Originally there were updates for these builds created: 1.) php-pear-MDB2-2.4.1-2.fc7 2.) php-pear-MDB2-Driver-mysql-1.4.1-3.fc7 3.) php-pear-MDB2-2.4.1-2.fc8 4.) php-pear-MDB2-Driver-mysql-1.4.1-3.fc8.1
I decided to add php-pear-MDB2-Driver-mysqli, and merge the separate updates, so I attempted to add php-pear-MDB2-Driver-mysql-1.4.1-3.fc8.1 and php-pear-MDB2-Driver-mysqli-1.4.1-3.fc8 to the update 3.)
Bodhi complained, that update for php-pear-MDB2-Driver-mysql-1.4.1-3.fc8.1 already exists. That was fair, so I deleted 4.) and attempted to resubmit. No success, Bodhi complained, that update with php-pear-MDB2-2.4.1-2.fc8 already existed.
I found that strange, so I deleted the remaining f8 update, and attempted to start over. No success -- the same complaint about php-pear-MDB2-2.4.1-2.fc8 update already existing.
I was able to create update without that build, just with -Driver- things.
About the same thing happened with Fedora 7 update. Please have a short look at last two in:
https://admin.fedoraproject.org/updates/search/php-pear-MDB2
ans note that they apparently contain no builds now.
The update is impact=critical, so in case you won't be able to reach me, please create and push the updates to stable for me. This is what I intended to create:
Fedora 7: Builds: php-pear-MDB2-2.4.1-2.fc7[[BR]] php-pear-MDB2-Driver-mysql-1.4.1-3.fc7[[BR]] php-pear-MDB2-Driver-mysqli-1.4.1-3.fc7[[BR]] Bugs: 379081 - CVE-2007-5934 MDB2 Data injection and disclosure[[BR]] 379091 - MDB2 Data injection and disclosure [f7][[BR]] 379121 - MDB2 Data injection and disclosure [f7][[BR]] 379151 - MDB2 Data injection and disclosure [f7][[BR]]
Fedora 8:
Builds: php-pear-MDB2-2.4.1-2.fc8[[BR]] php-pear-MDB2-Driver-mysql-1.4.1-3.fc8.1[[BR]] php-pear-MDB2-Driver-mysqli-1.4.1-3.fc8[[BR]] Bugs: 379081 - CVE-2007-5934 MDB2 Data injection and disclosure[[BR]] 379101 - MDB2 Data injection and disclosure [f8][[BR]] 379131 - MDB2 Data injection and disclosure [f8][[BR]] 379161 - MDB2 Data injection and disclosure [f8][[BR]]
Comment for both is: This update fixes a security flaw CVE-2007-5934 with critical impact. All users of php-pear-MDB2 are strongly advised to upgrade to these updated packages.
Type is security, and as I noted above, request is for stable.
Thanks!
I fixed both of the updates, added the appropriate builds, and submitted them both to stable. Please let me know if you see anything wrong with them.
https://admin.fedoraproject.org/updates/F8/pending/php-pear-MDB2-Driver-mysqli-1.4.1-3.fc8,php-pear-MDB2-Driver-mysql-1.4.1-3.fc8.1,php-pear-MDB2-2.4.1-2.fc8 https://admin.fedoraproject.org/updates/F7/pending/php-pear-MDB2-Driver-mysql-1.4.1-3.fc7,php-pear-MDB2-Driver-mysqli-1.4.1-3.fc7,php-pear-MDB2-2.4.1-2.fc7
Login to comment on this ticket.