FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
suphp 0.7.2_1 www on this many watch lists=14 search for ports that depend on this port An older version of this port was marked as vulnerable.
Broken BROKEN: : Error from bsd.apache.mk. apache24 is installed (or APACHE_PORT is defined) and port requires apache22 at most
Ignore IGNORE: is marked as broken: : Error from bsd.apache.mk. apache24 is installed (or APACHE_PORT is defined) and port requires apache22 at most
Securely execute PHP scripts under Apache
Maintained by: bdrewery@FreeBSD.org search for ports maintained by this maintainer
Port Added: 25 Jun 2003 06:51:25
License: not specified in port


suPHP is a combination of an Apache module (mod_suphp) and an
executable which provides a wrapper for PHP. With both
together, it is possible to execute PHP scripts with the
permissions of their owner without having to place a PHP
binary in each user's cgi-bin directory. suPHP doesn't need
Apache's suExec, provides a logging function and support for
different php.ini's. 

WWW: http://www.suphp.org/
SVNWeb : Main Web Site : Distfiles Availability : PortsMon

NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Required To Build:
  1. www/apache24
  2. devel/automake
  3. devel/autoconf
Required To Run:
  1. lang/php5
  2. www/apache24
There are no ports dependent upon this port

To install the port: cd /usr/ports/www/suphp/ && make install clean

A package is not available for ports marked as: Forbidden / Broken / Ignore / Restricted


Configuration Options
===> The following configuration options are available for suphp-0.7.2_1:
     DOCS=on: Build and/or install documentation
===> Use 'make config' to modify these settings

Master Sites:
  1. http://distcache.FreeBSD.org/local-distfiles/bdrewery/suphp/
  2. http://distcache.FreeBSD.org/ports-distfiles/
  3. http://distcache.eu.FreeBSD.org/local-distfiles/bdrewery/suphp/
  4. http://distcache.us-east.FreeBSD.org/local-distfiles/bdrewery/suphp/
  5. http://distcache.us-west.FreeBSD.org/local-distfiles/bdrewery/suphp/
  6. http://mirror.shatow.net/freebsd/suphp/
  7. http://www.suphp.org/download/
Notes from UPDATING
These upgrade notes are taken from /usr/ports/UPDATING
  • 2009-03-18
    Affects: users of www/suphp
    Author: yzlin@cs.nctu.edu.tw
    Reason: 
      The suPHP port has been upgraded to 0.7.x. This new version of suPHP has
      some new features and changes for the configuration file:
    
        - Multiple path (with patterns) & variable substitution support for
          docroots
        - Double-quoted strings at section '[handlers]'
          ex. application/x-httpd-php="php:/usr/local/bin/php-cgi"
    
      These changes may lead to internal server error if without modifications
      of the configuration file from previous version.
    
    
Port Moves
  • port deleted on 2014-01-17
    REASON: Has expired: Upstream dead, EOL: https://lists.marsching.com/pipermail/suphp/2013-May/002554.html

Number of commits found: 59

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
04 Aug 2014 20:49:11
Original commit files touched by this commit  0.7.2_1
Revision:364053
amdmi3 search for other commits by this committer
- Switch to USES=libtool

Approved by:	portmgr blanket
29 Jul 2014 17:12:50
Original commit files touched by this commit  0.7.2_1
Revision:363362
adamw search for other commits by this committer
Rename all patches that contain '::' as a path separator, and use
'__' instead.
15 Jul 2014 17:09:35
Original commit files touched by this commit  0.7.2_1
Revision:361980
adamw search for other commits by this committer
Add DOCS to OPTIONS_DEFINE to ports that check for PORT_OPTIONS:MDOCS.
10 Apr 2014 11:43:14
Original commit files touched by this commit  0.7.2_1
Revision:350797
bdrewery search for other commits by this committer
Bring back SuPHP.

Quite a few users still depend on this and are getting it from untrusted
sources. Its security track record is actually pretty good still.

SuPHP is still the simplest solution for shared hosting.

Other vendors still provide this as well.

- Add a pkg-message explaining the situation and advising users to move
  away from this if possible.
- Stage
- Take maintainership
17 Jan 2014 01:17:19
Original commit files touched by this commit  0.7.2
Revision:340004
rene search for other commits by this committer
Remove expied ports:
2013-12-17 www/suphp: Upstream dead, EOL:
https://lists.marsching.com/pipermail/suphp/2013-May/002554.html
2013-12-16 databases/postgis: EOLed upstream
20 Sep 2013 23:36:54
Original commit files touched by this commit  0.7.2
Revision:327776
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
www)
17 Aug 2013 16:40:12
Original commit files touched by this commit  0.7.2
Revision:324854
bdrewery search for other commits by this committer
- Mark DEPRECATED as upstream is dead and has marked this EOL [1],
  which is not good for a port that is supposed to improve security.
  Suggest using nginx+php-fpm with a separate user for each site.

[1] https://lists.marsching.com/pipermail/suphp/2013-May/002554.html
17 Aug 2013 16:32:41
Original commit files touched by this commit  0.7.2
Revision:324852
bdrewery search for other commits by this committer
- Reset yzlin's ports

With hat:	portmgr
22 Jul 2013 13:24:05
Original commit files touched by this commit  0.7.2
Revision:323445
bdrewery search for other commits by this committer
- Update suPHP to 0.7.2
- Document possible privilege escalation

Approved by:	maintainer timeout
Security:	2fbfd455-f2d0-11e2-8a46-000d601460a4
22 Sep 2012 21:15:51
Original commit files touched by this commit  0.7.1_5
Revision:304723 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- USE_APACHE= s/22+/22/
- adopt new Makefile header

Port build fails on local exp-run with apache24 with
 error: 'conn_rec' has no member named 'remote_ip'

or various other apache22 specific functions/parameters

with hat apache@
18 Aug 2012 14:29:11
Original commit files touched by this commit  0.7.1_5
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
- remove www/apache20 and devel/apr0
- s/USE_APACHE= 20+/USE_APACHE= 22+/
- unify s/YES/yes/
- cleanup APACHE_VERSION <= 22 usage
- add entry to MOVED

with hat apache@
20 Jun 2012 01:30:36
Original commit files touched by this commit  0.7.1_5
 This port version is marked as vulnerable.
fluffy search for other commits by this committer
- Unbroke with clang/gcc47+ by use restrictive C++ construction
- Declare that code use gnu89 style
- No PORTREVISION bump, users with base gcc not affected

PR:             168579
Submitted by:   myself
Approved by:    maintainer timeout (> 2 weeks)
Obtained from:  PkgSrc repo
20 Aug 2011 17:27:52
Original commit files touched by this commit  0.7.1_5
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
 - bump PORTREVISION from ports if USE_APACHE=13+ or 20+ is defined
22 Feb 2011 00:05:41
Original commit files touched by this commit  0.7.1_4
 This port version is marked as vulnerable.
ohauer search for other commits by this committer
  - fix pkg-plist if installed from port (leftover in httpd.conf)
  - remove MD5 from distfile

PR:             ports/154754
Submitted by:   myself
Approved by:    maintainer timeout
22 Dec 2010 20:05:49
Original commit files touched by this commit  0.7.1_3
 This port version is marked as vulnerable.
ade search for other commits by this committer
Sync to final (for now) bsd.autotools.mk
04 Dec 2010 07:34:27
Original commit files touched by this commit  0.7.1_3
 This port version is marked as vulnerable.
ade search for other commits by this committer
Sync to new bsd.autotools.mk
16 Oct 2010 11:52:47
Original commit files touched by this commit  0.7.1_3
 This port version is marked as vulnerable.
ade search for other commits by this committer
Punt autoconf267->autoconf268
05 Oct 2010 19:57:56
Original commit files touched by this commit  0.7.1_3
 This port version is marked as vulnerable.
ade search for other commits by this committer
Round one migration of ports from automake{19,110} to automake111
15 Sep 2010 18:35:24
Original commit files touched by this commit  0.7.1_3
 This port version is marked as vulnerable.
ade search for other commits by this committer
Autotools update.   Read ports/UPDATING 20100915 for details.

Approved by:    portmgr (for Mk/bsd.port.mk part)
Tested by:      Multiple -exp runs
06 Jun 2010 03:37:03
Original commit files touched by this commit  0.7.1_2
 This port version is marked as vulnerable.
yzlin search for other commits by this committer
- Work with apache2/apr changes

PR:             ports/146914
Submitted by:   Anish Mistry <amistry AT am-productions.biz>
13 May 2010 00:54:57
Original commit files touched by this commit  0.7.1_1
 This port version is marked as vulnerable.
pgollucci search for other commits by this committer
- Chase the www/apache20 conversion to devel/pcre only.

Reported by:    pointyhat via pav, erwin
With Hat:       apache@
12 May 2010 13:21:12
Original commit files touched by this commit  0.7.1_1
 This port version is marked as vulnerable.
yzlin search for other commits by this committer
- Fix build error

Approved by:    lwhsu/rafan (mentors, implicit)
Reported by:    pointyhat
02 Aug 2009 19:36:34
Original commit files touched by this commit  0.7.1
 This port version is marked as vulnerable.
mezz search for other commits by this committer
-Repocopy devel/libtool15 -> libtool22 and libltdl15 -> libltdl22.
-Update libtool and libltdl to 2.2.6a.
-Remove devel/libtool15 and devel/libltdl15.
-Fix ports build with libtool22/libltdl22.
-Bump ports that depend on libltdl22 due to shared library version change.
-Explain what to do update in the UPDATING.

It has been tested with GNOME2, XFCE4, KDE3, KDE4 and other many wm/desktop
and applications in the runtime.

With help:      marcus and kwm
Pointyhat-exp:  a few times by pav
Tested by:      pgollucci, "Romain Tartière" <romain@blogreen.org>, and
                a few MarcusCom CVS users. Also, I might have missed a few.
Repocopy by:    marcus
Approved by:    portmgr
29 Jul 2009 12:59:14
Original commit files touched by this commit  0.7.1
 This port version is marked as vulnerable.
yzlin search for other commits by this committer
- Change to my mail address at FreeBSD.org

Approved by:    lwhsu (mentor)
20 Mar 2009 07:33:13
Original commit files touched by this commit  0.7.1
 This port version is marked as vulnerable.
lwhsu search for other commits by this committer
- Update to 0.7.1

PR:             ports/132768
Submitted by:   Yi-Jheng Lin <yzlin AT cs.nctu.edu.tw> (maintainer)
09 Feb 2009 21:04:06
Original commit files touched by this commit  0.7.0
 This port version is marked as vulnerable.
miwi search for other commits by this committer
- Update to 0.7.0
- Pass maintainership to submitter

PR:             131451
Submitted by:   Yi-Jheng Lin <yzlin@cs.nctu.edu.tw>
20 Nov 2008 11:06:24
Original commit files touched by this commit  0.6.3
 This port version is marked as vulnerable.
koitsu search for other commits by this committer
Maintainer moved to ports@FreeBSD.org.
20 Aug 2008 00:57:32
Original commit files touched by this commit  0.6.3
 This port version is marked as vulnerable.
ade search for other commits by this committer
Conversion from (now defunct) autoconf-2.61 to autoconf-2.62

Tested by:      exp build run (erwin)
30 Mar 2008 22:49:07
Original commit files touched by this commit  0.6.3
 This port version is marked as vulnerable.
koitsu search for other commits by this committer
- Update to 0.6.3, to address security holes pertaining to symlinks
  when running in "owner" mode (the default).
  http://lists.marsching.biz/pipermail/suphp/2008-March/001750.html

Security:      
http://lists.marsching.biz/pipermail/suphp/2008-March/001750.html
26 Mar 2008 16:41:30
Original commit files touched by this commit  0.6.2
 This port version is marked as vulnerable.
koitsu search for other commits by this committer
* Pipe is not slash.  *sigh*
26 Mar 2008 16:25:20
Original commit files touched by this commit  0.6.2
  Sanity Test Failure This port version is marked as vulnerable.
koitsu search for other commits by this committer
* Maintainer freebsd@jdc.parodius.com --> koitsu@FreeBSD.org (I'm both)
* Add some redundancy fetch locations to MASTER_SITE_LOCAL.
12 Dec 2007 17:27:49
Original commit files touched by this commit  0.6.2
 This port version is marked as vulnerable.
koitsu search for other commits by this committer
Fix for previous commit; user reported privately that Apache would print
"Cannot get media type from 'x-httpd-php'" as a warning in the ErrorLog.  Issue
caused by incorrect AddType syntax.

This commit fixes the pkg-message syntax described, as well as the example
suphp.conf to reflect the proper type (value "application/x-httpd-php", not
"x-httpd-php").

Submitted by:   <dark@aspu.ru>
11 Dec 2007 20:38:59
Original commit files touched by this commit  0.6.2
 This port version is marked as vulnerable.
koitsu search for other commits by this committer
Upgrade to suPHP 0.6.2.  This upgrade is quite major; it introduces
numerous features necessary for hosting, adds the use of a configuration
file (vs. compile-time settings) for configuration details, and is
presently supported by the software author.

