Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2

Moritz Mühlenhoff Mon, 14 Mar 2016 15:15:58 -0700

On Sun, Feb 28, 2016 at 07:42:46PM +0100, Salvatore Bonaccorso wrote:
> Hi Markus,
> 
> Just one note:
> 
> On Sun, Feb 28, 2016 at 06:22:08PM +0100, Markus Frosch wrote:
> > +php-dompdf (0.6.1+dfsg-2+deb8u1) UNRELEASED; urgency=medium
> > +
> > +  * Non-maintainer upload.
> > +  * [22610bd] Add 0.6.2 hotfix patch (Closes: #813849)
> > +
> > +    Fixes CVE:
> > +    * CVE-2014-2383
> > +    * CVE-2014-5011
> > +    * CVE-2014-5012
> > +    * CVE-2014-5013
> 
> CVE-2014-2383 should actually be already fixed in 0.6.1+dfsg-1. Is
> that wrong?
> 
>  https://security-tracker.debian.org/tracker/CVE-2014-2383
>  https://bugs.debian.org/745619


Markus?

Cheers,
        Moritz

Bug#816198: jessie-pu: package php-dompdf/0.6.1+dfsg-2

Reply via email to