Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 350232 - php/suhosin: patch for 5.3.4 available
Summary: php/suhosin: patch for 5.3.4 available
Status: RESOLVED FIXED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: PHP Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2010-12-31 15:39 UTC by Hanno Böck
Modified: 2011-01-05 14:12 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Hanno Böck gentoo-dev 2010-12-31 15:39:42 UTC 
upstream suhosin has now a patch for 5.3.4:
http://www.hardened-php.net/suhosin/download.html

Beside that, I'd suggest we find a better way for php releases without a suhosin-patch available. I was a bit surprised that it got silently disabled with a 5.3.4 update without even a warning. Not what you'd expect if you explicitely enable a security feature with a use flag.
Comment 1 Ole Markus With (RETIRED) gentoo-dev 2010-12-31 16:07:08 UTC 
we could let suhosin block unsupported php versions. afaik, that should prevent av upgrade of php.

i'll try to prepare a revbump with suhosin next week.
Comment 2 Ole Markus With (RETIRED) gentoo-dev 2011-01-05 14:12:06 UTC 
Fixed in php-5.3.4-r1