Argh, thanks for poke. Building for squeeze-security now.
$ diffstat php5_5.3.3-7+squeeze15.debdiff debian/patches/CVE-2013-1635.patch | 48 +++++++++++++ debian/patches/CVE-2013-1643.patch | 135 +++++++++++++++++++++++++++++++++++++ php5-5.3.3/debian/changelog | 7 + php5-5.3.3/debian/patches/series | 2 4 files changed, 192 insertions(+) I will upload it directly to security-master if you agree. O. On Mon, Mar 4, 2013 at 10:36 AM, Moritz Muehlenhoff <j...@inutil.org> wrote: > Package: php5 > Severity: grave > Tags: security > Justification: user security hole > > Hi, > two issues have been reported in php5. CVE-2013-1635 doesn't classify as a > security > issue per the Debian Security policy, but if the fix is non-intrusive we > could include it nonetheless: > > CVE-2013-1643 > http://git.php.net/?p=php-src.git;a=commitdiff;h=c737b89473df9dba6742b8fc8fbf6d009bf05c36 > > CVE-2013-1635 > http://git.php.net/?p=php-src.git;a=commitdiff;h=702b436ef470cc02f8e2cc21f2fadeee42103c74 > > Cheers, > Moritz > > _______________________________________________ > pkg-php-maint mailing list > pkg-php-ma...@lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-php-maint -- Ondřej Surý <ond...@sury.org>
php5_5.3.3-7+squeeze15.debdiff
Description: Binary data