[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2

Hi Markus,

Just one note:

On Sun, Feb 28, 2016 at 06:22:08PM +0100, Markus Frosch wrote:
> +php-dompdf (0.6.1+dfsg-2+deb8u1) UNRELEASED; urgency=medium
> +
> +  * Non-maintainer upload.
> +  * [22610bd] Add 0.6.2 hotfix patch (Closes: #813849)
> +
> +    Fixes CVE:
> +    * CVE-2014-2383
> +    * CVE-2014-5011
> +    * CVE-2014-5012
> +    * CVE-2014-5013

CVE-2014-2383 should actually be already fixed in 0.6.1+dfsg-1. Is
that wrong?

 https://security-tracker.debian.org/tracker/CVE-2014-2383
 https://bugs.debian.org/745619

Regards,
Salvatore
Reply to: