[Mageia-dev] Freeze push: php, php-timezonedb, php-xdebug
David Walser
luigiwalser at yahoo.com
Fri May 4 16:35:39 CEST 2012
David Walser <luigiwalser at ...> writes:
> David Walser <luigiwalser at ...> writes:
> > Mandriva issued a security update for 2010.2 that updated these packages
> > to newer versions than we have.
> > I've updated them and verified that they build. I've also tested them with
> > the same test cases I've used for QAing mga1 security updates. I did find
> > one bug, but it's not a regression.
> >
> > I have the updates for Mageia 1 built, so please submit php, php-timezonedb,
> > and php-xdebug to get them in line in Cauldron.
A major new security issue, CVE-2012-2311, with remote code execution and all
kinds of other problems and publicly available exploits, has just been
announced. A fix is supposed to be available from upstream soon.
More information about the Mageia-dev
mailing list