It appears that listing this request as a "Security vulnerability" is incorrect; backporting 5.3.6 would not necessarily fix any security issues not already fixed via patches to 5.3.5, unless perhaps 5.3.6 already has the CVE-2011-2202 rfc1867_post_handler fix scheduled for 5.3.7. I cannot see a way for me to change this request's details to remove that flag. Perhaps someone else can.
** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2011-2202 -- You received this bug notification because you are a member of Ubuntu Backporters, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/819587 Title: Please backport PHP 5.3.6-13ubuntu1 To manage notifications about this bug go to: https://bugs.launchpad.net/natty-backports/+bug/819587/+subscriptions -- ubuntu-backports mailing list ubuntu-backports@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-backports