Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Please unblock package php5 Hi, this is a preliminary request to unblock php5/5.6.4+dfsg-1 that hasn't been release yet. We have changed a security policy for php5 in current stable with security team to just include new upstream versions. Since security team doesn't have a final word yet for jessie updates, we need to find a reasonable way how to update php5 in jessie in meantime before jessie is released. php5/5.6.4+dfsg-1 will fix a couple more of security bugs that have been found (some of them are already in 5.6.3+dfsg-1 and some are not public yet). The option I would like to avoid is backporting the patches for php5/5.6.2+dfsg-1 and then flushing all that with next security update after a jessie is released as stable. This seem to be an extra work that could be possibly avoided. So, the question is whether you concur with security team and you will allow uploading 5.6.4+dfsg-0+deb8u1 to t-p-u. I understand we might face some extra breakages (although I hope not), but this will happen anyway with next security upload. There's more in #757342 on the subject of pushing full upstream releases as security updates instead of exhausting the cherry-pickers. unblock php5/5.6.4+dfsg-0+deb8u1 - -- System Information: Debian Release: 8.0 APT prefers testing APT policy: (990, 'testing'), (700, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJUjverXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHFQ4QAMAMWiLGYZkIuket889qutKw JI8fMcYECjF6JUhcPcVH2XFrU8uIoN+t1KQRH3hK67XhJIe9+8/QKIxRMygYECOd WogD7I4nq83kBfdIjSdWlUwtC9mIMX5CtxyTuAdEahzy1KcZNYHG8QsAwyC2QljF Z/ufgSVfPEv3+ZlxrSQ207LhFv3uNC5jvfZrcGAXfbkdFydKptQC15+34IKCqOko AH0fP1u2s972As7C2tMGibofU3V0cXjH8t9VGx7ny3mvKtUwVqH0NnsimZV46Q6R 09CLEUnAgbl8a01K9oOTPy++DQYasf84vibS/teRBivZN1nq9xpPHk1oANJX2xRg 1dOXeOsWLfrj+qG3/ZAhtHSbpCZA7o5M32JDXZKwUqHSQjEKJF7A5wtIVQkpdcQZ dXt7B1kUJUvqFp3/fVJq/IKGIRs7Qh8PEMsu0PJV0DB4Th70bvuC12xvrMla7n94 yTCrKFs+rTfL+QOS1UarLJf+BlpL8QhIM+y9UbtpGKBuZ0eN/YiK+Y4DKfRz8K9l ePieHqpyJwiC9pfSP22WLQfK3/zFvj38yJT4lOU5YD3joXo9UIO0l0aBvYcYkR8f aQl1fRAXJRNnXNvgFvWvPOJrDMmGNIqbX/qb7LVtiNjAJeqwadtOYE1UcbwAwDsE aMdgRj04dd+IYmD49Asl =T5hk -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141215150106.29359.68811.report...@lettie.nic.cz