On Thu, Feb 02, 2012 at 03:14:56PM +0100, Stefan Esser wrote: > BTW: You should really really look into the history of PHP security and check for each of the last 8 years how many features were in Suhosin and later merged into PHP because of some nasty security problem. > You will see that at least 2 features of Suhosin per year were merged into PHP. If that’s the case, then you have nothing to worry about. As more and more Suoshin features are merged into mainline PHP, Debian’s PHP package will get more and more secure. That’s the way it happens for many other packages, I fail to see why PHP should be treated differently. -- Andrea Bolognani <firstname.lastname@example.org> Resistance is futile, you will be garbage collected.
Description: Digital signature