On Thu, Jun 5, 2008 at 3:51 PM, Tormod Volden <[EMAIL PROTECTED]> wrote:
> Here's a debdiff with the 5 stripped down security patches:
Thanks Tormod.
I've reviewed this debdiff. It applies cleanly and php builds cleanly
for me.
Kees and Jamie generally review these sorts of security fixes, so I
Here's a debdiff with the 5 stripped down security patches:
php5 (5.2.4-2ubuntu5.2) hardy-proposed; urgency=low
.
* Backport security fixes from 5.2.6: (LP: #227464)
- debian/patches/security526-fastcgi.patch:
+ Fixed possible stack buffer overflow in FastCGI SAPI
+ Fixed s
I stripped out the documentation and comment changes in the "Upgraded
PCRE to version 7.6 (Nuno)" patch. The remaining changes in config.h and
pcre.h just bumps the version number. If this is not needed (by the
other patches) only the pcre_compile.c changes should be left for SRU.
diffstat nlopess
Sounds good. I think my point is really that people mix up backports and
SRU, and justifying a request for a package backport by needing security
fixes is wrong, unless it turns out that it is too difficult to backport
those fixes. I don't see anyone requesting any of the new features here.
So I di
On Wed, Jun 4, 2008 at 3:58 PM, Tormod Volden <[EMAIL PROTECTED]> wrote:
> Mathias, shouldn't all security fixes go as SRU in hardy-security (or
> hardy-updates) and not in backports? Backports are for new features.
A complete merge of 5.2.6 would constitute a backport, as the version
has been bum
Mathias, shouldn't all security fixes go as SRU in hardy-security (or
hardy-updates) and not in backports? Backports are for new features.
--
Please Backport PHP 5.2.6 -- fixes important security bugs
https://bugs.launchpad.net/bugs/227464
You received this bug notification because you are a memb
I just modified the bug description, and added the Hardy-Backports
project.
Packages are available in my PPA for testing.
:-Dustin
** Summary changed:
- PHP 5.2.6 fixes important security bugs
+ Please Backport PHP 5.2.6 -- fixes important security bugs
** Also affects: hardy-backports
Impo