[php-maint] Bug#410561: php5: multiple security issues fixed in php 5.2.1

Ondřej Surý ondrej at sury.org
Sun Feb 11 21:01:22 UTC 2007

Oh my goddess :-(

> PHP 5.2.1 fixes some security problems. See
> http://www.php.net/releases/5_2_1.php
> http://secunia.com/advisories/24089/

Seems there is a lot of stack and buffer overflows fixed.
Unfortunatelly our lovely PHP upstream maintainers bundled
a lot of stuff into 5.2.1 as well including changes in default
behaviour.  I would love to have 5.2.1 in etch, but I am prepared to go
cherry picking.

Steve, what's your opinion?  Cesspool will remain cesspool, so I don't
see big difference between 5.2.0 and 5.2.1 in terms of bugginess.

> PHP 4.4 is affected by at least some of the issues, too.

That troubles me :-(((, since new php4 is not available.

Ondřej Surý <ondrej at sury.org>  ***  http://blog.rfc1925.org/
Kulturní občasník              ***  http://www.obcasnik.cz/

More information about the pkg-php-maint mailing list