[php-maint] PHP security upload not included in 6.0.9
kaplan at debian.org
Sun Feb 16 23:38:30 UTC 2014
Dear release team,
I saw the happy notice about 6.0.9 release, and wondered why isn't php5
(5.3.3-7+squeeze18) part of this update (uploaded in December).
Also see this: http://qa.debian.org/madison.php?package=php5
The changes log (taken from the our VCS) has two CVEs:
* [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes:
* [CVE-2013-6712] Fix heap buffer over-read in DateInterval (Closes:
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the pkg-php-maint