[wp-trac] [WordPress Trac] #39309: Secure WordPress Against Infrastructure Attacks

WordPress Trac noreply at wordpress.org
Tue Jan 17 06:28:18 UTC 2017

#39309: Secure WordPress Against Infrastructure Attacks
 Reporter:  paragoninitiativeenterprises  |       Owner:
     Type:  enhancement                   |      Status:  new
 Priority:  normal                        |   Milestone:  Future Release
Component:  Upgrade/Install               |     Version:  trunk
 Severity:  normal                        |  Resolution:
 Keywords:  has-patch                     |     Focuses:

Comment (by rmccue):

 Replying to [comment:14 paragoninitiativeenterprises]:
 > Given that `hash()` is supposed to be in PHP 5.1.2 and newer, anyone
 using something as old as 5.2.4 should still have it:

 Note that it can be disabled, which is the bigger concern:

 That said...

 > Either way, I'd agree with not supporting systems without ext/hash.

 ...I also agree. `--disable-hash` seems like enough of an edge case that
 we need not bother thinking about it.

Ticket URL: <https://core.trac.wordpress.org/ticket/39309#comment:15>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform

More information about the wp-trac mailing list