[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Web server with PHP setup & mod-ssl

On Thu, Jan 29, 2004 at 12:03:19PM -0500, Danny O'Brien wrote:
> Here's the spec: 
> Kernel2.4.18-bf2.4 
> Apache1.3.26-0woo 
> openssl0.9.6c-2.wo 
> postgres7.2.1-2wood 
> php4.1.2-6wood 
> My questions: 
> - does "apt-get upgrade" always provide the most secure versions? The 
> reason I ask is: 
> - Apache 1.3.26 seems ancient -- is this an OK version to run? I have 
> executed apt-get upgrade, and apt.conf is set for "stable." 
> - also, openssl is up to 0.9.6 "l" -- 0.9.6 "c" also seems ancient. 

We patch security problems in older versions in the stable suite rather
than upgrading them wholesale. See:


You can look in /usr/share/doc/<package>/changelog.Debian.gz to find a
record of these changes as applied.

> - My previous build ran mod-ssl. However, there is no mod-ssl package 
> in Debian. Has anyone installed mod-ssl under Debian, or is there a 
> better program for this function? 

That's the libapache-mod-ssl package.


Colin Watson                                  [cjwatson@flatline.org.uk]

Reply to: