Исходное сообщение
"Уязвимость в библиотеке PharStreamWrapper, затрагивающая Dru..." Отправлено Аноним, 11-Май-19 08:41
https://github.com/nbs-system/snuffleupagus - Close to zero performance impact - Powerful yet simple to write virtual-patching rules - Killing several classes of vulnerabilities   * Unserialize-based code execution   * mail-based code execution   * Cookie-stealing XSS   * File-upload based code execution   * Weak PRNG   * XXE - Several hardening features   * Automatic secure and samesite flag for cookies   * Bundled set of rules to detect post-compromissions behaviours   * Global strict mode and type-juggling prevention   * Whitelisting of stream wrappers   * Preventing writeable files execution   * Whitelist/blacklist for eval   * Enforcing TLS certificate validation when using curl   * Request dumping capability - A relatively sane codebase:   * A comprehensive testsuite   * Every commit is tested on several distributions   * An clang-format-enfored code style   * A comprehensive documentation   * Usage of coverity