[php-maint] Suhosin patch yes or no for 5.4
sean finney
seanius at debian.org
Sun Jan 22 05:18:49 UTC 2012
Hi,
On Thu, Jan 19, 2012 at 06:47:09PM +0100, Ondřej Surý wrote:
> I would like to start discussion whether we want to apply suhosin patch
> for 5.4 php series or not.
I have some mixed feelings about it. my gut is telling me at this point
we should just drop it given the amount of headaches it's caused us (both
technical and social w.r.t. both upstream and the patch author). on top
of that, support for more "exotic" architectures has always been somewhat
of a crapshoot, i.e. mysterious bus errors (alignment, usually) on sparc,
random segfaults when the patch falls out of date with upstream internal
changes, etc.
If we do drop it and people start screaming, we also have the option of
shipping the most up to date version of the patch but not included in
debian/series, and providing some easy way for people to compile it in
(like what we do with PHP_COMPAT). Conversely, if we kept it but enough
people complained we could do the same but with a different default
value :)
sean
More information about the pkg-php-maint
mailing list