Bug 378219

Summary:	dev-lang/php-5.3.7_rc4 version bump
Product:	Gentoo Linux	Reporter:	Bernd Lommerzheim <bernd>
Component:	[OLD] Server	Assignee:	PHP Bugs <php-bugs>
Status:	RESOLVED WONTFIX
Severity:	normal
Priority:	Normal
Version:	unspecified
Hardware:	All
OS:	Linux
Whiteboard:
Package list:		Runtime testing required:	---

Description Bernd Lommerzheim 2011-08-08 09:38:58 UTC

PHP 5.3.7_rc4 [1] was released on 28 July 2011. It fixes CVE-2011-2483 in crypt_blowfish. And on 3 August 2011 the new alpha 3 [2] of PHP 5.4.0 was released. Please bump to these versions. Thanks.

[1] http://svn.php.net/viewvc/php/php-src/tags/php_5_3_7RC4/NEWS?revision=313842&view=co
[2] http://svn.php.net/viewvc/php/php-src/tags/php_5_4_0alpha3/NEWS?revision=314202&view=co

Comment 1 Jeroen Roovers (RETIRED) gentoo-dev

2011-08-08 21:20:31 UTC

dev-lang/php-5.4.0_alpha3 is already in the tree:


*php-5.4.0_alpha3 (08 Aug 2011)

  08 Aug 2011; Ole Markus With <olemarkus@gentoo.org> +php-5.4.0_alpha3.ebuild:
  Bumping 5.4 to alpha3

Comment 2 Ole Markus With (RETIRED) gentoo-dev

2011-08-09 08:28:37 UTC

CVE fixes is no reason for bumping to a masked version of PHP. Please do not even consider that. 

Since the change between rc3 and rc4 were rather minor, I do not plan on releasing rc4 and rather wait the last few days left before final has been released. 5.3.7 final is scheduled for Thursday, and as usual, should be in Portage a few days later.