Re: postponing php5 issue
On 20/02/17 23:19, Antoine Beaupré wrote:
> It seems a bit too much to do a DLA for a single issue in the php5
> package (CVE-2016-7478, namely):
>
> https://security-tracker.debian.org/tracker/source-package/php5
>
> I looked at the issue and the patch is easily ported, but i suggest we
> postpone this DLA until we have piled up more important
> issues...
>
> I attached the backported patch for future reference. I'll update the
> security tracker with details as well.
You should commit that to
https://anonscm.debian.org/cgit/collab-maint/debian-lts/php5.git/
> PS: has someone notified the maintainer before triaging this issue? i
> didn't see a mail go through...
AFAIK we handle php5 ourselves.
Cheers,
Emilio
Reply to: