[php-maint] Bug#471324: libapache2-mod-php5: please document that PHP is suhosin-patched

Marc Haber mh+debian-bugs at zugschlus.de
Mon Mar 17 08:54:46 UTC 2008 

Package: libapache2-mod-php5
Version: 5.2.5-3
Severity: minor

Hi,

php5 has the suhosin patch applied. This is, however, not documented
in the package description. It should be documented as some PHP
application authors do not support their software if run on PHP-suhosin.

Greetings
Marc

debianfoo:~# HEAD http://localhost/apache2-default/s9y/1.2
200 OK
Cache-Control: no-cache, pre-check=0, post-check=0
Connection: close
Date: Mon, 17 Mar 2008 08:50:46 GMT
Pragma: no-cache
Server: Apache/2.2.8 (Debian) PHP/5.2.5-3 with Suhosin-Patch
Content-Type: text/html; charset=UTF-8
Expires: 0
Client-Date: Mon, 17 Mar 2008 08:50:46 GMT
Client-Peer: 127.0.0.1:80
Client-Response-Num: 1
Set-Cookie: PHPSESSID=5ae78a7d6bab14e40e06695b0b7fb2ef; path=/
Set-Cookie: PHPSESSID=c3c82a42459b6c3b38f6067f82b98097; path=/
X-Blog: Serendipity
X-Powered-By: PHP/5.2.5-3
X-Session-Reinit: true

debianfoo:~# apt-cache show libapache2-mod-php5 | grep suhosin
debianfoo:~# apt-cache show libapache2-mod-php5
Package: libapache2-mod-php5
Priority: optional
Section: net
Installed-Size: 5556
Maintainer: Debian PHP Maintainers <pkg-php-maint at lists.alioth.debian.org>
Architecture: i386
Source: php5
Version: 5.2.5-3
Provides: phpapi-20060613+lfs
Depends: apache2-mpm-prefork (>> 2.0.52) | apache2-mpm-itk,
apache2.2-common, libbz2-1.0, libc6 (>= 2.7-1), libcomerr2 (>=
1.33-3), libdb4.6, libkrb53 (>= 1.6.dfsg.2), libmagic1, libpcre3 (>=
7.4), libssl0.9.8 (>= 0.9.8f-5), libxml2 (>= 2.6.28), mime-support (>=
2.03-1), php5-common (= 5.2.5-3), ucf, zlib1g (>= 1:1.1.4)
Suggests: php-pear, php5-timezonedb
Conflicts: libapache2-mod-php4
Filename: pool/main/p/php5/libapache2-mod-php5_5.2.5-3_i386.deb
Size: 2551524
MD5sum: bd950540d6fac16490029206bb8d1dab
SHA1: 9c75b246236e4007037c94109db1603349ca4902
SHA256: 377b2e82a5200d1fc85d7901a555c335400dd92374083ebea852bae01cfa1585
Description: server-side, HTML-embedded scripting language (Apache 2
module)
 This package provides the PHP5 module for the Apache 2 webserver (as
 found in the apache2-mpm-prefork package).  Please note that this package
 ONLY works with Apache's prefork MPM, as it is not compiled thread-safe.
 .
 The following extensions are built in: bcmath bz2 calendar ctype date dba
 dom exif filter ftp gettext hash iconv json libxml mbstring mime_magic
 openssl pcre posix Reflection session shmop SimpleXML soap sockets SPL
 standard sysvmsg sysvsem sysvshm tokenizer wddx xml xmlreader xmlwriter zip
 zlib.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly.
 Homepage: http://www.php.net/
 Tag: role::shared-lib, suite::apache
 Task: web-server

debianfoo:~#

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.24-1-686 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages libapache2-mod-php5 depends on:
ii  apache2-mpm-prefork   2.2.8-3            Traditional model for Apache HTTPD
ii  apache2.2-common      2.2.8-3            Next generation, scalable, extenda
ii  libbz2-1.0            1.0.4-4            high-quality block-sorting file co
ii  libc6                 2.7-9              GNU C Library: Shared libraries
ii  libcomerr2            1.40.8-2           common error description library
ii  libdb4.6              4.6.21-6           Berkeley v4.6 Database Libraries [
ii  libkrb53              1.6.dfsg.3~beta1-3 MIT Kerberos runtime libraries
ii  libmagic1             4.23-2             File type determination library us
ii  libpcre3              7.6-2              Perl 5 Compatible Regular Expressi
ii  libssl0.9.8           0.9.8g-7           SSL shared libraries
ii  libxml2               2.6.31.dfsg-2      GNOME XML library
ii  mime-support          3.40-1.1           MIME files 'mime.types' & 'mailcap
ii  php5-common           5.2.5-3            Common files for packages built fr
ii  ucf                   3.005              Update Configuration File: preserv
ii  zlib1g                1:1.2.3.3.dfsg-11  compression library - runtime

libapache2-mod-php5 recommends no packages.

-- no debconf information

More information about the pkg-php-maint mailing list