Joey Hess wrote:
> On the third hand, this bug has documented a security hole with exploit
> in apache for about 2 weeks without any reaction from its maintainers,
> and was open for many months before that without any reaction from them.
> If apache isn't being maintained, it might be better to drop it from
> etch anyway.
Indeed, I'm quite disappointed about apache 1.3 still being in Etch.
Debian is the _only_ distribution still shipping it; the maintainers
couldn't provide _any_ valid reason to still include it (like an important
module not ported to 2.x) and claimed that they would provide all security
updates for 1.3 issues. Well...
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
