[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: php vulnerabilities

On Wed, Dec 22, 2004 at 12:25:26AM -0200, Henrique de Moraes Holschuh wrote:
On Tue, 21 Dec 2004, Michael Stone wrote:
Why would we get rid of apache 1.3?

We wouldn't. Nor would we get rid of php4.  I was just being sarcastic.

The two programs are different cases. I think a reasonable question has
been raised, and debian does need to come up with a better solution for
dealing with packages which will not be maintainable over the course of
a stable release. Apache doesn't meet that criterion because its
upstream is very good about documenting security problems & their
specific fixes. Other programs, well, aren't so good.

Mike Stone

Reply to: