[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#662637: php5-suhosin in Debian

On 07/16/2013 06:29 PM, Filipus Klutiero wrote:

Hi Karl,

before we publish an entry on Suhosin, something needs to happen. Suhosin is still in unstable.
#662637 would be the place to discuss whether that should stay the case. I wouldn't call a project
which still has to come to life as "dead", but I would agree that this pregnancy isn't promising. If
Suhosin is unusable, I don't see why we wouldn't remove it from unstable.
Thanks for your reply, My concern is that while I know it has to be removed on a wheezy server, there is some amount of security that it did provide that is now missing - and I don't think it has been obsoleted in the updates of php.
If this was some other package, it would be of little interest, but when security appears to be going backwards, it gets my attention. 

I have not seen anywhere any analysis of the impact on security, now that this package is missing.


--------------------------------------------------------------------------------
Karl Schmidt                                  EMail Karl@xtronics.com
Transtronics, Inc.                              WEB http://secure.transtronics.com
3209 West 9th Street                             Ph (785) 841-3089
Lawrence, KS 66049                              FAX (785) 841-0434

If a man gives no thought about what is
distant, he will find sorrow near at hand.
Confucius

--------------------------------------------------------------------------------
Reply to: