Correction to CVE-2015-3330 information
https://security-tracker.debian.org/tracker/CVE-2015-3330 shows
everything but squeeze-lts as vulnerable. There are two corrections I
suggest:
- As I understand it, wheezy isn't affected unless someone has upgraded
Apache to 2.4.
- This problem was fixed in 5.6.7+dfsg-1, the version currently in
jessie. The changelog only mentions PHP bugs #68486 and #69218 because
a CVE number hadn't been issued yet.
--
William Aoki KD7YAF waoki@umnh.utah.edu 5-1924
Reply to: