failed dependencies for new mod_php4
Hi list, I just wanted to update to the newest mod_php4 on a SuSE eMail Server II with apache-1.3.19-115 installed. rpm -Fhv --test mod_php4-4.0.4pl1-135.i386.rpm gives: apache_mmn_19990320_10 is needed by mod_php4-4.0.4pl1-135 I have never heard about this, any hints on what to do before I start searching the whole SuSE ftp site? Thanks in advance, Erwin Erwin Zierler | web- / host- / postmaster - stubainet.at | erwin.zierler@stubainet.at / webmaster@stubainet.at | Tel.: 0 5225 - 64325 Fax 99 Mobil: 0664 - 130 67 91
On Mon, Oct 07, 2002 at 12:30:26PM +0200, Erwin Zierler wrote:
Hi list,
I just wanted to update to the newest mod_php4 on a SuSE eMail Server II with apache-1.3.19-115 installed.
You can find mod_php4 packages for eMail Server II here: ftp://ftp.suse.com/pub/suse/i386/products/emailserver/2.0/mod_php4/
rpm -Fhv --test mod_php4-4.0.4pl1-135.i386.rpm
gives:
apache_mmn_19990320_10 is needed by mod_php4-4.0.4pl1-135
I have never heard about this, any hints on what to do before I start searching the whole SuSE ftp site?
This apache_mmn is provided by apache RPMs so that one can tell by the RPM dependencies which modules match which apache packages. However this is not the case with eMail Server II. Most of the others of our products (or even all?) have this since a couple of months. Peter -- Thought is limitation. Free your mind.
Hi again... At 13:28 07.10.2002 +0200, you wrote:
On Mon, Oct 07, 2002 at 12:30:26PM +0200, Erwin Zierler wrote:
Hi list,
I just wanted to update to the newest mod_php4 on a SuSE eMail Server II with apache-1.3.19-115 installed.
You can find mod_php4 packages for eMail Server II here:
ftp://ftp.suse.com/pub/suse/i386/products/emailserver/2.0/mod_php4/
The problem with this package is that it's timestamp is 5.8.2002 13:19 so I am afraid this is NOT the newest (and supposedly secured) version. What worries me even more is that for instance the mod_ssl rpm package in this directory is also dated 5.8.2002 13:19 so I find it hard to believe this is as up to date as ftp://ftp.suse.de/pub/suse/i386/update/7.0/sec1/mod_ssl-2.8.2-41.i386.rpm which is dated 17.9.2002 10:13. But maybe I am wrong?
rpm -Fhv --test mod_php4-4.0.4pl1-135.i386.rpm
gives:
apache_mmn_19990320_10 is needed by mod_php4-4.0.4pl1-135
I have never heard about this, any hints on what to do before I start searching the whole SuSE ftp site?
This apache_mmn is provided by apache RPMs so that one can tell by the RPM dependencies which modules match which apache packages. However this is not the case with eMail Server II. Most of the others of our products (or even all?) have this since a couple of months.
I have installed the regular apache (apache-1.3.19-115) i.e. the one for SuSE 7.0 on this system a while ago and the same is true for mod_*. The reason was that I could never find updated packages for eMail Server II. And since it works fine for me, doesn't break the Horde interface for the IMAP server either I figured why not use the regual 7.0 packages. I have never seen any dependancy failures either. Maybe this is a total no-no but in a production environment I do not want to rely on insecure or not up to date packages. Perhaps someone can clarify things as I feel a little insecure now whether I did the right thing or not.
Peter
-- Thought is limitation. Free your mind.
Thanks, Erwin Erwin Zierler | web- / host- / postmaster - stubainet.at | erwin.zierler@stubainet.at / webmaster@stubainet.at | Tel.: 0 5225 - 64325 Fax 99 Mobil: 0664 - 130 67 91
On Mon, Oct 07, 2002 at 02:08:40PM +0200, Erwin Zierler wrote:
You can find mod_php4 packages for eMail Server II here:
ftp://ftp.suse.com/pub/suse/i386/products/emailserver/2.0/mod_php4/
The problem with this package is that it's timestamp is 5.8.2002 13:19 so I am afraid this is NOT the newest (and supposedly secured) version. What worries me even more is that for instance the mod_ssl rpm package in this directory is also dated 5.8.2002 13:19 so I find it hard to believe this is as up to date as
ftp://ftp.suse.de/pub/suse/i386/update/7.0/sec1/mod_ssl-2.8.2-41.i386.rpm
which is dated 17.9.2002 10:13.
But maybe I am wrong?
No, you're right. Your concerns are understandable. I have now checked back with our product management, since I wasn't sure about the status of eMail Server II. And the answer is that it is no longer "maintained". This means that we will continue to support it via our professional services, but we no longer provide security updates. Sorry I couldn't tell you this last time.
I have installed the regular apache (apache-1.3.19-115) i.e. the one for SuSE 7.0 on this system a while ago and the same is true for mod_*. The reason was that I could never find updated packages for eMail Server II.
[...]
And since it works fine for me, doesn't break the Horde interface for the IMAP server either I figured why not use the regual 7.0 packages. I have never seen any dependancy failures either.
If you can live with the regular 7.0 packages (with a few exceptions they should), then they might be the best solution for you in the short term. In the long term, you'll need to find another solution because at some time 7.0 will be unsupported, too. But maybe you can update your server to something more current, buy a new one, or at least use the most current RPMs (from the URL I mentioned) to add patches. Hope this helps, Peter -- Thought is limitation. Free your mind.
Peter Poeml wrote:
I have now checked back with our product management, since I wasn't sure about the status of eMail Server II. And the answer is that it is no longer "maintained". This means that we will continue to support it via our professional services, but we no longer provide security updates. Sorry I couldn't tell you this last time.
So, no security updates at all, or only for "professional services" ? This is hard .. do I have to buy every two years a new version of Slems to receive updates? I have no time to compile all packages for myself if a security hole has been found!
something more current, buy a new one, or at least use the most current RPMs (from the URL I mentioned) to add patches.
Microsoft even develops Patches for Win95, currently !!! And as I understand your business plan, you are going to stand against them .. I now, you reduced your development team, but 1 1/2 year is a much to short life-time for a ServerProduct !!! Bye, Patrick
On Tue, Oct 08, 2002 at 12:03:28PM +0200, Patrick Schneider wrote:
So, no security updates at all, or only for "professional services" ?
Yes. We can't provide "lifelong" maintenance for free, even though you would naturally appreciate that.
This is hard .. do I have to buy every two years a new version of Slems to receive updates?
Given the vast speed of Linux development two years is a lot. An email server that interacts with the constantly evolving internet and new email clients needs a fair overhaul every once in a while. I guess you wouldn't have much fun using a five year old product in a today's environment. And if it works for you doesn't mean that it works for others. Peter -- Thought is limitation. Free your mind.
participants (3)
-
Erwin Zierler -
Patrick Schneider -
Peter Poeml