[php-maint] Bug#540611: Bug#540611: php5: exif buffer overread

Michael S. Gilbert michael.s.gilbert at gmail.com
Mon Aug 10 02:57:09 UTC 2009


On Sun, 9 Aug 2009 21:02:36 -0500 Raphael Geissert wrote:

> On Sunday 09 August 2009 01:13:42 Michael S. Gilbert wrote:
> >
> > hello, it has been disclosed that php is vulnerable to a buffer
> > over-read in versions befor 5.2.10.  see:
> 
> You already reported it as #535888, there's no need to report it more than 
> once.
> And no, reopening the report is *not necessary*, the BTS knows what versions 
> are affected. *Take a look at the graph at the top if necessary*
> 
> And adding another entry to  the security tracker doesn't help either.

i appologize for the mistake.  when issues don't get assigned a common
number, it's easy to miss the fact that different reports are actually
the same issue.  it was not my intent to open a duplicate bug, it looked
like this was new.

maybe it's just me, but dealing with issues in multiple releases with
the debian bts is non-obvious and a major pain.  is the "*right*" way
to do this documented somewhere?

mike





More information about the pkg-php-maint mailing list