Today I did a portupgrade of PHP from 5.2.10 to 5.2.11.
This broke both lighttpd and Apache web servers, on which I run PHP as
FastCGI. I do not know if this affects those who use mod_php as I do not use
it. I use mod_fcgid instead.
Execute php -v at a prompt and it will spew the following and segfault.
testbed suhosin: ALERT - canary mismatch on efree() - heap overflow
detected (attacker 'REMOTE_ADDR not set', file 'unknown')
If you are using FastCGI the workaround is to do make config in lang/php5
and deselect the Suhosin option. There is something very broken in the
Suhosin patch as far as CLI and FastCGI is concerned.
firstname.lastname@example.org mailing list
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"