Hi everyone! DSA-1789-1 [1] claims that all the mentioned CVEs are fixed in php5/5.2.9.dfsg.1-1 for sid. All tracker pages for the mentioned CVEs seem to be consistent, except for the one for CVE-2008-5814 [2], which claims that sid is still vulnerable. [1] http://lists.debian.org/debian-security-announce/2009/msg00100.html [2] http://security-tracker.debian.net/tracker/CVE-2008-5814 Now the question is: is CVE-2008-5814 really fixed in php5/5.2.9.dfsg.1-1 ? If this is case, the tracker seems to be inconsistent. Please clarify and/or fix the inconsistency. P.S.: Please Cc: me on replies, as I am not a list subscriber. Thanks. -- New location for my website! Update your bookmarks! http://www.inventati.org/frx ..................................................... Francesco Poli . GnuPG key fpr == C979 F34B 27CE 5CD8 DC12 31B5 78F4 279B DD6D FCF4
Attachment:
pgpjwBplvlXfo.pgp
Description: PGP signature