[Mageia-dev] Freeze push: php, php-timezonedb, php-xdebug

nicolas vigier boklm at mars-attacks.org
Sat May 5 01:03:46 CEST 2012


On Fri, 04 May 2012, David Walser wrote:

> David Walser <luigiwalser at ...> writes:
> > David Walser <luigiwalser at ...> writes:
> > > Mandriva issued a security update for 2010.2 that updated these packages
> > > to newer versions than we have. 
> > > I've updated them and verified that they build.  I've also tested them with
> > > the same test cases I've used for QAing mga1 security updates.  I did find
> > > one bug, but it's not a regression.
> > > 
> > > I have the updates for Mageia 1 built, so please submit php, php-timezonedb,
> > > and php-xdebug to get them in line in Cauldron.
> 
> A major new security issue, CVE-2012-2311, with remote code execution and all
> kinds of other problems and publicly available exploits, has just been
> announced.  A fix is supposed to be available from upstream soon.

php, php-timezonedb and php-xdebug have been submitted.



More information about the Mageia-dev mailing list