[php-maint] Bug#410561: update on latest batch of CVE's for php
sean finney
seanius at seanius.net
Thu Mar 1 20:38:01 CET 2007
hey ondrej,
On Thu, 2007-03-01 at 11:47 +0100, Ondřej Surý wrote:
> did you have time to work on this lately? I think I could spare some
> time for PHP packaging work during next week.
yes i have, though it's been a really really really busy week and so i
never got around to sending a status update. so, here's the update :)
- fixes backported to sarge/4.3.10 and etch/4.4.4, with many thanks
to pitti and joe orton at redhat for doing most of the cvs digging
- fixes backported to etch/5.2, but i'm having trouble with having the
patches cleanly apply. the wierd thing is they apply if i manually
apply them, but one of them breaks if i put them in debian/patches.
the really wierd thing is nothing else in debian/patches touches the
file in question. then again, this was last night and i hadn't slept
the night before, so a second set of eyes looking at it would be
generally a good thing.
note that i've been working on the assumption that we won't be putting
in the latest upstream version in for etch, though obviously that would
be another fix (modulo the regressions from the new version)
sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 191 bytes
Desc: This is a digitally signed message part
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20070301/4bcff584/attachment.pgp
More information about the pkg-php-maint
mailing list