PHP Classes


Recommend this page to a friend!

      PHP Classes blog  >  PHP Vulnerability May...  >  All threads  >  Suhosin  >  (Un) Subscribe thread alerts  
Summary:Do it.
Author:John Kawakami
Date:2012-01-13 04:20:04
Update:2012-01-13 04:36:38

  1. Suhosin   Reply   Report abuse  
Picture of John Kawakami John Kawakami - 2012-01-13 04:36:38
I recommend Suhosin. It has solved a lot of problems for me. It's not as safe as using some kind of virtual server or jail, but it's pretty close.

  2. Re: Suhosin   Reply   Report abuse  
Picture of Bishop Olis Bishop Olis - 2012-01-13 08:35:54
This PHP vulnerability is officially named CVE-2011-4885 . It's a unique identifier. Redhat's own internal ticket number for this one, for instance only, is at or, the same ticket under both names. RH, again for example, has released an updated PHP kit at

But just go update your PHP installs. It's an apt-get upgrade and you're done. You should have this automated (based on your patch policy). And if you hand-compile your own stuff and spray files all over your system, well, you're probably used to watching ocert like a hawk and emerging things on 20 boxes at once as a hobby ;-)