[Mageia-dev] Freeze push: php, php-timezonedb, php-xdebug
nicolas vigier
boklm at mars-attacks.org
Sat May 5 01:03:46 CEST 2012
On Fri, 04 May 2012, David Walser wrote:
> David Walser <luigiwalser at ...> writes:
> > David Walser <luigiwalser at ...> writes:
> > > Mandriva issued a security update for 2010.2 that updated these packages
> > > to newer versions than we have.
> > > I've updated them and verified that they build. I've also tested them with
> > > the same test cases I've used for QAing mga1 security updates. I did find
> > > one bug, but it's not a regression.
> > >
> > > I have the updates for Mageia 1 built, so please submit php, php-timezonedb,
> > > and php-xdebug to get them in line in Cauldron.
>
> A major new security issue, CVE-2012-2311, with remote code execution and all
> kinds of other problems and publicly available exploits, has just been
> announced. A fix is supposed to be available from upstream soon.
php, php-timezonedb and php-xdebug have been submitted.
More information about the Mageia-dev
mailing list