Bug#837428: Re: jessie-pu: package libphp-adodb/5.15-1
Control: tags -1 + moreinfo
On Sun, 2016-09-11 at 16:24 +0200, Jean-Michel Vourgère (debian) wrote:
> I'd like to upload a fix for #837418  and #837211 .
> Attached is a debdiff against version 5.15-1 that is currently both in wheezy
> and jessie. It includes the 2 upstream commits fixing these.
> The package is to be compiled in a wheezy environment in order to match the
> public repository version.
No, an upload to jessie needs to be built in a _jessie_ environment.
+libphp-adodb (5.15-1+deb8u1) jessie; urgency=medium
+ * Upload to jessie.
+ -- Jean-Michel Vourgère <email@example.com> Sun, 11 Sep 2016 16:13:54 +0200
+libphp-adodb (5.15-1+deb7u1) wheezy; urgency=medium
+ * Cherry pick of upstream patches:
+ - d/patch/pdo-qstr-sql-injection. Closes: #837211
+ - d/patch/cve-2016-4855. Closes: #837418
That's an unusual way of forming the changelog. Why not simply a 5.15-1
+deb8u1 stanza listing the changes, on top of 5.15-1? In fact, given
that the +deb7u1 stanza doesn't match what actually got uploaded to
wheezy-security, please drop it.