[Secure-testing-commits] r57621 - in data: . CVE
Roberto C. Sanchez
roberto at moszumanska.debian.org
Tue Nov 14 15:38:26 UTC 2017
Author: roberto
Date: 2017-11-14 15:38:26 +0000 (Tue, 14 Nov 2017)
New Revision: 57621
Modified:
data/CVE/list
data/dla-needed.txt
Log:
Annotate CVE-2017-16642 as not affecting php5 in wheezy; remove php5 from dla-needed.txt since no issues remain
Modified: data/CVE/list
===================================================================
--- data/CVE/list 2017-11-14 15:11:08 UTC (rev 57620)
+++ data/CVE/list 2017-11-14 15:38:26 UTC (rev 57621)
@@ -402,6 +402,7 @@
- php7.1 7.1.11-1
- php7.0 7.0.25-1
- php5 <removed>
+ [wheezy] - php5 <not-affected> (Vulnerable code not present; proof of concept produces expected non-buggy output; upstream patch also appears overly intrusive)
NOTE: Fixed in: 5.6.32, 7.0.25, 7.1.11
NOTE: PHP Bug: https://bugs.php.net/bug.php?id=75055
NOTE: https://github.com/derickr/timelib/commit/aa9156006e88565e1f1a5f7cc088b18322d57536
Modified: data/dla-needed.txt
===================================================================
--- data/dla-needed.txt 2017-11-14 15:11:08 UTC (rev 57620)
+++ data/dla-needed.txt 2017-11-14 15:38:26 UTC (rev 57621)
@@ -74,10 +74,6 @@
--
openjdk-7 (Emilio Pozuelo)
--
-php5 (Roberto C. Sánchez)
- NOTE: Proposed release date 2017-12-15. The one issue seen so far is not severe.
- NOTE: See packages/php5.txt for further information about handling.
---
poppler (Markus Koschany)
NOTE: not fixed in sid yet so did not ping maintainer
NOTE: drawForm is doForm1 in wheezy
More information about the Secure-testing-commits
mailing list