hm... the new roundcube version seems to fix a number of CVE's, either
through upstream changes or through debian changes. Rolling it back
would mean to take care of these, and to diverge from upstream/unstable
quite a bit (and hence probably not being able to cherry-pick easily
there, in case of more problems)
php-mdb2, php-mdb2-driver-{psql,mysql} don't have any bugreports in
unstable, I guess my slightly preferred route would be to convince
archive admins that we want it, and to get these in.
But I must admit, that I'm also not 100% comfortable with adding new
packages that late, but I'm also not too comfortable with having to
backport all CVE fixes to an earlier version.
--
Sync php-mdb2 2.4.1-1 (universe) from Debian unstable (main).
https://bugs.launchpad.net/bugs/345263
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
