Re: php5: many of the "open unimportant issues" would seem to be fixed?

To: debian-security-tracker@lists.debian.org, chrisb@debian.org
Subject: Re: php5: many of the "open unimportant issues" would seem to be fixed?
From: Moritz Muehlenhoff <jmm@debian.org>
Date: Mon, 23 Apr 2012 18:54:30 +0200
Message-id: <[🔎] 20120423165429.GA25828@inutil.org>
In-reply-to: <[🔎] 20120423124458.GL20365@crustynet.org.uk>
References: <[🔎] 20120423124458.GL20365@crustynet.org.uk>

On Mon, Apr 23, 2012 at 01:44:58PM +0100, Chris Butler wrote:
> Hi,
> 
> Having a quick look at the security tracker for PHP5, it looks to me like a
> number of the older "Open unimportant issues" are no longer a problem with
> the latest version in Squeeze (5.3.3-7), since a lot of them seem to have
> been fixed upstream in earlier versions. Can the tracker be updated somehow
> to remove the noise from old issues?
> 
> >From a quick scan, it seems that CVE-2010-3064 is a likely cut-off point, as
> it seems to be the last one listed as affecting "PHP 5.3 through 5.3.2".
> Although I'm a little bit busy right at the moment, I can probably have a
> more detailed look through the list later today when I have a bit more spare
> time, if that would help.

If you provide a list of CVE IDs and their prospective upstream fixes,
we can update the entries.

Cheers,
        Moritz

Reply to:

References:
- php5: many of the "open unimportant issues" would seem to be fixed?
  - From: Chris Butler <chrisb@debian.org>

Prev by Date: Bug#669286: security-tracker: DSA-2453-1 vs. tracker
Next by Date: Bug#669286: security-tracker: DSA-2453-1 vs. tracker
Previous by thread: php5: many of the "open unimportant issues" would seem to be fixed?
Next by thread: Re: php5: many of the "open unimportant issues" would seem to be fixed?
Index(es):
- Date
- Thread