[php-maint] PHP security upload not included in 6.0.9
Lior Kaplan
kaplan at debian.org
Sun Feb 16 23:38:30 UTC 2014
Dear release team,
I saw the happy notice about 6.0.9 release, and wondered why isn't php5
(5.3.3-7+squeeze18) part of this update (uploaded in December).
Also see this: http://qa.debian.org/madison.php?package=php5
The changes log (taken from the our VCS) has two CVEs:
* [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes:
#731895)
* [CVE-2013-6712] Fix heap buffer over-read in DateInterval (Closes:
#731112)
Thanks,
Kaplan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20140217/6ffbf3c0/attachment.html>
More information about the pkg-php-maint
mailing list