[php-maint] PHP security upload not included in 6.0.9

Adam D. Barratt adam at adam-barratt.org.uk
Mon Feb 17 10:30:37 UTC 2014

On 2014-02-17 8:45, Lior Kaplan wrote:
> On Mon, Feb 17, 2014 at 9:42 AM, Adam D. Barratt
> <adam at adam-barratt.org.uk> wrote:
>> On Mon, 2014-02-17 at 01:38 +0200, Lior Kaplan wrote:
>>> I saw the happy notice about 6.0.9 release, and wondered why
>> isn't
>>> php5 (5.3.3-7+squeeze18) part of this update (uploaded in
>> December).
>> This was due to the fact that the package has not yet successfully
>> built
>> on kfreebsd-*, as can be seen from
>> https://release.debian.org/proposed-updates/oldstable.html [1]
> Thanks Adam.
> 1. First time I encounter this problem, any idea where can I see the
> buildd logs for these security uploads to see why haven't they built 
> fine.

Logs for security builds aren't publicly available; you could try asking 
the security team.

>  2. I see there are only a few of similar cases, would be nice to have
> them caught and generate some notification

The security team periodically check for packages that are available in 
the security archive but have not made it to ftp-master. In this case 
the packages aren't available in the security archive either; I'd expect 
that they also check those.

> - finding out only when a fix doesn't go into a stable update sounds
> "expensive" to me (project benefit wise).

Having the fixes included in a stable update is mostly convenience. The 
packages are already available (at least on the architectures where they 
build okay) from the security archive, which everyone running 
{old,}stable should be checking.



More information about the pkg-php-maint mailing list