Re: Web server with PHP setup & mod-ssl

To: debian-user@lists.debian.org
Subject: Re: Web server with PHP setup & mod-ssl
From: Colin Watson <cjwatson@debian.org>
Date: Thu, 29 Jan 2004 17:45:36 +0000
Message-id: <[🔎] 20040129174536.GE12915@riva.ucam.org>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 097DBAA3-527D-11D8-81B4-0050E466B453@steinrogan.com>
References: <20040128182440.8D9F5EA7D@murphy.debian.org> <[🔎] 097DBAA3-527D-11D8-81B4-0050E466B453@steinrogan.com>

On Thu, Jan 29, 2004 at 12:03:19PM -0500, Danny O'Brien wrote:
> Here's the spec: 
> 
> Kernel2.4.18-bf2.4 
> Apache1.3.26-0woo 
> openssl0.9.6c-2.wo 
> postgres7.2.1-2wood 
> php4.1.2-6wood 
> 
> My questions: 
> 
> - does "apt-get upgrade" always provide the most secure versions? The 
> reason I ask is: 
> 
> - Apache 1.3.26 seems ancient -- is this an OK version to run? I have 
> executed apt-get upgrade, and apt.conf is set for "stable." 
> 
> - also, openssl is up to 0.9.6 "l" -- 0.9.6 "c" also seems ancient. 

We patch security problems in older versions in the stable suite rather
than upgrading them wholesale. See:

  http://www.debian.org/security/faq#version

You can look in /usr/share/doc/<package>/changelog.Debian.gz to find a
record of these changes as applied.

> - My previous build ran mod-ssl. However, there is no mod-ssl package 
> in Debian. Has anyone installed mod-ssl under Debian, or is there a 
> better program for this function? 

That's the libapache-mod-ssl package.

Cheers,

-- 
Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to:

References:
- Web server with PHP setup & mod-ssl
  - From: Danny O'Brien <dannyo@steinrogan.com>

Prev by Date: Re: disregard post re: sound!
Next by Date: RE: Email client programs
Previous by thread: Web server with PHP setup & mod-ssl
Next by thread: Re: Web server with PHP setup & mod-ssl
Index(es):
- Date
- Thread