Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 26 Sep 2009 14:06:46 -0400
From:      Jerry <>
Subject:   Re: Warning: PHP Update from 5.2.10 to 5.2.11 and FastCGI
Message-ID:  <>
In-Reply-To: <h9lj9l$6si$>
References:  <h9lj9l$6si$>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Sat, 26 Sep 2009 13:34:25 -0400
Michael Powell <> wrote:

> Today I did a portupgrade of PHP from 5.2.10 to 5.2.11. 
> This broke both lighttpd and Apache web servers, on which I run PHP
> as FastCGI. I do not know if this affects those who use mod_php as I
> do not use it. I use mod_fcgid instead.
> Execute php -v at a prompt and it will spew the following and
> segfault.
> testbed suhosin[48982]: ALERT - canary mismatch on efree() - heap
> overflow detected (attacker 'REMOTE_ADDR not set', file 'unknown') 
> If you are using FastCGI the workaround is to do make config in
> lang/php5 and deselect the Suhosin option. There is something very
> broken in the Suhosin patch as far as CLI and FastCGI is concerned.
> -Mike

No problems on my machines.

PHP 5.2.11 with Suhosin-Patch 0.9.7 (cli) (built: Sep 24 2009 19:08:59) 
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.2.0, Copyright (c) 1998-2009 Zend Technologies

Did you rebuild all of the ports that depend on PHP? I used portmanager
with the '-p' option to update all dependencies.

	portmanager -u -l -y -p

That should get everything working.Update you ports system first


A life spent in search of the perfect hash brownie is a life well spent.

Want to link to this message? Use this URL: <>