Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2
Hi Markus,
Just one note:
On Sun, Feb 28, 2016 at 06:22:08PM +0100, Markus Frosch wrote:
> +php-dompdf (0.6.1+dfsg-2+deb8u1) UNRELEASED; urgency=medium
> +
> + * Non-maintainer upload.
> + * [22610bd] Add 0.6.2 hotfix patch (Closes: #813849)
> +
> + Fixes CVE:
> + * CVE-2014-2383
> + * CVE-2014-5011
> + * CVE-2014-5012
> + * CVE-2014-5013
CVE-2014-2383 should actually be already fixed in 0.6.1+dfsg-1. Is
that wrong?
https://security-tracker.debian.org/tracker/CVE-2014-2383
https://bugs.debian.org/745619
Regards,
Salvatore
Reply to: