[pkg-php-pear] Fixing FTBFS in symfony before the PHP migration
"David Prévot"
david at tilapin.org
Sun Jan 17 19:46:38 UTC 2016
Hi Daniel,
>> There is something special about this version:
>> It embeds paragonie/random_compat into symfony/security.
>
> That’s seems fine, but maybe a bit weird to see it installed in a
>
/vendor/ path. On the other hand, since it’s just a temporary workaround,
> I guess it doesn’t matter. Please update the d/copyright anyway.
According to the changelog, the goal of this change may be to fix a
security issue:
* security #17359 do not ship with a custom rng implementation (xabbuh,
fabpot)
I don’t know the security implications of this fix, but it seems important
enough to upstream to backport it to all currently maintained branches.
Can you have a look at it, and eventually propose a patch for Jessie if
it’s worth it?
Regards
David
More information about the pkg-php-pear
mailing list