[php-maint] PHP security upload not included in 6.0.9

Lior Kaplan kaplan at debian.org
Sun Feb 16 23:38:30 UTC 2014

Dear release team,

I saw the happy notice about 6.0.9 release, and wondered why isn't php5
(5.3.3-7+squeeze18) part of this update (uploaded in December).

Also see this: http://qa.debian.org/madison.php?package=php5

The changes log (taken from the our VCS) has two CVEs:

* [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes:
* [CVE-2013-6712] Fix heap buffer over-read in DateInterval (Closes:


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20140217/6ffbf3c0/attachment.html>

More information about the pkg-php-maint mailing list