[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: whether to drop support for Apache 2.0 < 2.0.44
- Subject: Re: whether to drop support for Apache 2.0 < 2.0.44
- From: Peter Houppermans <..hidden..>
- Date: Wed, 14 Mar 2007 20:46:19 +0100
Chris et al,
I am wondering what people think of dropping support for Apache from
versions 2.0.0 through 2.0.43 as of LedgerSMB 1.3. These versions
have a bug in them which we currently work around involving escaping
urls. The bug was corrected in 2.1, 2.2, and 2.0.44.
In principle I think that is a sound move, from both the 'enforcing end
user security' angle as well as from your own point of view: maintaining
more code means more potential for bugs.
But if these updates are not readily available to users, I think we
should still support the older version. Any feedback?
I think you may need to resort to democratic principles here: organise a
vote :-). The only concern could be harm to people that for some reason
have to run an 'older' distro like SLES 9 because of software they have
on top (a typical example is OpenExchange), but I think even that distro
has passed the 2.0.44 version of Apache2.
Back to the vote: you've got mine, not in the least because I haven't
installed it yet (wide grin). That may change as early as next week,
depends on how quickly I can set up an OpenSuSE 10.2 box.
/// P ///