Re: [php-maint] Bug#603751: Three more security issues

To: Ondřej Surý <ondrej@debian.org>
Cc: Moritz Muehlenhoff <jmm@debian.org>, 603751@bugs.debian.org, debian-release@lists.debian.org
Subject: Re: [php-maint] Bug#603751: Three more security issues
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Wed, 17 Nov 2010 20:32:58 +0000
Message-id: <[🔎] 1290025979.25995.380.camel@hathi.jungle.funky-badger.org>
In-reply-to: <[🔎] AANLkTimJUhhHfofweHrJUJbo-dMjp+W-tfDtZ0pSAuHS@mail.gmail.com>
References: <20101116223047.4481.49055.reportbug@localhost.localdomain> <[🔎] AANLkTimJUhhHfofweHrJUJbo-dMjp+W-tfDtZ0pSAuHS@mail.gmail.com>

On Wed, 2010-11-17 at 10:05 +0100, Ondřej Surý wrote:
> thanks for heads up. I have cherry-picked fixes and they are in php
> git. Do you need any help with backporting those to lenny? Anyway I am
> going to wait for 5.3.3-3 to squeeze into the squeeze :) and after
> that I am going to upload 5.3.3-4.
> 
> Meanwhile I thought it might be a good idea to went through svn log
[...]
> The fixes below are small, self-contained and I
> have hand checked them all for sanity. There's even one CVE in
> openbasedir which we have not catched before.

I don't mind fixing the issues you mentioned if you think they're
important enough at this stage.  However, I'd prefer that an upload
including such fixes did not have high urgency, so it may depend how
urgent getting the security fixes in to Squeeze is.

Regards,

Adam

Reply to:

Follow-Ups:
- Re: [php-maint] Bug#603751: Three more security issues
  - From: Ondřej Surý <ondrej@debian.org>

References:
- Re: [php-maint] Bug#603751: Three more security issues
  - From: Ondřej Surý <ondrej@debian.org>

Prev by Date: Bug#603844: unblock: po-debconf/1.0.16+nmu1
Next by Date: Bug#603845: unblock: kernel-package/12.036+nmu1
Previous by thread: Re: [php-maint] Bug#603751: Three more security issues
Next by thread: Re: [php-maint] Bug#603751: Three more security issues
Index(es):
- Date
- Thread