[pkg-php-pear] Symfony CVE-2015-8124 and CVE-2015-8125
Daniel Beyer
dabe at deb.ymc.ch
Tue Nov 24 08:27:07 UTC 2015
Hi David,
On Mon, 2015-11-23 at 23:10 -0400, David Prévot wrote:
> Hi Daniel,
>
> Le 23/11/2015 20:43, Daniel Beyer a écrit :
>
> > @David: Do you have time to do the upload(s)?
>
> Sure, already built the Jessie version, will upload once the security
> team gives the green light.
>
Great, thanks.
> >> The 2.7 in sid needs to be updated as well, but I did not start
>
> Let me know once you’re done, I’ll try and upload it quickly.
>
Symfony 2.7.7 is ready in master: I had a quick look onto upstream's
changes, checked the signature on the v2.7.7 tag and made sure the
repacked orig-src is sane.
One change to the Debian packaging:
* Pin debian/watch to stable 2.x releases of Symfony
I think we can wait for a stable 2.8 release and do not need package
some 2.n.n-BETAn versions for sid anymore [1] (for experimental we'll of
course need to revert this for 3.x).
As always I left d/changelog open for possible modifications you might
like to do.
Greetings
Daniel
[1] So far nobody disagree in this thread:
http://lists.alioth.debian.org/pipermail/pkg-php-pear/2015-November/006320.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-pear/attachments/20151124/279682cf/attachment.sig>
More information about the pkg-php-pear
mailing list