZ+qsZK0Zf748d8+YnhUw
QHW5Y8YJ1G/2obOW+JtIi/uowHedqGzQjOxV4U5oSOvbpNKjrLAlwiokXsMLLPBF
tnmyi5AOTohlBiDx6mpmbKEbbPuY+euSsvIzMukyrpoDVj81rDSBELddeIVMwH20
gkLTM4qk0lP1+T7KU0Y6hImF8a/FWMODsBJhQCNs/Y9mTpR/urY=
=LUI8
-END PGP SIGNATURE-


php-8.1.0beta2.tar.gz
SHA256 hash:
fa01ebf8e1d06fdef0eb0cd41093f1c27d8fd10073c00aa1c36c88bcde67d9c7
PGP signature:
-BEGIN PGP SIGNATURE-

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmEJSAYACgkQ+cOdwLlp
hUTJAg//UNp5QP7EKXEbDTj/RjpzDCwLWty/dZfUIKY2ruRuCSAOHdqbOk24Ghgn
/1ikwkhAiCJEJZrMSmdu1YjLa1ekCVGWuIrIZm/Hcfwoc04BPor/2g7g0HMayWfy
BFbR/nK0/X7adtiScPKwAEWfrUSgGo4FC/5/rzwmfLMVRh5euYNTB1NfQmm81SjD
3azlvrtUgpdN9X6y9ozd0wGD2swFWgsE3TWSWoVLPtqzrsgY8Cw8Y2QVTVrY7TBF
/YJCpbgP/Nf2Ie0QBnit14jUa1Vj9U+oXpejCI38NZAUOelEXUFxA/RfYUjQOoED
+W993ORr5jSkYFXGgeyEq1Yw1eZYIgF5BAkroeDctktLzUFMXuYWvNf2URw3h4NQ
6Earj8cnIOXz274uEHBAYsNpaQJLtZBy6S6qBqPU2/yvYC/+PfOw+F0QVqmhPL2e
4X1ocl7dal/Kp/lRREhWIEnICzbiMCIrMw5AtEozrKS8+F7O4x45WCiqVhTDrgrs
CY0DClxvieFUDi80tXagSKhbsNeXfefBXjJjxJl4cJsd8MA7d+JMLeRZFPsWXhAk
0Tn5FQFabw4rjIusbrvYZcvNvA5V6fvLjh1ALDaOfp1KA1hNm9SIWcOWgkloeoy3
/B/C9Cz0adY/VFPuzQ6X1A5jCPRc27y5uiqJk4rfRHbCB76sE/Y=
=jyMp
-END PGP SIGNATURE-


php-8.1.0beta2.tar.xz
SHA256 hash:
c0b8d45639f171fcbbaaf6b239a4759126130cf14628eaf74c4916408cb16ce0
PGP signature:
-BEGIN PGP SIGNATURE-

iQIzBAABCAAdFiEEObZBND2MEEsrFG3D+cOdwLlphUQFAmEJSAYACgkQ+cOdwLlp
hURETA//cA7tX5hPD3cxnSJiwPecrNW0b52+bMZUqwMspzo8/ztPv1QWDIXpKMPa
5tQKlbEe05Ds7k5q/QDXs+wrogYrWTlStbfii8/xzj/ozQnKxTq+rHcJXhitXQ0K
gleZhe6E03lfmfiY1fGBpzrOzGlvhyZE6rCcqJwQQYRoKXTLuWSDStU8Xpi5sC+M
bf2bNGAEFbeicYUUQnHEOpeT5dWVNz0b/kQCkBMNTYBia8caUmqapKcIz2l0IRCo
l0qf7yAZBvtlfFVbO3U4RBYdDhNdtmFKX37oOuFao5HfEKfji+/1PgHGG6jSeVSM
UPpFb+bfUDF9ZdD/RD6U/Cf9fnD9l5xrTJ0q52bYq+7znpcDHz6koS/yLmnTiftC
20FI7JvU4wwDev8vzBw5Ls8ScSpE4A+HPUnkd+Olr6k73UYUtgsyQB/bzoh9VfVj
f3QMXGBRlZsHurOdDrc/y958U5Ei1gmEkvoIaMJHPE6mHCm8JydQDW2OnGKx8tIB
5OgrjSoD2Vwgh2pkTIAYbdNkdeKehBn2cHcTYvksn9Ly3ica+W5+0OYmzSqgBcg+
D3SUfWa9LfdxUnLP73olcoNwtGE69Fjkp2nWBIu/3AEeIkJxHXZp/6FyFQ2LXZLS
gri6xWqPvy3iEAwY6YLu3SWB8Z8xG0L/gYlL8V5gljTqXmw9UJI=
=1bbK
-END PGP SIGNATURE-

-- 
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php

[PHP-DEV] Minor security improvement

2021-08-05 Thread Remi Collet


In phar default signature is still SHA-1
which is no more considered add secure


Proposal: switch to SHA256 by default

https://github.com/php/php-src/pull/7341

Old algo are not removed, at least they
are required to check old archives.

Perhaps could make sense to raise a warning
when used


In smp, auth protocol only support MD5 and SHA-1

rfc-7860 recommends SHA256 and SHA512

https://github.com/php/php-src/pull/7342


As minor self-contained change, probably don't
worth an RFC.


Please comment on PR


Remi

--
PHP Internals - PHP Runtime Development Mailing List
To unsubscribe, visit: https://www.php.net/unsub.php

Re: [PHP-DEV] Re: [RFC] Add parse_query_string as an alternative to parse_str

[PHP-DEV] PHP 8.1.0beta2 available for testing

[PHP-DEV] Minor security improvement

3 matches

Site Navigation

Mail list logo

Footer information