[
Date Prev
][
Date Next
] [
Thread Prev
][
Thread Next
] [
Date Index
] [
Thread Index
]
PHP security upload not included in 6.0.9
To
: Debian Release Mailing List <
debian-release@lists.debian.org
>
Cc
: Debian PHP Maintainers <
pkg-php-maint@lists.alioth.debian.org
>
Subject
: PHP security upload not included in 6.0.9
From
: Lior Kaplan <
kaplan@debian.org
>
Date
: Mon, 17 Feb 2014 01:38:30 +0200
Message-id
: <
[🔎]
CAEsznC6Tz+VhyseJ9BKNE0vbgNg_HaQZ8LWuvPj5xPxO9wq3JA@mail.gmail.com
>
Dear release team,
I saw the happy notice about 6.0.9 release, and wondered why isn't php5 (5.3.3-7+squeeze18) part of this update (uploaded in December).
Also see this:
http://qa.debian.org/madison.php?package=php5
The changes log (taken from the our VCS) has two CVEs:
* [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes: #731895)
* [CVE-2013-6712] Fix heap buffer over-read in DateInterval (Closes: #731112)
Thanks,
Kaplan
Reply to:
debian-release@lists.debian.org
Lior Kaplan (on-list)
Lior Kaplan (off-list)
Follow-Ups
:
Re: PHP security upload not included in 6.0.9
From:
"Adam D. Barratt" <adam@adam-barratt.org.uk>
Prev by Date:
Re: Bug#739079: transition: libav10
Next by Date:
Re: PHP security upload not included in 6.0.9
Previous by thread:
Bug#739185: pu: package automake1.9-nonfree/1.9.6-1.1~deb7u1
Next by thread:
Re: PHP security upload not included in 6.0.9
Index(es):
Date
Thread