[php-maint] Availability of PHP version 5.3.4 or newer

Sean Finney seanius at debian.org
Sun Feb 13 16:06:49 UTC 2011

Hi Bill,

In case it hasn't already been said, extra eyes on the security status
of our packages are always welcome :)

On Fri, 2011-02-11 at 18:50 -0500, Bill West wrote:
> link for a particular CVE is obvious. Here are the items that are not
> yet fixed. I will review each of these with our security team including
> the firm that performs our independent PCIDSS scans to determine if
> these involve critical vulnerabilities related to payment card
> processing.

You might also want to take a quick look at 


which fairly clearly states how we decide whether any given PHP security
issue is worth our time.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20110213/3f27ce54/attachment.pgp>

More information about the pkg-php-maint mailing list