Hi all,
In case y'all haven't heard, there's this mega-evil hash table DDoS
domesday thing? Right. The NY PHP list pointed out that the problem can
be handled deftly on PHP servers by using the Suhosin extension (not the
patch) with the suhosin.request.max_vars setting (default should work).
http://www.hardened-php.net/suhosin/
More on this issue:
http://seclists.org/fulldisclosure/2011/Dec/486
--
Yitzchak Schaffer
Systems Manager
Touro College Libraries
212.742.8770 ext. 2432
http://www.tourolib.org/
