I received this CERT Advisory about 6 hours ago, regarding PHP.
The php website confirms the details: www.php.net
I think this is going to be a problem for us, due to the way
the Debian packaging works -
We upgraded to Apache 1.3.19-1 for security reasons.
Package dependencies meant we ended
On Thursday, 2002-02-28 at 08:37:45 -, Jeff wrote:
I received this CERT Advisory about 6 hours ago, regarding PHP.
The php website confirms the details: www.php.net
I think this is going to be a problem for us, due to the way
the Debian packaging works -
We upgraded to Apache
Does apt from potato (0.3.19) support Pinning? I don't think so. Thus,
you will need to upgrade your apt manually first.
--
Dmitry Borodaenko
On Thu, Feb 28, 2002 at 10:37:00AM +0100, Lupe Christoph wrote:
If you want to run more up to date packages, you have to
get them from the testing,
On Thu, Feb 28, 2002 at 01:25:25PM +0200, Dmitry Borodaenko wrote:
Does apt from potato (0.3.19) support Pinning? I don't think so. Thus,
you will need to upgrade your apt manually first.
On Thu, Feb 28, 2002 at 10:37:00AM +0100, Lupe Christoph wrote:
If you want to run more up to date
Previously Andrew Suffield wrote:
The normal solution in debian is to backport a fix to stable. I see
php.org has a patch for php 4.0.6, this can probably be backported to
4.0.3/4.0.5 fairly easily.
Already done. Before being able to make a php security fix we need
to fix the ABI changes in
Andrew Suffield wrote:
Installing unstable packages is in no sense a solution, for
people doing serious security setups.
What should be realised of course, is that Apache recommended
moving to 1.3.19 and quite some time ago 1.3.23 - so while you
might consider the packaging to be unstable,
On Thu, Feb 28, 2002 at 08:37:45AM -, Jeff wrote:
I received this CERT Advisory about 6 hours ago, regarding PHP.
The php website confirms the details: www.php.net
I think this is going to be a problem for us, due to the way
the Debian packaging works -
I guess that the immediate
I received this CERT Advisory about 6 hours ago, regarding PHP.
The php website confirms the details: www.php.net
I think this is going to be a problem for us, due to the way
the Debian packaging works -
We upgraded to Apache 1.3.19-1 for security reasons.
Package dependencies meant we ended
On Thursday, 2002-02-28 at 08:37:45 -, Jeff wrote:
I received this CERT Advisory about 6 hours ago, regarding PHP.
The php website confirms the details: www.php.net
I think this is going to be a problem for us, due to the way
the Debian packaging works -
We upgraded to Apache 1.3.19-1
Does apt from potato (0.3.19) support Pinning? I don't think so. Thus,
you will need to upgrade your apt manually first.
--
Dmitry Borodaenko
On Thu, Feb 28, 2002 at 10:37:00AM +0100, Lupe Christoph wrote:
If you want to run more up to date packages, you have to
get them from the testing, aka
On Thu, Feb 28, 2002 at 01:25:25PM +0200, Dmitry Borodaenko wrote:
Does apt from potato (0.3.19) support Pinning? I don't think so. Thus,
you will need to upgrade your apt manually first.
On Thu, Feb 28, 2002 at 10:37:00AM +0100, Lupe Christoph wrote:
If you want to run more up to date
Previously Andrew Suffield wrote:
The normal solution in debian is to backport a fix to stable. I see
php.org has a patch for php 4.0.6, this can probably be backported to
4.0.3/4.0.5 fairly easily.
Already done. Before being able to make a php security fix we need
to fix the ABI changes in
Andrew Suffield wrote:
Installing unstable packages is in no sense a solution, for
people doing serious security setups.
What should be realised of course, is that Apache recommended
moving to 1.3.19 and quite some time ago 1.3.23 - so while you
might consider the packaging to be unstable, the
On Thu, Feb 28, 2002 at 02:56:02PM -, Jeff wrote:
Andrew Suffield wrote:
Installing unstable packages is in no sense a solution, for
people doing serious security setups.
What should be realised of course, is that Apache recommended
moving to 1.3.19 and quite some time ago 1.3.23 - so
On Thu, Feb 28, 2002 at 08:37:45AM -, Jeff wrote:
I received this CERT Advisory about 6 hours ago, regarding PHP.
The php website confirms the details: www.php.net
I think this is going to be a problem for us, due to the way
the Debian packaging works -
I guess that the immediate
15 matches
Mail list logo
