Re: PHP5 status
On Tue, Feb 12, 2019 at 07:44:41AM +0530, Abhijith PA wrote:
>
> That was very stupid of me. I was working on CVE-2018-1000888 in
> php-pear and this ships via php5 in jessie. I didn't noticed php5
> already entered dla-needed.txt and I went directly changing php-pear to
> php5. Anyway I release DLA for my upload.
>
No worries, we all make mistakes :-)
It took me several tries to figure out why the 5.6.40 build failed after
incorporating your change, but I was able to determine that the change
introduced by your patch is now included upstream. I have an updated
5.6.40 build ready and I was waiting on the assignment of CVEs by
upstream.
I wonder if it would make more sense to go ahead with uploading 5.6.40
and publish a revision to the DLA, or whether I should continue to wait
on the CVE assignments. Thoughts?
Regards,
-Roberto
--
Roberto C. Sánchez
Reply to: