Re: Installing PHP4

To: debian-s390@lists.debian.org
Subject: Re: Installing PHP4
From: Matt Zimmerman <mdz@debian.org>
Date: Thu, 18 Sep 2003 17:35:58 -0400
Message-id: <[🔎] 20030918213558.GA10052@alcor.net>
Mail-followup-to: debian-s390@lists.debian.org
In-reply-to: <[🔎] OF4E858C5B.8DE47605-ON86256DA5.00700E64-86256DA5.00748BE5@cdg.ws>
References: <[🔎] OF4E858C5B.8DE47605-ON86256DA5.00700E64-86256DA5.00748BE5@cdg.ws>

On Thu, Sep 18, 2003 at 04:13:00PM -0500, Dennis Wicks wrote:

> Silly me! I thought it would be named mod_ssl!
> No hits on debian.org for anything by that name!

http://packages.debian.org/cgi-bin/search_packages.pl?keywords=mod_ssl&searchon=all&subword=1&version=stable&release=all

I went to packages.debian.org, typed "mod_ssl" into the search box and
checked "descriptions".

> No, I don't care about version numbers per se, but between mod_ssl for
> Apache 1.3.26 and the current one for Apache 1.3.28 there have been
> several bugfixes and one security fix, so why would anyone install the old
> one that has bugs and security problems, especially when the package is a
> security feature???

You mean this security fix?

dijkstra:[/tmp/libapache-mod-ssl-2.8.9] head debian/changelog 
libapache-mod-ssl (2.8.9-2.1) stable-security; urgency=high

  * Non-maintainer upload by Security Team
  * Applied patch from Joe Orton to fix cross site scripting through
    hostnames (CAN-2002-1157)

 -- Martin Schulze <joey@infodrom.org>  Tue, 15 Oct 2002 21:05:37 +0200

Which is included in Debian woody?  This is another version-number
misunderstanding which is addressed by the security team FAQ:

http://www.debian.org/security/faq#version

-- 
 - mdz

Reply to:

References:
- Re: Installing PHP4
  - From: "Dennis Wicks" <dennisw@cdg.ws>

Prev by Date: Re: Installing PHP4
Next by Date: Re: Installing PHP4
Previous by thread: Re: Installing PHP4
Next by thread: Re: Installing PHP4
Index(es):
- Date
- Thread