[php-maint] Availability of PHP version 5.3.4 or newer
Ondřej Surý
ondrej at debian.org
Tue Feb 8 14:28:12 UTC 2011
Bill,
the 5.3.3-7 is patched to include all security fixes from 5.3.4 and
5.3.5. There's no need to worry.
Ondrej
On Tue, Feb 8, 2011 at 15:00, Bill West <bill at destwin.com> wrote:
> Debian PHP package maintainers,
>
> Thanks for your efforts in supporting PHP on Debian. I apologize if this
> email is being sent to the wrong place.
>
> PCIDSS scans on our applications running on Debian PHP/Apache2 are
> failing due to security issues related to PHP. Currently the newest
> version available from Debian in any distribution including experimental
> is 5.3.3-7.
>
> Here is the relevant part of the problem description from our scan
> report:
>
> "Synopsis : The remote web server uses a version of PHP that is affected
> by multiple flaws. Description : According to its banner, the version of
> PHP 5.3 installed on the remote host is older than 5.3.4. Such versions
> may be affected by several security issues ...."
>
> The specific issues are those reported on the PHP.net site for the
> corresponding versions, which have apparently been fixed in the PHP
> 5.3.4 and 5.3.5 releases.
>
> Is there any schedule of when a newer version of PHP for Debian will be
> available ? Will it be possible to go directly to PHP 5.3.5 and skip
> version 5.3.4 ?
>
> Bill West
> --
> Cell: 877-567-7451
> Skype: bill.west9
>
> DESTWIN, LLC.
> 887 Main Street, Suite D
> Monroe, Connecticut 06468-2800
> Toll Free: 877-DESTWIN (877-337-8946)
> Local: 203-459-0619
> FAX: 203-261-5061
> sales at destwin.com
> http://www.destwin.com
>
> Destwin and "Fuel Dealer Solution" are trademarks of DESTWIN, LLC.
>
>
>
>
> _______________________________________________
> pkg-php-maint mailing list
> pkg-php-maint at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-php-maint
>
--
Ondřej Surý <ondrej at sury.org>
http://blog.rfc1925.org/
More information about the pkg-php-maint
mailing list