Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2
On Sun, Feb 28, 2016 at 07:42:46PM +0100, Salvatore Bonaccorso wrote:
> Hi Markus,
>
> Just one note:
>
> On Sun, Feb 28, 2016 at 06:22:08PM +0100, Markus Frosch wrote:
> > +php-dompdf (0.6.1+dfsg-2+deb8u1) UNRELEASED; urgency=medium
> > +
> > + * Non-maintainer upload.
> > + * [22610bd] Add 0.6.2 hotfix patch (Closes: #813849)
> > +
> > + Fixes CVE:
> > + * CVE-2014-2383
> > + * CVE-2014-5011
> > + * CVE-2014-5012
> > + * CVE-2014-5013
>
> CVE-2014-2383 should actually be already fixed in 0.6.1+dfsg-1. Is
> that wrong?
>
> https://security-tracker.debian.org/tracker/CVE-2014-2383
> https://bugs.debian.org/745619
Markus?
Cheers,
Moritz
Reply to: