[Phpwm] Fw: [USN-261-1] PHP vulnerabilities

sparkes sparkes at westmids.biz
Fri Mar 10 19:18:34 GMT 2006

On Fri, 10 Mar 2006 18:57:49 +0000
Rob Allen <rob at akrabat.com> wrote:

> sparkes wrote:
> > It was discovered in Jan but Ubuntu and Suse both released new
> > packages yesterday so i presumed these where a new batch. I know my
> > debian etch server has updated these packages almost weekly this
> > year.  
> > 
> I wonder why? There hasn't been a new PHP release since Jan 13th. I'm 
> subscribed to the PHP security list at phpsec at phparch.com and it's 
> normally pretty quick at reporting issues with PHP and popular PHP 
> applications. Maybe Debian are playing with integration?

Minor patches are added in house to appications so some of them will
have been actual php4 and 5 patches but lots of them will have probably
been minor issues.  Etch is the current 'testing' distro so new
packages will come from unstable from time to time as well including
any changes to the misc crap in a package will end up as a new minor

it could alse be changes to libapache2 I suppose forcing the updates to
modphp but minor changes there shouldn't effect to dynamically linked

I'll keep an eye on it and try and find out what's going on.


| |O| | Stephen Parkes aka sparkes blog http://sp.arkes.co.uk 
| | |O| Geek Gear http://nerd.ws, Free Software http://zx-81.com
|O|O|O| Autistic GNU/Linux/*nix User Group http://autisticlug.org
motd: i souport publik edekasion.

More information about the Phpwm mailing list