Bug#400966: Patch, security

To: 400966@bugs.debian.org
Subject: Bug#400966: Patch, security
From: Filipus Klutiero <cheal@hotpop.com>
Date: Fri, 2 Mar 2007 18:12:41 -0500
Message-id: <[🔎] 200703021812.41942.cheal@hotpop.com>
Reply-to: Filipus Klutiero <cheal@hotpop.com>, 400966@bugs.debian.org

I'm submitting the following patch, result of many corrections thanks to tests 
on all release architectures and kfreebsd-i386.

Seriously, this is an untested patch which I think is quite important to apply 
for Etch. We released Sarge without the PHP version recommended by upstream, 
and thankfully upstream provided security support for PHP 4 up to now, but 
shipping PHP 4 "by default" in Etch doesn't look good, given the state of 
upstream security in general and the time since PHP 4 was replaced. It is too 
late to remove PHP 4 from Etch but I expect it to have inappropriate support 
similar to what happened in woody, so we should avoid making it the default 
version.
Please let me know if you have a reason not to apply this patch.

--- web-server	2005-08-24 21:40:18.000000000 -0400
+++ web-server.5	2007-03-02 18:04:18.000000000 -0500
@@ -9,7 +9,7 @@
 Packages: task-fields
 Packages-list:
  apache2-doc
- libapache2-mod-php4
+ libapache2-mod-php5
  libapache2-mod-perl2
  libapache2-mod-python
  analog

Reply to:

Prev by Date: Bug#413060: marked as done ((no subject))
Next by Date: Bug#412903: install-report
Previous by thread: Bug#410143: marked as done (Dell XPS M1210 laptop installation report)
Next by thread: Bug#412903: install-report
Index(es):
- Date
- Thread