[wp-trac] [WordPress Trac] #39309: Secure WordPress Against Infrastructure Attacks
    WordPress Trac 
    noreply at wordpress.org
       
    Tue Apr 16 00:38:50 UTC 2019
    
    
  
#39309: Secure WordPress Against Infrastructure Attacks
------------------------------------------+-----------------------
 Reporter:  paragoninitiativeenterprises  |       Owner:  pento
     Type:  task (blessed)                |      Status:  assigned
 Priority:  normal                        |   Milestone:  5.2
Component:  Upgrade/Install               |     Version:  4.8
 Severity:  critical                      |  Resolution:
 Keywords:  has-patch                     |     Focuses:
------------------------------------------+-----------------------
Comment (by dd32):
 Looking at [attachment:"39309-preemptive-softfail.patch"] I agree it's the
 correct way to go, except I don't think we want a new string here.
 [attachment:"39309-phpbug.diff"] uses the same error/string "unavailable
 on this system" and adds an extra conditional of "the opcache must be
 enabled"  - Turns out it wasn't on my original test system, which is why
 it took me longer than i'd have liked to track down the failure.
 If we want to add specific "Don't use this version of PHP" we should do
 that in the Health check functionality, apparently the early versions of
 PHP 7.3 also had issue with WordPress and popular plugins causing
 segfaults/etc.
-- 
Ticket URL: <https://core.trac.wordpress.org/ticket/39309#comment:76>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
    
    
More information about the wp-trac
mailing list