On 13.12.2016, at 11:31, Niklas Keller <m...@kelunik.com> wrote: > > OpenSSL support for 1.0.1 will end this year. > > Support for version 1.0.1 will cease on 2016-12-31. No further releases of >> 1.0.1 will be made after that date. Security fixes only will be applied to >> 1.0.1 until then. >> Version 1.0.0 is no longer supported. >> Version 0.9.8 is no longer supported. > > > We dropped 0.9.8 and 1.0.0 in 7.1. > > Should we drop support for 1.0.1 in master, so it's dropped for 7.2 then, > as it will be unsupported then?
Please no. Ubuntu's 14.04 LTS is on 1.0.1f and gets security backports. EOL is April 2019. Unless there is a hard reason (API changes or whatever) that PHP 7.2 absolutely cannot live without, it's a bad idea, as folks on 14.04 or similar (think RHEL etc) then have to either rely on third parties for updates, or vendor in a newer version, even though their system libssl is still receiving security updates. David -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
