Package: release.debian.org
Severity: normal
User: release.debian....@packages.debian.org
Usertags: unblock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Please unblock package php5

Hi,

this is a preliminary request to unblock php5/5.6.4+dfsg-1 that hasn't
been release yet.

We have changed a security policy for php5 in current stable with
security team to just include new upstream versions.  Since security
team doesn't have a final word yet for jessie updates, we need to find
a reasonable way how to update php5 in jessie in meantime before
jessie is released.

php5/5.6.4+dfsg-1 will fix a couple more of security bugs that have
been found (some of them are already in 5.6.3+dfsg-1 and some are not
public yet).

The option I would like to avoid is backporting the patches for
php5/5.6.2+dfsg-1 and then flushing all that with next security update
after a jessie is released as stable.  This seem to be an extra work
that could be possibly avoided.

So, the question is whether you concur with security team and you will
allow uploading 5.6.4+dfsg-0+deb8u1 to t-p-u.  I understand we might
face some extra breakages (although I hope not), but this will happen
anyway with next security upload.

There's more in #757342 on the subject of pushing full upstream
releases as security updates instead of exhausting the cherry-pickers.

unblock php5/5.6.4+dfsg-0+deb8u1

- -- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (990, 'testing'), (700, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_DK.UTF-8, LC_CTYPE=en_DK.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQJ8BAEBCgBmBQJUjverXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw
Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHFQ4QAMAMWiLGYZkIuket889qutKw
JI8fMcYECjF6JUhcPcVH2XFrU8uIoN+t1KQRH3hK67XhJIe9+8/QKIxRMygYECOd
WogD7I4nq83kBfdIjSdWlUwtC9mIMX5CtxyTuAdEahzy1KcZNYHG8QsAwyC2QljF
Z/ufgSVfPEv3+ZlxrSQ207LhFv3uNC5jvfZrcGAXfbkdFydKptQC15+34IKCqOko
AH0fP1u2s972As7C2tMGibofU3V0cXjH8t9VGx7ny3mvKtUwVqH0NnsimZV46Q6R
09CLEUnAgbl8a01K9oOTPy++DQYasf84vibS/teRBivZN1nq9xpPHk1oANJX2xRg
1dOXeOsWLfrj+qG3/ZAhtHSbpCZA7o5M32JDXZKwUqHSQjEKJF7A5wtIVQkpdcQZ
dXt7B1kUJUvqFp3/fVJq/IKGIRs7Qh8PEMsu0PJV0DB4Th70bvuC12xvrMla7n94
yTCrKFs+rTfL+QOS1UarLJf+BlpL8QhIM+y9UbtpGKBuZ0eN/YiK+Y4DKfRz8K9l
ePieHqpyJwiC9pfSP22WLQfK3/zFvj38yJT4lOU5YD3joXo9UIO0l0aBvYcYkR8f
aQl1fRAXJRNnXNvgFvWvPOJrDMmGNIqbX/qb7LVtiNjAJeqwadtOYE1UcbwAwDsE
aMdgRj04dd+IYmD49Asl
=T5hk
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to debian-release-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/20141215150106.29359.68811.report...@lettie.nic.cz

Reply via email to