The problem is that adding anything suhosin related to the php.ini file does not seem to work.
Joomla and WPMU and other PHP applications regularly seem to cause FATAL errors in the php version with Suhosin. For example: [Thu Jul 09 12:13:23 2009] [error] [client 192.168.0.55] ALERT - canary mismatch on efree() - heap overflow detected (attacker '192.168.0.55', file '/webstuff/canalblogs/wp-admin/index-extra.php'), referer: http://canalplan.blogdns.com/wp-admin/ These errors happen at random times and on random files so its suggesting its not just down to bad coding by the developers. Once this has happened then Apache stops serving php files and just offers them for download. So the statement that all the suhosin patch for php5 is doing is providing "logging functions" doesn't seem to tie in with what people are seeing. I'm now faced with having to download new sources for php5 and recompile without the suhosin patch each time you release a new version. Which seems rather counter productive. -- Unable to remove Suhosin patch https://bugs.launchpad.net/bugs/315507 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
