Re: Debian PHP upgrade

To: Andile Ntebe <ANtebe@acceleration.biz>
Cc: "Adam D. Barratt" <adam@adam-barratt.org.uk>, Gareth Webb <gwebb@acceleration.biz>, Ondřej Surý <ondrej@sury.org>, Salvatore Bonaccorso <carnil@debian.org>, "debian-devel@lists.debian.org" <debian-devel@lists.debian.org>
Subject: Re: Debian PHP upgrade
From: Andrew Shadura <andrew@shadura.me>
Date: Wed, 25 Mar 2015 15:04:24 +0100
Message-id: <[🔎] CACujMDPLrz-QTwErggGKbnuJ0g3a9cBcvt9j2O5hRk1hL7XRdA@mail.gmail.com>
In-reply-to: <[🔎] 26CB39B0-70E1-487F-988C-07AF6B0A384E@acceleration.biz>
References: <[🔎] AM3PR06MB1187A1054F30FFBCE18041DED20D0@AM3PR06MB1187.eurprd06.prod.outlook.com> <[🔎] 20150323075942.GA29714@lorien.valinor.li> <[🔎] 1427211878.4170159.244603634.39FB1A34@webmail.messagingengine.com> <[🔎] AM3PR06MB1187B5494B1196C3C4126C3DD20B0@AM3PR06MB1187.eurprd06.prod.outlook.com> <[🔎] b6c9b41536487ba6807a2a9949f3e66d@mowgli.jungle.funky-badger.org> <[🔎] 77F52449-5915-41CD-88C2-B52A79BE96AC@acceleration.biz> <[🔎] 2095e7c6881ef0fac1aa48cb396f4ba0@mowgli.jungle.funky-badger.org> <[🔎] 26CB39B0-70E1-487F-988C-07AF6B0A384E@acceleration.biz>

Andile,

On 25 March 2015 at 14:37, Andile Ntebe <ANtebe@acceleration.biz> wrote:
> Hi
>
> Im not sure why Gareth said PHP, I’m referring to Apache 2.2.22.
>
> The below vulnerabilities seem to affect this version:

If you read the changelog to the latest version available in stable,
you'll find answers to all of your questions:
http://metadata.ftp-master.debian.org/changelogs//main/a/apache2/apache2_2.2.22-13+deb7u4_changelog

Citing the very beginning of it:

apache2 (2.2.22-13+deb7u4) wheezy; urgency=medium

  * CVE-2013-5704: …
  …

 -- Stefan Fritsch <sf@debian.org>  Tue, 23 Dec 2014 23:44:24 +0100

apache2 (2.2.22-13+deb7u3) wheezy-security; urgency=high

  * CVE-2014-0226: …
  * CVE-2014-0231: …
  * CVE-2014-0118: …

 -- Stefan Fritsch <sf@debian.org>  Wed, 23 Jul 2014 23:53:24 +0200

As you see, our security team is working very well.

-- 
Cheers,
  Andrew

Reply to:

References:
- Debian PHP upgrade
  - From: Gareth Webb <gwebb@Acceleration.biz>
- Re: Debian PHP upgrade
  - From: Salvatore Bonaccorso <carnil@debian.org>
- Re: Debian PHP upgrade
  - From: Ondřej Surý <ondrej@sury.org>
- RE: Debian PHP upgrade
  - From: Gareth Webb <gwebb@Acceleration.biz>
- RE: Debian PHP upgrade
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Re: Debian PHP upgrade
  - From: Andile Ntebe <ANtebe@Acceleration.biz>
- Re: Debian PHP upgrade
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
- Re: Debian PHP upgrade
  - From: Andile Ntebe <ANtebe@Acceleration.biz>

Prev by Date: Re: Debian PHP upgrade
Next by Date: Re: Debian PHP upgrade
Previous by thread: Re: Debian PHP upgrade
Next by thread: Re: Debian PHP upgrade
Index(es):
- Date
- Thread