[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: php5: many of the "open unimportant issues" would seem to be fixed?

On Tue, Apr 24, 2012 at 05:06:26AM +0200, Nico Golde wrote:
> * Chris Butler <chrisb@debian.org> [2012-04-23 14:51]:
> > >From a quick scan, it seems that CVE-2010-3064 is a likely cut-off point, as
> > it seems to be the last one listed as affecting "PHP 5.3 through 5.3.2".
> > Although I'm a little bit busy right at the moment, I can probably have a
> > more detailed look through the list later today when I have a bit more spare
> > time, if that would help.
> 
> What is this exactly based on? Cause the CVE id description is unfortunately 
> not very reliable.

Ah, I wasn't aware of that, thanks for the heads-up. It was mostly based on
looking at the description, although a couple of the ones I picked at random
were also listed as fixed in the PHP changelog pre-5.3.3..

It was just a quick scan of the list at the time, as I didn't have time to
go into detail. I started having a closer look through the list last night,
and will let the list know once I've got some more useful/accurate data...

-- 
Chris Butler <chrisb@debian.org>
  GnuPG Key ID: 4096R/49E3ACD3
Reply to: