[Mageia-dev] Freeze push: php, php-eaccelerator

nicolas vigier boklm at mars-attacks.org
Thu May 10 22:23:04 CEST 2012


On Thu, 10 May 2012, David Walser wrote:

> The previous fix for the PHP-CGI remote code execution vulnerability was *still* incomplete (*facepalm*), so PHP has released 5.3.13 to fix a couple other issues with it, and CVE-2012-2335 and CVE-2012-2336 were issued to cover the new fixes.  Mandriva 2010.2 has updated to this, so I'd like to get this pushed in Cauldron so that we can issue the update for Mageia 1.
> 
> I've verified that this builds, installs, and works locally, both in Cauldron and Mageia 1.  It passes all of the normal testcases I use to QA it.
> 
> As for php-eaccelerator, just rebuilding it against the new PHP version to make sure it doesn't break again.

Submitted.



More information about the Mageia-dev mailing list