Bug 203552 - lang/php5 : php 5.4 has reached EOL (no more security updates) please deprecate for removal
Summary: lang/php5 : php 5.4 has reached EOL (no more security updates) please depreca...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Only Me
Assignee: Alex Dupre
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-10-05 12:24 UTC by John Marino
Modified: 2015-10-14 20:05 UTC (History)
3 users (show)

See Also:
bugzilla: maintainer-feedback? (ale)


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description John Marino freebsd_committer 2015-10-05 12:24:59 UTC
According to http://php.net/supported-versions.php :

Active support for php 5.4 ended 14 Sep 2014
Security updates for php 5.4 ended 14 Sep 2015 

As of writing, that was 21 days ago.

The PHP developers categorize PHP 5.4 as "End of Life" which is defined as "A release that is no longer supported. Users of this release should upgrade as soon as possible, as they may be exposed to unpatched security vulnerabilities."

I suggest immediate deprecation with expiration date set for early 2016 (e.g. Jan 15 or Feb 1)
Comment 1 John Marino freebsd_committer 2015-10-14 09:20:15 UTC
Adding feld@ to get the attention of somebody on the security team since PR has no response so far.
Comment 2 commit-hook freebsd_committer 2015-10-14 20:04:49 UTC
A commit references this bug:

Author: feld
Date: Wed Oct 14 20:04:44 UTC 2015
New revision: 399292
URL: https://svnweb.freebsd.org/changeset/ports/399292

Log:
  lang/php5 mark as deprecated

  PHP 5.4 has reached End of Life status

  PR:		203552

Changes:
  head/lang/php5/Makefile