On Tue, Nov 06, 2012 at 06:50:46AM -0500, Jiri B wrote: > This is backport to -stable, isn't it? Then usual policy > is not to jump to newer version. > > Info what is backporting and why it is used, could be find > here (even not related to OpenBSD) > > https://access.redhat.com/security/updates/backporting/
I understand. In this particular case above PHP 5.3.15 there isn't any security fixes that I can see, so we could stick to 5.3.15 in -stable because 5.3.14 in -release is vulnerable. Even though this vulnerability happens only in very special cases as Stuart referenced before.
