** Changed in: php5 (Debian)
Status: Won't Fix => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1002443
Title:
php5-fpm exposes full ubuntu package version in headers
To manage
@bkerensa, thanks for the constructive contribution to the
conversation... i discussed this with a couple folks in #ubuntu-server
and one of the Ubuntu php maintainers, and filed this with their
feedback.
@all, i'm well aware that security by obscurity is no solution, but as
noted by Francois in t
@Marc: I tried to explain the security by obscurity flaw ;) and that one
should just focus on a hardened install and not so much about exposed
version info in their header.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.l
Security by obscurity doesn't actually work. Hiding the version number
will not affect whether your system is secure or not, and it's quite
likely that an attacker would simply run his script regardless of the
version number displayed on your website.
If this is important in your environment, plea
** Changed in: php5 (Debian)
Status: Unknown => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1002443
Title:
php5-fpm exposes full ubuntu package version in headers
To manage notif
I think that full version number is important and we will gain no extra
security by hiding it by default, just more pain when debugging. You
always have an option to disable the headers yourself, if you think it
will gain you any extra security.
** Bug watch added: Debian Bug tracker #582204
ht
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1002443
Title:
php5-fpm exposes full ubuntu package version in headers
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+