On Mon, 28 Jun 2004, Ian Jackson wrote:
> Package: apache
> Version: 1.3.26-0woody5
>
> The security update to apache changed my httpd.conf and srm.conf in a
> way that meant my system's website disappeared.
>
> I did get offered `Save these changes to the configuration files? [Y/n]'
> and said yes, but:
You accepted a new configuration without checking it. It is exactly the
same as many other tools to handle configurations.
> * Security updates should be safe. In particular, security updates
>should be doable with less care, checking, presence of mind,
>etc. etc. than an elective upgrade.
Negative. Security updated fix a bit of the code. The rest of the package
stays the same. Please check:
http://www.debian.org/doc/developers-reference/ch-pkgs.en.html#s-bug-security
for more information.
> * The default should not be to override a user-changed configuration.
You asked for it once you told the script "Yes". You have been prompeted
and warned.
> * The default should not be to disable an existing website by
>changing the DocumentRoot to the Debian default.
Same as above.
> * The question was preceded by a large amount of largely irrelevant
>messages.
This is not true in sarge/sid anymore.
In any case there is nothing left as a bug in here.
Fabio
--
fajita: step one
Whatever the problem, step one is always to look in the error log.
fajita: step two
When in danger or in doubt, step two is to scream and shout.
