[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Installing PHP4


Well, I went to www.debian.org, clicked Debian Packages, then
clicked Search package directories and typed mod_ssl in the
search boxes with every option available and got ...

    No responses to your query.

Go figure!


                    Matt Zimmerman                                                                                                         
                    <mdz@debian.or       To:     debian-s390@lists.debian.org                                                              
                    g>                   cc:                                                                                               
                    Sent by: Matt        Subject:     Re: Installing PHP4                                                                  
                    04:35 PM                                                                                                               

On Thu, Sep 18, 2003 at 04:13:00PM -0500, Dennis Wicks wrote:

> Silly me! I thought it would be named mod_ssl!
> No hits on debian.org for anything by that name!


I went to packages.debian.org, typed "mod_ssl" into the search box and
checked "descriptions".

> No, I don't care about version numbers per se, but between mod_ssl for
> Apache 1.3.26 and the current one for Apache 1.3.28 there have been
> several bugfixes and one security fix, so why would anyone install the
> one that has bugs and security problems, especially when the package is a
> security feature???

You mean this security fix?

dijkstra:[/tmp/libapache-mod-ssl-2.8.9] head debian/changelog
libapache-mod-ssl (2.8.9-2.1) stable-security; urgency=high

  * Non-maintainer upload by Security Team
  * Applied patch from Joe Orton to fix cross site scripting through
    hostnames (CAN-2002-1157)

 -- Martin Schulze <joey@infodrom.org>  Tue, 15 Oct 2002 21:05:37 +0200

Which is included in Debian woody?  This is another version-number
misunderstanding which is addressed by the security team FAQ:


 - mdz

To UNSUBSCRIBE, email to debian-s390-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact

Reply to: