Package: release.debian.org Severity: normal X-Debbugs-Cc: [email protected], [email protected], Ondřej Surý <[email protected]>, [email protected] Control: affects -1 + src:php8.4 User: [email protected] Usertags: unblock
Hi Ondrej, hi release team, As PHP packages follow for stable to follow the respective upstream released version, I would suggest/propose to get an unblock for php8.4 explicitly to make sure the fixes for some CVEs will land in trixie before trixie start. Specifically, php8.4 8.4.10-1 fixes CVE-2025-1220, CVE-2025-1735 and CVE-2025-6491. Ondrej, what is your take? It cannot mgirate automatically as it is a key package. Regards, Salvatore
