Hi, I noticed that PHP 7.0 is unsupported by upstream since the beginning of 2019:
https://secure.php.net/supported-versions.php The most recent PHP version in stretch is, as of now, 7.0.33-0+deb9u1. As far as I can tell, this is (roughly) the same as upstream 7.0.33 and not a relabeled later upstream version and it does not contain significant backports from later upstream versions. Do I need to assume that PHP 7.0 in Debian is now only security-supported by Debian alone? Is any DD close enough to upstream to be able to at least backport new fixes from 7.1 and later if necessary? I found https://deb.sury.org/ which appears to be run by a DD[1]. But I noticed that this version of PHP pulls in a different version of openssl which rang some alarm bells with me. I would very much prefer something more official, e.g. backpors.debian.org. So, what do you do with your stretch servers running PHP now? Pray for good support in Debian, upgrade to 3rd party packages? Upgrade to buster already? Regards, Jochen. [1] FWIW, the PGP key used for the repository (AC0E47584A7A714D) is signed by Ondřej Surý (0C99B70EF4FCBB07) which, in turn, is signed by 184 keys fro debian-keyring. The WoT probably does not get better than that. -- My memories gild my life with rare transcendance. [Agree] [Disagree] <http://archive.slowlydownward.com/NODATA/data_enter2.html>
signature.asc
Description: PGP signature
