Bug#497871: php-suhosin: please package suhosin 0.9.27 and try to get it in lenny

To: submit@bugs.debian.org
Subject: Bug#497871: php-suhosin: please package suhosin 0.9.27 and try to get it in lenny
From: Raphael Geissert <atomo64@gmail.com>
Date: Thu, 4 Sep 2008 19:30:48 -0500
Message-id: <[🔎] 200809041931.01049.atomo64@gmail.com>
Reply-to: Raphael Geissert <atomo64@gmail.com>, 497871@bugs.debian.org

Source: php-suhosin
Version: 0.9.24-1
Severity: important
Tags: security

Hi,

Please update the package to version 0.9.27 ASAP and try to convince the, 
CC'ed, release team to allow this version of the package to be shipped in 
lenny.

Since version 0.9.26 there are several enhancements that would help avoid some 
attacks on poorly written applications.

Relevant changelog since current version in unstable:

* Changed PHP default POST handler to PHP’s current handler
* Fixed problem with suhosin.perdir
* Fixed problems with ext/uploadprogress
* Added suhosin.srand.ignore and suhosin.mt_srand.ignore (default: on)
* Modified rand()/srand() to use the Mersenne Twister algorithm with separate 
state
* Added better internal seeding of rand() and mt_rand()

Regards,
-- 
Atomo64 - Raphael

Please avoid sending me Word, PowerPoint or Excel attachments.
See http://www.gnu.org/philosophy/no-word-attachments.html

Attachment: signature.asc
Description: This is a digitally signed message part.

Reply to:

Follow-Ups:
- Re: Bug#497871: php-suhosin: please package suhosin 0.9.27 and try to get it in lenny
  - From: Jan Wagner <waja@cyconet.org>

Prev by Date: Bug#497872: PTS: php-suhosin.html contains old information
Next by Date: Re: Preparing update of 'mafft' to fix #496366 ("grave" security bug).
Previous by thread: Re: Bug#497872: PTS: php-suhosin.html contains old information
Next by thread: Re: Bug#497871: php-suhosin: please package suhosin 0.9.27 and try to get it in lenny
Index(es):
- Date
- Thread