[pkg-php-pear] Bug#813849: Multiple security issues
taffit at debian.org
Fri Feb 5 23:08:45 UTC 2016
Tags: security upstream
I’ve just noticed that php-dompdf upstream released “a security-focused
release that addresses a number of vulnerabilities that can expose your
system to exploitation.”
[CVE-2014-5011], [CVE-2014-5012] and [CVE-2014-5013] have been assigned
to these issues, but I don’t have much input about them.
I believe we should simply remove this leaf package from Jessie (along
with php-font-lib that is only used by php-dompdf). I’ll follow up with
an RM request if the security team agrees with that option.
This bug will soon force the auto-removal of this package from testing,
and unless someone steps up to adopt it (#748604), we may also remove it
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 473 bytes
Desc: not available
More information about the pkg-php-pear