Disabling the Suhosin patch by default in Debian Wheezy (Debian Testing)
Lior Kaplan
kaplanlior at gmail.com
Sun Feb 26 01:29:48 IST 2012
Well, as a new member on the Debian PHP team I could say that maintaining
the patch took a lot of time. Each reported PHP problem was needed to
understand whether it's because of the patch or not.
Also, the upstream for the patch isn't very nice/cooperative so we decided
to skip it. Another issue is having future versions support, as (AFAIK)
there's not PHP 5.4 version of the patch, which is a problem as we we work
towards uploading it as soon as it becomes an official version.
Kaplan
On Sat, Feb 25, 2012 at 11:21 PM, Omer Zak <w1 at zak.co.il> wrote:
> Today, when I upgraded my old PC, which is running Debian Testing
> (currently Debian Wheezy), I was informed of the following:
>
> php5 (5.3.9-4) unstable; urgency=low
>
> * The Suhosin patch is now disabled in the default build.
>
> If you want to re-enable it again for your installation, you can
> set the option PHP5_SUHOSIN=yes in debian/rules and recompile PHP.
>
> -- Ondřej Surý <ondrej at debian.org> Sat, 28 Jan 2012 08:39:36 +0100
>
> Does anyone know why did the packers decide to reverse the previous
> policy of installing PHP5 with the Suhosin patch by default?
>
> As far as I know, it would be rather inconvenient for a busy sysadmin to
> re-enable the Suhosin patch in PHP5 and rebuild it. Also, what'll
> happen if a newer version is released for the package (especially due to
> newly discovered security vulnerabilities)?
>
> --- Omer
>
>
> --
> PHP - the language of the Vogons.
> My own blog is at http://www.zak.co.il/tddpirate/
>
> My opinions, as expressed in this E-mail message, are mine alone.
> They do not represent the official policy of any organization with which
> I may be affiliated in any way.
> WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html
>
>
> _______________________________________________
> Linux-il mailing list
> Linux-il at cs.huji.ac.il
> http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.cs.huji.ac.il/pipermail/linux-il/attachments/20120226/beb76e06/attachment.html>
More information about the Linux-il
mailing list