[Secure-testing-commits] r50107 - in data: . DLA

Markus Koschany apo at moszumanska.debian.org
Mon Mar 27 22:09:55 UTC 2017


Author: apo
Date: 2017-03-27 22:09:55 +0000 (Mon, 27 Mar 2017)
New Revision: 50107

Modified:
   data/DLA/list
   data/dla-needed.txt
Log:
Reserve DLA-875-1 for php5

Modified: data/DLA/list
===================================================================
--- data/DLA/list	2017-03-27 21:48:38 UTC (rev 50106)
+++ data/DLA/list	2017-03-27 22:09:55 UTC (rev 50107)
@@ -1,3 +1,6 @@
+[28 Mar 2017] DLA-875-1 php5 - security update
+	{CVE-2016-7478 CVE-2016-7479 CVE-2017-7272}
+	[wheezy] - php5 5.4.45-0+deb7u8
 [27 Mar 2017] DLA-874-1 jbig2dec - security update
 	{CVE-2016-9601}
 	[wheezy] - jbig2dec 0.13-4~deb7u1

Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt	2017-03-27 21:48:38 UTC (rev 50106)
+++ data/dla-needed.txt	2017-03-27 22:09:55 UTC (rev 50107)
@@ -100,11 +100,6 @@
 --
 partclone
 --
-php5 (Markus Koschany)
-  NOTE: only one issue at the time of writing (CVE-2016-7478)
-  NOTE: backported patch available, but maybe wait for more issues?
-  NOTE: -- 2017-02-20 Antoine Beaupre
---
 potrace (Hugo Lefeuvre)
   NOTE: Try to reproduce CVE-2016-8685/cherry pick the patch from Stretch.
   NOTE: Upstream is not going to fix CVE-2016-8686 since it believes it is not




More information about the Secure-testing-commits mailing list