Date: Sat, 25 Mar 2006 01:30:28 GMT From: Jeremy Chadwick <freebsd@jdc.parodius.com> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/94919: [PATCH] suPHP (www/suphp) 0.6.1 Message-ID: <200603250130.k2P1USHB032118@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/94919; it has been noted by GNATS. From: Jeremy Chadwick <freebsd@jdc.parodius.com> To: bug-followup@FreeBSD.org Cc: Subject: Re: ports/94919: [PATCH] suPHP (www/suphp) 0.6.1 Date: Fri, 24 Mar 2006 17:28:58 -0800 Sadly, I cannot approve this, for many of the same reasons listed in past PRs such as ports/82746. I get requests for this upgrade literally twice a week, sometimes more. I actually keep a file laying around as a template response due to the high volume of mails... > The suphp port will not be upgraded to 0.6.x until the author fixes > numerous security holes and bugs in the software. Some were fixed > with the 0.6.1 release, but there are still claims of security-related > issues with 0.6.1 (see the suphp mailing list for details). One issue > which I have personally confirmed is the module doing double-free()'s > on pieces of previously allocated memory; this still exists in 0.6.1. > > Until these issues are dealt with, the port will remain at 0.5.2; I'd > rather not unleash unstable software into the hands of BSD sysadmins > worldwide. > > If 0.6.1 is an absolute necessity for you, I'd gladly review and > agree to the commital of a www/suphp-dev port, assuming someone else > maintains it. > > I hope you understand. Thanks! I'm all for someone maintaining a new port (ex. www/suphp-dev) which contains 0.6 or 0.6.1 -- until the suphp author manages to fix the bugs in recent releases. My apologies to the PR submitter (Eugene Kim), as he obviously put in quite a lot of work. I would rather his efforts be put to use, just not in the current (stable) suphp port... -- | Jeremy Chadwick jdc at parodius.com | | Parodius Networking http://www.parodius.com/ | | UNIX Systems Administrator Mountain View, CA, USA | | Making life hard for others since 1977. | On Sat, Mar 25, 2006 at 01:04:03AM +0000, Edwin Groothuis wrote: > Maintainer of www/suphp, > > Please note that PR ports/94919 has just been submitted. > > If it contains a patch for an upgrade, an enhancement or a bug fix > you agree on, reply to this email stating that you approve the patch > and a committer will take care of it. > > The full text of the PR can be found at: > http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/94919 > > -- > Edwin Groothuis > edwin@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603250130.k2P1USHB032118>