#20681: php-5.3.0 introduce variant 'suhosin' which adds the suhosin _patch_ ---------------------------------------+------------------------------------ Reporter: Markus.Ueberall@… | Owner: ryandesign@… Type: enhancement | Status: assigned Priority: Normal | Milestone: Component: ports | Version: 1.7.1 Keywords: | Port: php5 ---------------------------------------+------------------------------------ Changes (by ryandesign@…): * owner: ryandesign@… => ryandesign@… * status: new => assigned Comment: Replying to [ticket:20681 Markus.Ueberall@…]:
The attached patch for the 'php5' Portfile introduces a new variant which will retrieve and apply the suhosin _patch_ ("[which] implements a few low-level protections against buffer overflows or format string vulnerabilities"), cf. http://www.hardened-php.net/suhosin/
These sound like valuable changes. Can anyone explain why they are (for some time now, as I understand it) distributed separately from PHP by separate people, and not part of the PHP core source code? -- Ticket URL: <http://trac.macports.org/ticket/20681#comment:2> MacPorts <http://www.macports.org/> Ports system for Mac OS