Re: postponing php5 issue

To: Antoine Beaupré <anarcat@orangeseeds.org>, debian-lts@lists.debian.org
Subject: Re: postponing php5 issue
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Tue, 21 Feb 2017 21:57:23 +0100
Message-id: <[🔎] 253b6458-816f-14a4-3089-09adcb7fbe47@debian.org>
In-reply-to: <[🔎] 87efysy07p.fsf@curie.anarc.at>
References: <[🔎] 87efysy07p.fsf@curie.anarc.at>

On 20/02/17 23:19, Antoine Beaupré wrote:
> It seems a bit too much to do a DLA for a single issue in the php5
> package (CVE-2016-7478, namely):
> 
> https://security-tracker.debian.org/tracker/source-package/php5
> 
> I looked at the issue and the patch is easily ported, but i suggest we
> postpone this DLA until we have piled up more important
> issues...
> 
> I attached the backported patch for future reference. I'll update the
> security tracker with details as well.

You should commit that to

https://anonscm.debian.org/cgit/collab-maint/debian-lts/php5.git/

> PS: has someone notified the maintainer before triaging this issue? i
> didn't see a mail go through...

AFAIK we handle php5 ourselves.

Cheers,
Emilio

Reply to:

Follow-Ups:
- Re: postponing php5 issue
  - From: Antoine Beaupré <anarcat@orangeseeds.org>
- Re: postponing php5 issue
  - From: Thorsten Alteholz <debian@alteholz.de>

References:
- postponing php5 issue
  - From: anarcat@orangeseeds.org (Antoine Beaupré)

Prev by Date: Re: Accepted bitlbee 3.0.5-1.2+deb7u1 (source all amd64) into oldstable
Next by Date: Re: testing and review requested for Wheezy update of apache2
Previous by thread: postponing php5 issue
Next by thread: Re: postponing php5 issue
Index(es):
- Date
- Thread