[pkg-php-pear] Bug#1034597: CVE ID (Was: cloning 1034581, reassign -1 to php-nyholm-psr7)

David Prévot david at tilapin.org
Wed Apr 19 18:18:10 BST 2023


Hi Salvatore,

Le 19/04/2023 à 08:33, Salvatore Bonaccorso a écrit :
> On Wed, Apr 19, 2023 at 08:29:49AM +0200, Salvatore Bonaccorso wrote:
[…]
>> FWIW, I do not know (yet) if myholm-psr7 will get a own CVE for it.
>> php-slim-psr7 did in fact got one (see #1034580).
> 
> Okay, actually the project is using CVE-2023-29197 as well per
> https://github.com/Nyholm/psr7/security/advisories/GHSA-wjfc-pgfp-pv9c

Yep, I got it from the changelog, still need to (find time to) figure 
out the best way to deal with it for Bookworm.

> Added it as such as well to the tracker.

Thanks!

Regards

taffit
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 495 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-php-pear/attachments/20230419/70ba8479/attachment.sig>


More information about the pkg-php-pear mailing list