[php-maint] php5 testing transition
Thijs Kinkhorst
thijs at debian.org
Mon May 7 08:02:19 UTC 2012
On Sun, May 6, 2012 10:00, Thijs Kinkhorst wrote:
> On Sat, May 5, 2012 20:49, Adam D. Barratt wrote:
>> On Sat, 2012-05-05 at 20:39 +0200, Ondrej Sury wrote:
>>> > For some reason I had it in my head that 5.4.2 was the upstream
>>> version
>>> > with the fixed fix rather than the not-quite fixed fix.
>>>
>>> I think this is the case (e.g. 5.4.2 is the fixed version).
>>
>> I assume Thijs was referring to CVE-2012-2311, which covers the fix in
>> 5.4.2 being incomplete.
>
> PHP 5.4.2 does not fix the issue.
PHP upstream has now announced new releases for tomorrow, which also fix
another security issue:
http://www.php.net/archive/2012.php#id2012-05-06-1
It would be great if we could get that into unstable swiftly and then
start the migration process.
Cheers,
Thijs
More information about the pkg-php-maint
mailing list