Re: [php-maint] Bug#603751: Three more security issues
On Wed, 2010-11-17 at 10:05 +0100, Ondřej Surý wrote:
> thanks for heads up. I have cherry-picked fixes and they are in php
> git. Do you need any help with backporting those to lenny? Anyway I am
> going to wait for 5.3.3-3 to squeeze into the squeeze :) and after
> that I am going to upload 5.3.3-4.
> Meanwhile I thought it might be a good idea to went through svn log
> The fixes below are small, self-contained and I
> have hand checked them all for sanity. There's even one CVE in
> openbasedir which we have not catched before.
I don't mind fixing the issues you mentioned if you think they're
important enough at this stage. However, I'd prefer that an upload
including such fixes did not have high urgency, so it may depend how
urgent getting the security fixes in to Squeeze is.