a) The patched version from Ondrej's repo is not an official, nor supported version, it's irrelevant to this discussion.
b) If you can provide the CVEs that Tyler asked for, then a security update will occur.
c) We do have an MRE for PHP7.0 (probably also for PHP7.1 by the same logic) and I plan on submitting an update to the latest PHP7.0 upstream in the next week or two. But that will only be present in -updates, not -security unless b) is addressed.
Sorry for the delay on my end in replying to this bug.
Thank Tyler :)
Steven,
a) The patched version from Ondrej's repo is not an official, nor supported version, it's irrelevant to this discussion.
b) If you can provide the CVEs that Tyler asked for, then a security update will occur.
c) We do have an MRE for PHP7.0 (probably also for PHP7.1 by the same logic) and I plan on submitting an update to the latest PHP7.0 upstream in the next week or two. But that will only be present in -updates, not -security unless b) is addressed.
Sorry for the delay on my end in replying to this bug.