Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2

To: Salvatore Bonaccorso <carnil@debian.org>, 816198@bugs.debian.org
Cc: Markus Frosch <lazyfrosch@debian.org>, taffit@debian.org
Subject: Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2
From: Moritz Mühlenhoff <jmm@inutil.org>
Date: Mon, 14 Mar 2016 23:10:28 +0100
Message-id: <[🔎] 20160314221028.GC8779@pisco.westfalen.local>
Reply-to: Moritz Mühlenhoff <jmm@inutil.org>, 816198@bugs.debian.org
In-reply-to: <20160228184246.GA3549@eldamar.local>
References: <145668012872.5453.6581276210278635754.reportbug@emelia.lazyfrosch.de> <20160228184246.GA3549@eldamar.local>

On Sun, Feb 28, 2016 at 07:42:46PM +0100, Salvatore Bonaccorso wrote:
> Hi Markus,
> 
> Just one note:
> 
> On Sun, Feb 28, 2016 at 06:22:08PM +0100, Markus Frosch wrote:
> > +php-dompdf (0.6.1+dfsg-2+deb8u1) UNRELEASED; urgency=medium
> > +
> > +  * Non-maintainer upload.
> > +  * [22610bd] Add 0.6.2 hotfix patch (Closes: #813849)
> > +
> > +    Fixes CVE:
> > +    * CVE-2014-2383
> > +    * CVE-2014-5011
> > +    * CVE-2014-5012
> > +    * CVE-2014-5013
> 
> CVE-2014-2383 should actually be already fixed in 0.6.1+dfsg-1. Is
> that wrong?
> 
>  https://security-tracker.debian.org/tracker/CVE-2014-2383
>  https://bugs.debian.org/745619

Markus?

Cheers,
        Moritz

Reply to:

Follow-Ups:
- Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2
  - From: Markus Frosch <lazyfrosch@debian.org>

Prev by Date: Bug#815153: transition: libvigraimpex
Next by Date: Bug#818242: nmu: stringencoders_3.10.3-2
Previous by thread: Processed: Re: Bug#818225: wheezy-pu: package exim4/4.80-7+deb7u3
Next by thread: Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2
Index(es):
- Date
- Thread