Changes to httpd.conf are required for this to work, otherwise PHP
content is offered for download and not parsed.  pkg-message contains
full migration details, but here's the simple version:

suPHP 0.5.2                            suPHP 0.6.2
===========                            ===========
AddType application/x-httpd-php .php   AddType x-httpd-php .php
AddHandler x-httpd-php .php            suPHP_AddHandler x-httpd-php

Tested on RELENG_6 and RELENG_7, using Apache 2.0 and 2.2, with the
help of the PR submitter.

Testing for Apache 1.3 was not performed, thus the port requires the
use of 2.0 or later.  suPHP 0.6.2 does support Apache 1.3, but I'll
need someone running 1.3 to work with me on fixing the port to support
it, if desired.

PR:             ports/116281
Submitted by:   Vladimir Korkodinov <viper@perm.raid.ru>
10 May 2006 22:23:14
Original commit files touched by this commit  0.5.2_2
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Fix for recent PHP changes, correct path to php-cgi binary
- Add user-overridable variable SUPHP_PATH
- Cosmetics

PR:             ports/97047
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com> (maintainer)
06 May 2006 14:31:30
Original commit files touched by this commit  0.5.2_1
 This port version is marked as vulnerable.
ale search for other commits by this committer
Fix or remove obsolate or broken ways to depend on php.
08 Apr 2006 12:56:16
Original commit files touched by this commit  0.5.2_1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Add support for Apache 2.2

PR:             ports/94034
Submitted by:   Craig Boston <craig@yekse.gank.org>
Approved by:    Jeremy Chadwick <freebsd@jdc.parodius.com> (maintainer)
24 Jan 2006 03:14:23
Original commit files touched by this commit  0.5.2_1
 This port version is marked as vulnerable.
edwin search for other commits by this committer
SHA256ify

Approved by: krion@
04 Dec 2005 00:18:15
Original commit files touched by this commit  0.5.2_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- prepare removal of www/apache2 in favor of www/apache20 for naming
  consistency
- add entries in UPDATING (for apache22 too)

PR:             ports/78119
Repocopied by:  marcus
28 Oct 2004 18:29:16
Original commit files touched by this commit  0.5.2_1
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Avoid make -C fixing build on FreeBSD 4.8 and older
- Expand CONFLICTS
- Style

PR:             ports/73226
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com> (maintainer)
12 Aug 2004 09:31:51
Original commit files touched by this commit  0.5.2_1
 This port version is marked as vulnerable.
vs search for other commits by this committer
- Fix "make -C"-issues
- Unregister from Apache through apxs on deinstall
- Cleanup

PR:             ports/70345
Submitted by:   Jeremy Chadwick (maintainer)
27 Jul 2004 07:48:41
Original commit files touched by this commit  0.5.2
 This port version is marked as vulnerable.
vs search for other commits by this committer
Needs 'make -C', available since 4.9.

PR:             ports/69624
Submitted by:   Jeremy Chadwick (maintainer)
23 Jul 2004 07:29:47
Original commit files touched by this commit  0.5.2
 This port version is marked as vulnerable.
arved search for other commits by this committer
Change logic of the LOGFILE path:
        Assuming the user DOES NOT specify the
        LOG_PATH variable upon build (by default, it's empty).
        The logfile will end up in / (a.k.a. /suphp.log)

PR:             69334
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com>
17 Jul 2004 17:34:03
Original commit files touched by this commit  0.5.2
 This port version is marked as vulnerable.
pav search for other commits by this committer
- Unbreak on 4.x: adapt make(1) syntax

PR:             ports/69139
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com> (maintainer)
15 Jul 2004 22:13:36
Original commit files touched by this commit  0.5.2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 0.5.2
  Add a workaroung to make it work with apache 2 (due to an apr bug)
  (so be careful)
- Pass maintainership to submitter

PR:             ports/69048
Submitted by:   Jeremy Chadwick <freebsd@jdc.parodius.com>
29 Jun 2004 12:21:20
Original commit files touched by this commit  0.5.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- s/--enable-setid-mode/--with-setid-mode/

Reported by:    Andries Filmer <andries@netexpo.nl>
29 Jun 2004 10:40:08
Original commit files touched by this commit  0.5.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Add WITH_LOGNAME and WITH_LOGPATH knobs.
  I kept LOG_NAME to not break POLA (Will be removed for next release).

