Re: php-sabredav security fix
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Hi,
Le 22/05/2014 14:58, Gunnar Wolf a écrit :
> David Prévot dijo [Wed, May 21, 2014 at 06:57:06AM -0400]:
>> The php-sabredav package currently available in wheezy-backports is
>> vulnerable to some security issues, can you please upload a more recent
>> version?
> This new version adds a dependency on php-symfony-classloader, which
> does not exist in Backports. If somebody is willing to provide such
> dependency, building+updating the package is trivial.
php-symfony-classloader is a trivial package, only needed to run the
test suite.
> Otherwise, maybe the best answer would be to remove it from Backports.
Since nobody stepped up in the last two months to fix this security
issue, can someone please take care of the removal of php-sabredav and
its dependencies? (That means owncloud too, but since the backports
package is also outdated, and the latest one also fixes a security
issue, you’ll kill two birds in one stone.)
Thanks in advance
Regards
David
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBCAAGBQJTzpmtAAoJEAWMHPlE9r08oLoH/3C8MbZzN3Z+4hjTKFXkHY2z
Ry4zDmUNe3LHOH2mw5VRn/7nSmUm9yxzzzgu8pfEIId4tQ+xDUcZ1RbK6h03xEK8
OFCML4y/07Spr+ZR+P5UqJnFPcg3sJbc2g5AjsFzsIiq9NNi/oK5NPqSuSOzNeEu
LSGJfv5Ea78oota96MYZg4PboWWoya4IYeCb2+yLrGrJ/5IfBF5UV+uZ77diE3lc
OcFcUzZ2Bbe+rtPxtIEcVAqYNCCNxFB1BlxmOWad7ODJfTR/3E33T4s7g5crfAXP
JZCJJZ5fp23kKU9NtIjC8NiTg3As/BH59yiFRjOGRsssI+1fZ68T/aA9AaZlsjw=
=2BP9
-----END PGP SIGNATURE-----
Reply to: