On 11/14/06, Larry Garfield <larry@garfieldtech.com> wrote:
I don't think this is unreasonable. While I appreciate shared hosts' concerns re backward compatibility, security patches are only happening on 4.4.x now for the PHP 4 branch. 4.3 is effectively unsupported by default. (I'm personally rather surprised that Drupal doesn't already require 4.3.9 or 4.3.10 anyway, since those were stable and widely deployed for a long time.)
It's more than shared hosts - RHEL4 uses 4.3.9. It still gets security updates through the RH backports system and will continue to for years to come. EOL Schedule: Red Hat Enterprise Linux (version 4): General Availability: Feb 15, 2005 Full Support (including hardware updates): Feb 15, 2005 -- Aug 31, 2007 Deployment Support: Sep 1, 2007 -- Feb 29, 2008 Maintenance Support: Mar 1, 2008 -- Feb 29, 2012 From: http://www.redhat.com/security/updates/errata/ Hosts can upgrade to a newer version, but I think it's incorrect to classify use of PHP4.3 as a "budget host" situation. It's also an "enterprise" situation. As has been said, I think it is reasonable to look forward to dropping PHP4.3 at the point where we see it's actual use falling. Since I have and support several sites on PHP4.3.9 with no intention to upgrade my PHP until RH does, I have a strong interest in representing the 40% of PHP users who are in my same boat and seeing compatibility for at least a while longer. Regards, Greg