Re: php5: many of the "open unimportant issues" would seem to be fixed?
On Mon, Apr 23, 2012 at 01:44:58PM +0100, Chris Butler wrote:
> Having a quick look at the security tracker for PHP5, it looks to me like a
> number of the older "Open unimportant issues" are no longer a problem with
> the latest version in Squeeze (5.3.3-7), since a lot of them seem to have
> been fixed upstream in earlier versions. Can the tracker be updated somehow
> to remove the noise from old issues?
> >From a quick scan, it seems that CVE-2010-3064 is a likely cut-off point, as
> it seems to be the last one listed as affecting "PHP 5.3 through 5.3.2".
> Although I'm a little bit busy right at the moment, I can probably have a
> more detailed look through the list later today when I have a bit more spare
> time, if that would help.
If you provide a list of CVE IDs and their prospective upstream fixes,
we can update the entries.