[php-maint] Re: packages for sarge?
Martin Schulze
joey at infodrom.org
Wed Aug 24 16:51:47 UTC 2005
Zoran Dzelajlija wrote:
> CC-ing the security team as suggested on #debian.
>
> Explanation: this security related bug in XML_RPC, part of php4-pear
> package, has been closed by an upload to unstable, but the version in
> sarge is still affected.
>
> Quoting Zoran Dzelajlija (jelly at srce.hr):
> > Hi, any word of a sarge release to cover CAN-2005-1921 and, to kill two
> > flies, the new XML_RPC bug CAN-2005-2498? I've applied Ubuntu's
> > patches for both to a local build without much hassle...
> >
> > Also, is there some user-friendly documentation aobut the new BTS
> > features (found vs. tagging for sarge)? Should this bug be reopened
> > until sarge gets a fix for these vulnerabilities?
Are you able to extract a clean patch to fix the problem? We may
also need to update oldstable at the same time.
Regards,
Joey
--
It's time to close the windows.
More information about the pkg-php-maint
mailing list