[php-maint] Bug#530914: Bug#530914: CVE-2008-5498: Array index error in the imageRotate function in PHP 5.2.8 and earlier
atomo64 at gmail.com
Thu May 28 20:06:19 UTC 2009
severity 530914 wishlist
On Thursday 28 May 2009 13:27:43 Aenoch Lynn wrote:
> CVE-2008-5498 describes a potential remote vulnerability in imageRoate:
> A PCI scan found this a Medium severity and I need this fixed to pass the
Thanks :), but the packages are not affected.
When performing such scans on packages in Debian you should take a look at our
security tracker (if you find any inconsistencies don't hesitate to contact
the security team, though), it will make your life easier.
The report of this issue is
> - php5 <not-affected> (php5 links to the shared lib)
> - libgd2 <not-affected> (code is specific to php's libgd)
Since we don't use the embedded library I don't think this will be fixed in
lenny (and squeeze/sid is already at .9), but leaving the report open for
other members of the PHP team to express their opinion.
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
More information about the pkg-php-maint