Re: postponing php5 issue

To: Emilio Pozuelo Monfort <pochu@debian.org>, debian-lts@lists.debian.org
Subject: Re: postponing php5 issue
From: Antoine Beaupré <anarcat@orangeseeds.org>
Date: Wed, 22 Feb 2017 14:48:33 -0500
Message-id: <[🔎] 877f4it3am.fsf@curie.anarc.at>
In-reply-to: <[🔎] 253b6458-816f-14a4-3089-09adcb7fbe47@debian.org>
References: <[🔎] 87efysy07p.fsf@curie.anarc.at> <[🔎] 253b6458-816f-14a4-3089-09adcb7fbe47@debian.org>

On 2017-02-21 21:57:23, Emilio Pozuelo Monfort wrote:
> On 20/02/17 23:19, Antoine Beaupré wrote:
>> It seems a bit too much to do a DLA for a single issue in the php5
>> package (CVE-2016-7478, namely):
>> 
>> https://security-tracker.debian.org/tracker/source-package/php5
>> 
>> I looked at the issue and the patch is easily ported, but i suggest we
>> postpone this DLA until we have piled up more important
>> issues...
>> 
>> I attached the backported patch for future reference. I'll update the
>> security tracker with details as well.
>
> You should commit that to
>
> https://anonscm.debian.org/cgit/collab-maint/debian-lts/php5.git/

done. i also added a tag that was missing.

>> PS: has someone notified the maintainer before triaging this issue? i
>> didn't see a mail go through...
>
> AFAIK we handle php5 ourselves.

hmm... is there a place where this is documented? how does frontdesk
know whether to ping maintainers or not?

thanks!

a.

-- 
Being cynical is the only way to deal with modern civilization — you
can't just swallow it whole.
                        - Frank Zappa

Reply to:

Follow-Ups:
- Re: postponing php5 issue
  - From: Emilio Pozuelo Monfort <pochu@debian.org>

References:
- postponing php5 issue
  - From: anarcat@orangeseeds.org (Antoine Beaupré)
- Re: postponing php5 issue
  - From: Emilio Pozuelo Monfort <pochu@debian.org>

Prev by Date: Re: testing and review requested for Wheezy update of apache2
Next by Date: Re: postponing php5 issue
Previous by thread: Re: postponing php5 issue
Next by thread: Re: postponing php5 issue
Index(es):
- Date
- Thread