On 10 May 2012 00:26, Steve Wills <swi...@mouf.net> wrote: > On May 10, 2012, at 12:20 AM, Eitan Adler wrote: > >> On 10 May 2012 00:10, Steve Wills <swi...@mouf.net> wrote: >>> Hi, >>> >>> Thanks for making this happen so quickly! Just wondering, should the vuxml >>> entry be updated or perhaps a new one added? >> >> CVE-2012-1823 seems to be documented already with the correct version >> numbers. >> This commit is missing a Security: tag but other that I don't see >> anything wrong. > > The current VuXML entry says php5 < 5.3.12. Is there really no need to > upgrade to 5.3.13 or am I missing something?
I'm an idiot - the fix in 5.3.12 was only a partial fix. When originally committed it should have had <le> not <lt>. The existing VuXML should be updated and the body text should explain the specifics. I won't have time to do that tonight :( -- Eitan Adler Source & Ports committer X11, Bugbusting teams _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscr...@freebsd.org"
