Your message dated Wed, 24 Mar 2010 20:50:50 +0000 (WET)
with message-id <[email protected]>
and subject line Package libapache2-mod-php4 has been removed from Debian
has caused the Debian Bug report #341346,
regarding libapache2-mod-php4: mod-php should be configured to use a Apache
handler
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
341346: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=341346
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: libapache2-mod-php4
Version: 4:4.3.10-16
Severity: normal
An extract from libapache2-mod-security documentation states the problem better
than I can explain:
"In Apache theory, a response to a request is generated by a
so-called handler. If there is a handler attached to a request it
should be considered to be of a dynamic nature. In practice, however,
Apache can be configured to server dynamic pages without a handler
(it then chooses the module based on the resource MIME type). This will
happen, for example, if you configure PHP as instructed in the main
distribution:
AddType application/x-httpd-php .php
While this works, it isn't entirely correct. However, if you replace the
above line with the following:
AddHandler application/x-httpd-php .php
PHP will work just as well, Apache will have a handler assigned to the
request, and audit logger will be able to log selectively."
So, changing the /etc/apache2/mods-available/php4.conf file to be:
<IfModule mod_php4.c>
AddHandler application/x-httpd-php .php .phtml .php3
AddHandler application/x-httpd-php-source .phps
</IfModule>
will allow libapache2-mod-security to audit and protect PHP pages.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=fr_CA, LC_CTYPE=fr_CA (charmap=ISO-8859-1)
Versions of packages libapache2-mod-php4 depends on:
ii apache2-mpm-prefork 2.0.54-5 traditional model for Apache2
ii libbz2-1.0 1.0.2-7 high-quality block-sorting file co
ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an
ii libcomerr2 1.37-2sarge1 common error description library
ii libdb4.2 4.2.52-18 Berkeley v4.2 Database Libraries [
ii libexpat1 1.95.8-3 XML parsing C library - runtime li
ii libkrb53 1.3.6-2sarge2 MIT Kerberos runtime libraries
ii libmagic1 4.12-1 File type determination library us
ii libpcre3 4.5-1.2sarge1 Perl 5 Compatible Regular Expressi
ii libssl0.9.7 0.9.7e-3sarge1 SSL shared libraries
ii libzzip-0-12 0.12.83-4 library providing read access on Z
ii mime-support 3.28-1 MIME files 'mime.types' & 'mailcap
ii php4-common 4:4.3.10-16 Common files for packages built fr
ii zlib1g 1:1.2.2-4.sarge.2 compression library - runtime
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 6:4.4.6-2+rm
You filed the bug http://bugs.debian.org/341346 in Debian BTS
against the package libapache2-mod-php4. I'm closing it at *unstable*, but it
will
remain open for older distributions.
For more information about this package's removal, read
http://bugs.debian.org/428266. That bug might give the reasons why
this package was removed and suggestions of possible replacements.
Don't hesitate to reply to this mail if you have any question.
Thank you for your contribution to Debian.
--
Marco Rodrigues
--- End Message ---
