Date: Sat, 26 Sep 2009 14:06:46 -0400 From: Jerry <gesbbb@yahoo.com> To: freebsd-questions@freebsd.org Subject: Re: Warning: PHP Update from 5.2.10 to 5.2.11 and FastCGI Message-ID: <20090926140646.12921239@scorpio.seibercom.net> In-Reply-To: <h9lj9l$6si$1@ger.gmane.org> References: <h9lj9l$6si$1@ger.gmane.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 26 Sep 2009 13:34:25 -0400 Michael Powell <nightrecon@hotmail.com> wrote: > Today I did a portupgrade of PHP from 5.2.10 to 5.2.11. > > This broke both lighttpd and Apache web servers, on which I run PHP > as FastCGI. I do not know if this affects those who use mod_php as I > do not use it. I use mod_fcgid instead. > > Execute php -v at a prompt and it will spew the following and > segfault. > > testbed suhosin[48982]: ALERT - canary mismatch on efree() - heap > overflow detected (attacker 'REMOTE_ADDR not set', file 'unknown') > > If you are using FastCGI the workaround is to do make config in > lang/php5 and deselect the Suhosin option. There is something very > broken in the Suhosin patch as far as CLI and FastCGI is concerned. > > -Mike No problems on my machines. PHP 5.2.11 with Suhosin-Patch 0.9.7 (cli) (built: Sep 24 2009 19:08:59) Copyright (c) 1997-2009 The PHP Group Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies Did you rebuild all of the ports that depend on PHP? I used portmanager with the '-p' option to update all dependencies. portmanager -u -l -y -p That should get everything working.Update you ports system first however. -- Jerry gesbbb@yahoo.com A life spent in search of the perfect hash brownie is a life well spent.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090926140646.12921239>