I have been wondering about the difference between Suhosin Patch and Extension? For example which one of them I should install with PHP 5.2.17 with Xcache 1.3.1 and Zend Optimizer 3.3.0.a? Should it be Suhosin Extension 0.9.32.1? Is Patch version PHP version specific Suhosin Patch 0.9.10 for PHP 5.3.4/5.3.3 and Suhosin Patch 0.9.7 in my case for PHP 5.2.17?
I also couldnt understand the clear difference between Patch and Extension from security point, how do they differ from each other?
Suhosin comes in two independent parts, that can be used separately or in combination.
The first part is a small patch against the PHP core, that implements a few low-level protections against bufferoverflows or format string vulnerabilities and the
second part is a powerful PHP extension that implements all the other protections.