Can you use a PHP 5.3.7 suhosin-patch on PHP 5.3.8?

670 views Asked by At

I am building a custom PHP rpm for PHP 5.3.8. Unfortunately, suhosin's download site does not have a 0.9.10 5.3.8 patch while they do for 5.3.7 (http://www.hardened-php.net/suhosin/download.html).

Looking at PHP.net's changelog for 5.3.7, extremely little changed in 5.3.8, mostly fixes for some issue in 5.3.7. Does anyone know if it would be safe to deploy a 5.3.7 suhosin patch to 5.3.8 seeing the two PHP builds are so similar?

I see some distros like CentOS have a PHP 5.3.8 package with suhosin patch 0.9.10, so I am assuming they've managed to make it work somehow.

Cheers,

Tim

1

There are 1 answers

0
NikiC On BEST ANSWER

Yes, it should be safe. 5.3.8 fixed only two issues in 5.3.7 (a crypt and a mysqlnd+ssl problem).

But you should reconsider applying the Suhosin patch. Nowadays there is little necessity for it, as the important changes are already in PHP itself.