[Bug 227464] Re: Please Backport PHP 5.2.6 -- fixes important security bugs

[Tormod Volden]

Sounds good. I think my point is really that people mix up backports and
SRU, and justifying a request for a package backport by needing security
fixes is wrong, unless it turns out that it is too difficult to backport
those fixes. I don't see anyone requesting any of the new features here.
So I disagree with Mathias's comment, and we should follow
https://wiki.ubuntu.com/StableReleaseUpdates instead. I do acknowledge
that it is faster to get a backport out than a SRU though, which is a
little unfortunate. It would be ideal to have the SRU out first, so that
people are not "tricked" into installing a backport that could cause
incompatibility problems.

BTW, the last, "huge" patch contains a lot of cosmetic fixes and changes
in comments which should be taken out for the SRU patch (you might
wonder why they squeezed all that into a "security fix"). I can take a
look at it if that can speed up things.

(Dustin, please don't quote people's email addresses in your bug posts)

-- 
Please Backport PHP 5.2.6 -- fixes important security bugs
https://bugs.launchpad.net/bugs/227464
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.