While the debdiff is much appreciated, there are several issues involved beyond pushing out this debdiff:
1) updates need to be backported and tested for all for released versions (not just hardy) 2) the patches in the debdiff are not in line with Debian or other distributions, so they need to be investigated for correctness 3) several other CVEs not addressed in this debdiff will be included in the upcoming security upload 4) as Kees said, the vulnerabilities addressed in this debdiff are either hard to exploit or low risk Please be assured that fixes for these CVEs (and others) are actively being worked on. -- Please roll out security fixes from PHP 5.2.6 https://bugs.launchpad.net/bugs/227464 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
