[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#400966: Patch, security

I'm submitting the following patch, result of many corrections thanks to tests 
on all release architectures and kfreebsd-i386.

Seriously, this is an untested patch which I think is quite important to apply 
for Etch. We released Sarge without the PHP version recommended by upstream, 
and thankfully upstream provided security support for PHP 4 up to now, but 
shipping PHP 4 "by default" in Etch doesn't look good, given the state of 
upstream security in general and the time since PHP 4 was replaced. It is too 
late to remove PHP 4 from Etch but I expect it to have inappropriate support 
similar to what happened in woody, so we should avoid making it the default 
Please let me know if you have a reason not to apply this patch.
--- web-server	2005-08-24 21:40:18.000000000 -0400
+++ web-server.5	2007-03-02 18:04:18.000000000 -0500
@@ -9,7 +9,7 @@
 Packages: task-fields
- libapache2-mod-php4
+ libapache2-mod-php5

Reply to: