[Secure-testing-commits] r50107 - in data: . DLA
Markus Koschany
apo at moszumanska.debian.org
Mon Mar 27 22:09:55 UTC 2017
Author: apo
Date: 2017-03-27 22:09:55 +0000 (Mon, 27 Mar 2017)
New Revision: 50107
Modified:
data/DLA/list
data/dla-needed.txt
Log:
Reserve DLA-875-1 for php5
Modified: data/DLA/list
===================================================================
--- data/DLA/list 2017-03-27 21:48:38 UTC (rev 50106)
+++ data/DLA/list 2017-03-27 22:09:55 UTC (rev 50107)
@@ -1,3 +1,6 @@
+[28 Mar 2017] DLA-875-1 php5 - security update
+ {CVE-2016-7478 CVE-2016-7479 CVE-2017-7272}
+ [wheezy] - php5 5.4.45-0+deb7u8
[27 Mar 2017] DLA-874-1 jbig2dec - security update
{CVE-2016-9601}
[wheezy] - jbig2dec 0.13-4~deb7u1
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-03-27 21:48:38 UTC (rev 50106)
+++ data/dla-needed.txt 2017-03-27 22:09:55 UTC (rev 50107)
@@ -100,11 +100,6 @@
--
partclone
--
-php5 (Markus Koschany)
- NOTE: only one issue at the time of writing (CVE-2016-7478)
- NOTE: backported patch available, but maybe wait for more issues?
- NOTE: -- 2017-02-20 Antoine Beaupre
---
potrace (Hugo Lefeuvre)
NOTE: Try to reproduce CVE-2016-8685/cherry pick the patch from Stretch.
NOTE: Upstream is not going to fix CVE-2016-8686 since it believes it is not
More information about the Secure-testing-commits
mailing list