I didn't say there are no developers, I said there is no active
development happening. Steve Hay is a developer. Fred Moyer, who replied
to this thread earlier this evening, has also made significant
contributions to the project. I can dive into the C if I have to, to fix
bugs or review code, but I'm likely not going to have the time or skills
to make significant changes should they be required.
When significant bugs come up within mod_perl developers from httpd
project may also get brought in. That's what happened last time anyway
(https://nvd.nist.gov/vuln/detail/CVE-2011-2767)
Adam
On 3/17/2021 11:46 PM, Jim Albert wrote:
Sure... I'll start a new thread after I reply here.
I don't know about how apache projects are maintained and the logistics,
but there are two issues here.
Foremost... from your previous response you need a few people to step up
and file your described report indicating no new releases, but that's
not necessarily a developer and it doesn't sound involved. I expect
you'll get some volunteers.
However, aside from that is the bigger issue of you stated there are no
developers maintaining mod_perl. That's the big red flag in this. Should
some vulnerability be discovered or a future Apache release present some
compatibility issue... maybe someone steps up and provides a fix...
that's a big maybe.
Jim
