203552 – lang/php5 : php 5.4 has reached EOL (no more security updates) please deprecate for removal

Bug 203552 - lang/php5 : php 5.4 has reached EOL (no more security updates) please deprecate for removal

Summary: lang/php5 : php 5.4 has reached EOL (no more security updates) please depreca...

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Only Me
Assignee:	Alex Dupre

URL:
Keywords:

Depends on:
Blocks:

Reported:	2015-10-05 12:24 UTC by John Marino
Modified:	2015-10-14 20:05 UTC (History)
CC List:	3 users (show)

See Also:

Flags:	bugzilla: maintainer-feedback? (ale)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Marino freebsd_committer

2015-10-05 12:24:59 UTC

According to http://php.net/supported-versions.php :

Active support for php 5.4 ended 14 Sep 2014
Security updates for php 5.4 ended 14 Sep 2015 

As of writing, that was 21 days ago.

The PHP developers categorize PHP 5.4 as "End of Life" which is defined as "A release that is no longer supported. Users of this release should upgrade as soon as possible, as they may be exposed to unpatched security vulnerabilities."

I suggest immediate deprecation with expiration date set for early 2016 (e.g. Jan 15 or Feb 1)

Comment 1 John Marino freebsd_committer

2015-10-14 09:20:15 UTC

Adding feld@ to get the attention of somebody on the security team since PR has no response so far.

Comment 2 commit-hook freebsd_committer

2015-10-14 20:04:49 UTC

A commit references this bug:

Author: feld
Date: Wed Oct 14 20:04:44 UTC 2015
New revision: 399292
URL: https://svnweb.freebsd.org/changeset/ports/399292

Log:
  lang/php5 mark as deprecated

  PHP 5.4 has reached End of Life status

  PR:		203552

Changes:
  head/lang/php5/Makefile