[Mageia-dev] Freeze push: php, php-eaccelerator
David Walser
luigiwalser at yahoo.com
Thu May 10 21:56:04 CEST 2012
The previous fix for the PHP-CGI remote code execution vulnerability was *still* incomplete (*facepalm*), so PHP has released 5.3.13 to fix a couple other issues with it, and CVE-2012-2335 and CVE-2012-2336 were issued to cover the new fixes. Mandriva 2010.2 has updated to this, so I'd like to get this pushed in Cauldron so that we can issue the update for Mageia 1.
I've verified that this builds, installs, and works locally, both in Cauldron and Mageia 1. It passes all of the normal testcases I use to QA it.
As for php-eaccelerator, just rebuilding it against the new PHP version to make sure it doesn't break again.
More information about the Mageia-dev
mailing list