Requested by:   Dennis Koster <dennis@phlex.net>
20 Mar 2004 12:38:50
Original commit files touched by this commit  0.5.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
Fix mispelled CONFIGURE_ARGS option

Spotted by:     Johan Mulder <johan@localhost.nl>
25 Feb 2004 11:47:24
Original commit files touched by this commit  0.5.1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update to 0.5.1

This version is mainly a bugfix release, fixing a bug causing a
segmentation fault in the Apache 2 module and improving the handling
of environment variables. Instead of setting unneeded / unwanted
environment variables to an empty string, they are now completely
removed from the environment.
07 Feb 2004 17:16:21
Original commit files touched by this commit  0.5_2
 This port version is marked as vulnerable.
clement search for other commits by this committer
- SIZEify distinfo
04 Feb 2004 05:10:27
Original commit files touched by this commit  0.5_2
 This port version is marked as vulnerable.
marcus search for other commits by this committer
Bump PORTREVISION on all ports that depend on gettext to aid with upgrading.

(Part 1)
14 Jan 2004 20:28:58
Original commit files touched by this commit  0.5_1
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Fix suPHP.
- Bump PORTREVISION

Noticed by:         Starhost.nl - N.Elsten <elsten@starhost.nl>
Approved by:        erwin (mentor) (implicitly)
13 Jan 2004 15:04:51
Original commit files touched by this commit  0.5
 This port version is marked as vulnerable.
clement search for other commits by this committer
- Update my email address

Approved and reviewed by:    erwin (mentor)
11 Jan 2004 15:53:56
Original commit files touched by this commit  0.5
 This port version is marked as vulnerable.
clement search for other commits by this committer
Update to 0.5
now suPHP supports apache2.

Approved by:    erwin (mentor) (implicitly)
07 Nov 2003 09:12:58
Original commit files touched by this commit  0.3.1
 This port version is marked as vulnerable.
marcus search for other commits by this committer
Use the new Apache bits from bsd.port.mk.

Submitted by:   dinoex
07 Oct 2003 00:49:16
Original commit files touched by this commit  0.3.1
 This port version is marked as vulnerable.
leeym search for other commits by this committer
Update to 0.3.1

PR:             57681
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org>
Release
25 Aug 2003 12:13:36
Original commit files touched by this commit  0.3
 This port version is marked as vulnerable.
edwin search for other commits by this committer
[update] www/suphp: update to 0.3 and fix a security leak introduced with
previous patch

        - update to 0.3
        - add a workaround to don't use getpwuid to performs check for apache
user (since 4.x
          doesn't support getpwuid_r).
        - use %%DOCSDIR%%

PR:             ports/55952
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org>
17 Jul 2003 04:35:53
Original commit files touched by this commit  0.2.3_1
 This port version is marked as vulnerable.
daichi search for other commits by this committer
fix www/suphp:
  - fix critical problem, due to wrong dependency.
    lang/php4-cli -> www/php4-cgi

PR:             54558
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org> (maintainer)
30 Jun 2003 04:56:55
Original commit files touched by this commit  0.2.3
 This port version is marked as vulnerable.
daichi search for other commits by this committer
update www/suphp: 0.2.2 --> 0.2.3
    * update suphp to 0.2.3
    * fix bento build (apxs related problem)
    * Separate build/install stages for mod_suphp

PR:             53873
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org>
Pointed out by: bento via kris
25 Jun 2003 06:50:53
Original commit files touched by this commit  0.2.2_1
 This port version is marked as vulnerable.
daichi search for other commits by this committer
Add suphp 0.2.2,
suPHP is a combination which provides a wrapper
for PHP.

PR:             42790
Submitted by:   Clement Laforet <sheepkiller@cultdeadsheep.org>

Number of commits found: 59

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
phpmyadminSep 13
ossec-hids-clientSep 11
ossec-hids-localSep 11
ossec-hids-serverSep 11
chromiumSep 09
trafficserverSep 05
apache22*Sep 03
apache22-event-mpm*Sep 03
apache22-itk-mpm*Sep 03
apache22-peruser-mpm*Sep 03
apache22-worker-mpm*Sep 03
chromiumAug 26
fileAug 21
py-djangoAug 21
py-django-develAug 21

5 vulnerabilities affecting 12 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds


Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24092
Broken 121
Deprecated 93
Ignore 386
Forbidden 17
Restricted 205
No CDROM 94
Vulnerable 21
Expired 7
Set to expire 88
Interactive 0
new 24 hours 3
new 48 hours22
new 7 days51
new fortnight137
new month246

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.