Re: Installing PHP4
On Thu, Sep 18, 2003 at 04:13:00PM -0500, Dennis Wicks wrote:
> Silly me! I thought it would be named mod_ssl!
> No hits on debian.org for anything by that name!
I went to packages.debian.org, typed "mod_ssl" into the search box and
> No, I don't care about version numbers per se, but between mod_ssl for
> Apache 1.3.26 and the current one for Apache 1.3.28 there have been
> several bugfixes and one security fix, so why would anyone install the old
> one that has bugs and security problems, especially when the package is a
> security feature???
You mean this security fix?
dijkstra:[/tmp/libapache-mod-ssl-2.8.9] head debian/changelog
libapache-mod-ssl (2.8.9-2.1) stable-security; urgency=high
* Non-maintainer upload by Security Team
* Applied patch from Joe Orton to fix cross site scripting through
-- Martin Schulze <email@example.com> Tue, 15 Oct 2002 21:05:37 +0200
Which is included in Debian woody? This is another version-number
misunderstanding which is addressed by the security team FAQ: