[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: wheezy still missing php5-suhosin

Andrew McGlashan wrote:
> Now, php5-suhosin provides some real protection against programming
> problems that could very easily exist and it is not uncommon to see
> messages from Debian stable installs reporting bugs / vulnerabilities
> detected by suhosin....

The question isn't whether the suhosin patch did good with older PHP
versions.  The question is whether newer PHP versions benefit as much
from it.  Because in recent years AIUI many of the features of suhosin
were merged into the mainline PHP.  And supporting suhosin isn't easy.
At least some other distros have also stopped supporting it too.

> Will php5-suhosin be re-instated any time soon?  And if not, what
> measures can we take to protect Wheezy servers now?

Here is a good place to read up on the current state of PHP plus
suhosin in Debian.


It is a long thread with a lot of references to research.  Grab a
comfortable chair and a stimulating beverage.


Attachment: signature.asc
Description: Digital signature

Reply to: