@Micah: the diffstat between 5.3.3-1 and 5.3.3-4 is not that big: $ git diff 3c7bc2c87fd842df1df75783e014029adae00433 | diffstat b/debian/patches/CVE-2010-2950.patch | 11 b/debian/patches/CVE-2010-3436.patch | 18 b/debian/patches/CVE-2010-3709.patch | 12 b/debian/patches/CVE-2010-3710.patch | 35 + b/debian/patches/CVE-2010-3870.patch | 160 +++++ b/debian/patches/CVE-2010-4156.patch | 13 b/debian/patches/bug50481.patch | 27 b/debian/patches/bug52487.patch | 11 b/debian/patches/bug52573.patch | 15 b/debian/patches/bug52827.patch | 45 + b/debian/patches/bug52843.patch | 11 b/debian/patches/bug52947.patch | 10 b/debian/patches/bug53070.patch | 20 b/debian/patches/bug53323.patch | 22 b/debian/patches/fix-open_basedir-with-separator-r305698.patch | 21 b/debian/patches/fix_crash_in_GC.patch | 55 + b/debian/patches/fix_crash_in__php_mssql_get_column_content_without_type.patch | 17 b/debian/patches/php-5.3.4-ini.patch | 30 + b/debian/patches/php_crypt_revamped.patch | 56 + b/debian/patches/reject-filenames-with-null-r305507.patch | 13 b/debian/patches/use_system_crypt_fixes.patch | 19
Basically you should cherry-pick new patches in debian/patches/ and make SRU. And you probably already have fixes at least for CVEs, don't you? ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-2950 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3436 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3709 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3710 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-3870 ** CVE added: http://www.cve.mitre.org/cgi- bin/cvename.cgi?name=2010-4156 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/682501 Title: php5 5.3.3-1 causing segfaults -> 5.3.3-4 backport for maverick? -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
