[php-maint] Bug#654439: Release state of suhosin for wheezy

Ondřej Surý ondrej at debian.org
Sat Jan 14 10:11:38 UTC 2012

>> Anyways ... actuall it looks like the whole suhosin project is some kind of
>> abandoned.  We got not response to mailing the upstream maintainer, the
>> forum[1] is broken and no new releases since ages, but a security problem
>> is open since long time, see #631283 [2].
>> The question which comes to my mind is: "Do we want to ship weezy with
>> software under such bad conditions?"
>> [1] http://forum.hardened-php.net/
>> [2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=631283
> any statement from your point of view about release state of suhosin. We
> (maintainers of php-suhosin) think php-suhosin is definetly not in shape to be
> released at the moment. How do you see this for the patch you are carring in
> php5?

It doesn't seem to be that abandoned to me:

http://www.hardened-php.net/suhosin/download.html (new release for 5.3.9)

But yeah there was only recent activity on the github.

Anyway the suhosin *patch* is probably not that aggressive as the module.

Ondřej Surý <ondrej at sury.org>

More information about the pkg-php-maint mailing list