PHP 5.3.6 suhosin patch / PECL extension
Ryan Schmidt
ryandesign at macports.org
Mon Apr 11 12:22:19 PDT 2011
On Apr 11, 2011, at 09:57, FabD [ML] wrote:
> I'm wondering if the suhosin patch will be available soon (seems not).
You can visit the Suhosin web page and see that they have not released a version of the Suhosin patch that is compatible with PHP 5.3.6:
http://www.hardened-php.net/suhosin/download.html
If you would like one, you should request it from them. Once it is available, I will be happy to update the php5 port with it.
> I've noticed that dotdeb (an alternative Debian repository) provide
> suhosin for php 5.3.6 as a pecl extension (or seems to be). May be
> Macports should provide the suhosin patch in the same way (just an
> idea) ?
As was pointed out, MacPorts has the Suhosin PHP extension in the separate php5-suhosin port.
But please understand that the Suhosin PHP hardening patch and the Suhosin PHP extension are two separate things, which serve different purposes. Read about it on their web site:
http://www.hardened-php.net/suhosin/
"Suhosin comes in two independent parts, that can be used separately or in combination. The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the second part is a powerful PHP extension that implements all the other protections."
More information about the macports-users
mailing list