[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: AW: Vulnerable PHP version according to nessus



* Jordon Bedwell:

> New upstream version is used pretty loosely here.  I would hardly
> consider a bug fix release a new version.  You guys treat versions as
> if they're a matter of national security, because 5.3.7 vs 5.3.8 is
> obviously gonna have some major major API changes and some way new
> features.

5.3.7 to 5.3.8 perhaps not (I didn't check this), but we shipped 5.3.3
in squeeze.  Upgrading to 5.3.7 and later would introduce the changed
is_a behavior, among other things.  We don't want to force such
changes upon users, and certainly not in security updates.


Reply to: