[php-maint] update to 5.3 in stable
kaplanlior at gmail.com
Mon Feb 20 21:48:53 UTC 2012
On Mon, Feb 20, 2012 at 11:44 PM, Ondřej Surý <ondrej at debian.org> wrote:
> On Mon, Feb 20, 2012 at 22:27, Lior Kaplan <kaplanlior at gmail.com> wrote:
> > On Mon, Feb 20, 2012 at 11:15 PM, Ondřej Surý <ondrej at debian.org> wrote:
> >> On Mon, Feb 20, 2012 at 22:07, Lior Kaplan <kaplanlior at gmail.com>
> >> > Hi,
> >> >
> >> > We have two issues which we can solve easily by taking fixes from
> >> > upstream
> >> > an upload to proposed updates:
> >> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617233
> >> > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=628509
> >> >
> >> > What do you think?
> >> As none of it is security issue, you would have to speak with stable
> >> release team about the updates. How big are the patches (diffstat?).
> > http://svn.php.net/viewvc?view=revision&revision=303016
> > http://svn.php.net/viewvc/?view=revision&revision=306278
> Prepare this in the debian-squeeze branch, I'll try to squeeze it in
> in next batch of security uploads.
security updates makes too much noise (and should be minimal), I prefer to
have it through the regular process. I'll let you know when it's ready.
> >> > Also, I though of providing a 5.3.10 as a backport, before we'll
> >> > introduce 5.4 to unstable.
> >> That would be nightmare security-wise. There is are rule: package has
> >> to be in testing to go to backports, you would have to provide
> >> security for backported package. And I guess you don't want that as
> >> much as I do :).
> > I think you're wrong about having to support these packages security
> > (at least the backport itself, the packages in testing is something
"If you upload a package... ", not " you must provide updates for security
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the pkg-php-maint