diff options
| author | Jakub Zelenka <bukka@php.net> | 2019-12-08 17:57:17 +0000 |
|---|---|---|
| committer | Jakub Zelenka <bukka@php.net> | 2019-12-08 17:57:17 +0000 |
| commit | ac042f839f4c4a2b8241fa69f8f3b01766814f1e (patch) | |
| tree | 6e27b0e21201c3784590b093a576d37c2a9c4a82 | |
| parent | aba070e6308519be6b44e2ec6d153bb8b1e08371 (diff) | |
| download | php-git-ac042f839f4c4a2b8241fa69f8f3b01766814f1e.tar.gz | |
Fix bug #78916 (php-fpm 7.4.0 don't send mail via mail())
| -rw-r--r-- | NEWS | 2 | ||||
| -rw-r--r-- | sapi/fpm/php-fpm.service.in | 5 |
2 files changed, 3 insertions, 4 deletions
@@ -22,6 +22,8 @@ PHP NEWS . Fixed bug #76601 (Partially working php-fpm ater incomplete reload). (Maksim Nikulin) . Fixed bug #78889 (php-fpm service fails to start). (Jakub Zelenka) + . Fixed bug #78916 (php-fpm 7.4.0 don't send mail via mail()). + (Jakub Zelenka) - Mysqlnd: . Fixed bug #78823 (ZLIB_LIBS not added to EXTRA_LIBS). (Arjen de Korte) diff --git a/sapi/fpm/php-fpm.service.in b/sapi/fpm/php-fpm.service.in index f58ea08af8..eab81300b7 100644 --- a/sapi/fpm/php-fpm.service.in +++ b/sapi/fpm/php-fpm.service.in @@ -24,9 +24,6 @@ ProtectHome=true # Mounts the /usr, /boot, and /etc directories read-only for processes invoked by this unit. ProtectSystem=full -# Ensures that the service process and all its children can never gain new privileges -NoNewPrivileges=true - # Sets up a new /dev namespace for the executed processes and only adds API pseudo devices # such as /dev/null, /dev/zero or /dev/random (as well as the pseudo TTY subsystem) to it, # but no physical devices such as /dev/sda. @@ -55,7 +52,7 @@ RestrictRealtime=true # Restricts the set of socket address families accessible to the processes of this unit. # Protects against vulnerabilities such as CVE-2016-8655 -RestrictAddressFamilies=AF_INET AF_INET6 AF_UNIX +RestrictAddressFamilies=AF_INET AF_INET6 AF_NETLINK AF_UNIX # Takes away the ability to create or manage any kind of namespace RestrictNamespaces=true |