[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#976811: transition: php8.0

Ondrej, Release Team,

On Sat, Jan 16, 2021 at 08:51:27PM +0100, Salvatore Bonaccorso wrote:
> Hi,
> 
> On Fri, Jan 15, 2021 at 07:58:10PM +0100, Ondřej Surý wrote:
> > Thinking about it, security-wise it might be better. Microsoft will
> > support the security backports to EOL versions of PHP 7.x, but they
> > announced they won’t do it for PHP 8.x, so we are (maybe) bit more
> > covered with PHP 7.4.
> 
> Ok, sounds good then.
> 
> Btw, we are currently at 7.4.11-1 in unstable, while at least updating
> up to 7.4.14 would fix as well CVE-2020-7071.
> 
> If nothing speaks against it, it would be good to start bullseye with
> a version most near with upstream stable released version (we would
> otherwise anyway need to otherwise rebase to the next 7.4.y version in
> the first DSA for php7.4).
> 
> Are you planning to update to 7.4.14 (or later) before the soft
> freeze?

Right now php8.0 will be as well in bullseye. Should php8.0 be kept
out of testing until bullseye is released? Otherwise there will be
expectation that both php7.4 and php8.0 will be covered by (security)
support in bullseye if we release with php8.0 included.

Regards,
Salvatore
Reply to: