[wp-trac] [WordPress Trac] #39309: Secure WordPress Against Infrastructure Attacks
WordPress Trac
noreply at wordpress.org
Tue Apr 16 00:38:50 UTC 2019
#39309: Secure WordPress Against Infrastructure Attacks
------------------------------------------+-----------------------
Reporter: paragoninitiativeenterprises | Owner: pento
Type: task (blessed) | Status: assigned
Priority: normal | Milestone: 5.2
Component: Upgrade/Install | Version: 4.8
Severity: critical | Resolution:
Keywords: has-patch | Focuses:
------------------------------------------+-----------------------
Comment (by dd32):
Looking at [attachment:"39309-preemptive-softfail.patch"] I agree it's the
correct way to go, except I don't think we want a new string here.
[attachment:"39309-phpbug.diff"] uses the same error/string "unavailable
on this system" and adds an extra conditional of "the opcache must be
enabled" - Turns out it wasn't on my original test system, which is why
it took me longer than i'd have liked to track down the failure.
If we want to add specific "Don't use this version of PHP" we should do
that in the Health check functionality, apparently the early versions of
PHP 7.3 also had issue with WordPress and popular plugins causing
segfaults/etc.
--
Ticket URL: <https://core.trac.wordpress.org/ticket/39309#comment:76>
WordPress Trac <https://core.trac.wordpress.org/>
WordPress publishing platform
More information about the wp-trac
mailing list