Bug#1108867: unblock: php8.4/8.4.10-1
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: php8.4@packages.debian.org, team@security.debian.org, Ondřej Surý <ondrej@debian.org>, carnil@debian.org
Control: affects -1 + src:php8.4
User: release.debian.org@packages.debian.org
Usertags: unblock
Hi Ondrej, hi release team,
As PHP packages follow for stable to follow the respective upstream
released version, I would suggest/propose to get an unblock for php8.4
explicitly to make sure the fixes for some CVEs will land in trixie
before trixie start.
Specifically, php8.4 8.4.10-1 fixes CVE-2025-1220, CVE-2025-1735 and
CVE-2025-6491.
Ondrej, what is your take? It cannot mgirate automatically as it is a
key package.
Regards,
Salvatore
Reply to: