[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Heads up: New Sun Cobalt Patch which you might want to skip

Subject: Re: [cobalt-security] Heads up: New Sun Cobalt Patch which you might want to skip
From: Jaana Jarve <netcat@xxxxxxxxx>
Date: Fri, 21 Mar 2003 10:58:14 +0200 (EET)
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

On Thu, 20 Mar 2003, Bruce Timberlake wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> > >Anyone who has a modified or more modern PHP installed will have a
> > >dead Apache after installing this patch.
> >
> > Why would Sun put out a patch that kills apache... do they need the
> > support money that bad ?
>
> It will only break Apache if you've deviated from the default install
> Sun provides.  They cannot take all possible end user customizations
> into account when designing their patches.  If you know enough to
> mess with your PHP install, you either don't need the patch, or you
> can figure out how to incorporate the changes into your non-standard
> system.

OTOH, it would be very nice of them not to incorporate postgres & PHP
patches in one install, given that people are much more likely to upgrade
or customize their PHP version than mess with postgres... why shouldn't we
be able to patch our postgres without having to reinstall PHP?

rgds,
netcat

References:
- Re: [cobalt-security] Heads up: New Sun Cobalt Patch which you might want to skip
  - From: Bruce Timberlake

Prev by Date: Re: [cobalt-security] Heads up: New Sun Cobalt Patch which you might want to skip
Next by Date: Re: [cobalt-security] Security NEW Sendmail Flaw
Previous by thread: Re: [cobalt-security] Heads up: New Sun Cobalt Patch which you might want to skip
Next by thread: Re: [cobalt-security] Heads up: New Sun Cobalt Patch which you might want to skip

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index