==================================================================
Please DO NOT REPLY to this mail or send email to the developers
about this bug. Please follow-up to Bugzilla using this link:
http://bugs.contribs.org/show_bug.cgi?id=5463
Have you checked the Frequently Asked Questions (FAQ)?
http://wiki.contribs.org/SME_Server:Documentation:FAQ
Please also take the time to read the following useful guide:
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
==================================================================
--- Comment #23 from David Harper <[email protected]> 2009-09-16
10:40:43 ---
Here are the differences noted in the changelog:
- add security fixes for CVE-2008-3658, CVE-2008-3660,
CVE-2008-5498, CVE-2008-5557, CVE-2009-0754 (#487361)
- split out gd overflow2() and make global with sane symbol name
- fix quote handling if fgetcsv() (#165194)
- fix RPATH in gd.so (#481562)
- enable dbase extension (#236094)
- require autoconf, automake for -devel (#453028)
- provide mod_php (#294611)
- odbc: 64-bit fixes (#211609)
- curl: safe argument handling for curl_init (#176715)
- fix possible crash with setlocale() (#203151, thanks to Dominik Gehl)
- fix printf positional argument handling (#218044)
- fixes for handling of failed read in multipart request (#250999)
- fix crashes with unclosed streams using custom wrappers (#433558)
- fix serialize() of incomplete class (#219235)
The only thing that stands out is the reference to providing mod_php. This
appears to refer to a new line in the 3.26 spec:
> Provides: mod_php = %{version}-%{release}
Unfortunately that is as far as I get right now...
--
Configure bugmail: http://bugs.contribs.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug.
_______________________________________________
Mail for each SME Contribs bug report
To unsubscribe, e-mail [email protected]
Searchable archive at http://lists.contribs.org/mailman/public/contribteam/
