[pkg-php-pear] Symfony: Fixes for CVE-2016-4423 and CVE-2016-2403 for sid and experimental in git (WAS: Re: Symfony in stable: Fix for CVE-2016-4423 in git)

Daniel Beyer dabe at deb.ymc.ch
Wed May 11 12:48:49 UTC 2016 

Hi David,

Am Mittwoch, den 11.05.2016, 08:03 -0400 schrieb David Prévot:
> Hi,
> 
> Le 11/05/2016 à 04:04, Daniel Beyer a écrit :
> > I'm not sure how to get the tests working again with the newer version
> > of php-phpdocumentor-reflection in experimental
> 
> I haven’t yet looked into the issue, but AFAIK, there is no reason to
> pick php-phpdocumentor-reflection from experimental (it’s only relevant
> for the current upstream master branch). The version from Sid used to
> work fine (at least, 3.0.5 was successfully built on buildd).
> 

Thanks for the hint, 3.0.6 builds fine on sid (as 3.0.5 does), but the
as-installed tests are failing there (as they fail with 3.0.5). The
errors (17 of them) are:
17) Symfony\Component\PropertyInfo\Tests\PhpDocExtractors\PhpDocExtractorTest::testExtract with data set #16 ('f', array(Symfony\Component\PropertyInfo\Type Object (...)), null, null)
Error: Class 'PhpParser\Node\Stmt\Namespace_' not found

/usr/share/php/PhpParser/Parser.php:1090
/usr/share/php/PhpParser/ParserAbstract.php:242
/usr/share/php/Symfony/Component/PropertyInfo/Extractor/PhpDocExtractor.php:155
/usr/share/php/Symfony/Component/PropertyInfo/Extractor/PhpDocExtractor.php:273
/usr/share/php/Symfony/Component/PropertyInfo/Extractor/PhpDocExtractor.php:187
/usr/share/php/Symfony/Component/PropertyInfo/Extractor/PhpDocExtractor.php:86
/tmp/adt-run.f55feb/tree/src/Symfony/Component/PropertyInfo/Tests/Extractors/PhpDocExtractorTest.php:37


I'll have a look on this (I might be a able to do that today) and let
you know. But do not fell to have to wait for me regarding potential
uploads of the current state to fix the CVEs.

Greetings
Daniel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: This is a digitally signed message part
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-pear/attachments/20160511/31905d44/attachment.sig>

More information about the pkg-php-pear mailing list