[pkg-php-pear] Fixing FTBFS in symfony before the PHP migration
"David Prévot"
david at tilapin.org
Sun Jan 17 19:46:38 UTC 2016
Hi Daniel,
>> There is something special about this version:
>> It embeds paragonie/random_compat into symfony/security.
>
> Thats seems fine, but maybe a bit weird to see it installed in a
>
/vendor/ path. On the other hand, since its just a temporary workaround,
> I guess it doesnt matter. Please update the d/copyright anyway.
According to the changelog, the goal of this change may be to fix a
security issue:
* security #17359 do not ship with a custom rng implementation (xabbuh,
fabpot)
I dont know the security implications of this fix, but it seems important
enough to upstream to backport it to all currently maintained branches.
Can you have a look at it, and eventually propose a patch for Jessie if
its worth it?
Regards
David
More information about the pkg-php-pear
mailing list