--On Wednesday, December 22, 2004 22:42 +0800 Jason Lim <[EMAIL PROTECTED]> wrote:
Just read all that... not particularly encouraging, as it seems no one is interested in backporting the security fixes or that it is not possible to backport them.
I heard there are some kind of mod_rewrite rules to temporarily resolve this in the mean time posted in BUGTRAQ or similar. Do you run any way of mitigating the security threat in the mean time?
FWIW I run the backports.org version of PHP4 pretty much everywhere, including the hosting company I work for. We roll our own packages (we need modules like PayFlowPro which they don't include) but other than that it's the same package you'd get from www.backports.org -- good project, quite a few packages.
sounds like that particular developer just has a thing against PHP BTW, so take his words for a grain of salt. I'm not very fond of PHP or MySQL either, but it pays the bills because a lot of other people are. just because he/she is a debian developer does NOT mean they speak for the whole project.
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
