On Wed, Mar 12, 2003, Ingo T. Storm wrote:
> >Some clarification.
>
> Does this meanm that I got the picture completely wrong
No.
> or was I only
> wrong in this case where only _php as a cgi_ is vulnerable and not the
> mod_php resulting from building apache with_php?
Wether a "container package" (like apache) requires an update when a "base
package" (like php) is updated, depends on the particular packages.
Normally there is such a strict dependency and you are fully right.
In case of php and apache the vulnerability was very narrow and would
not have required an update of apache.
However, due to our mistake, we had again such a requirement.
Greetings,
--
,eM""=. a"-. Michael van Elst
dWWMWM" - :GM==; [EMAIL PROTECTED]
:WWMWMw=--. "W=' cable & wireless
9WWMm==-.
"-Wmw-" CABLE & WIRELESS
______________________________________________________________________
The OpenPKG Project www.openpkg.org
User Communication List [EMAIL PROTECTED]
