[Secure-testing-team] Re: [Secure-testing-commits] r2366 -
data/CAN
Moritz Muehlenhoff
jmm at inutil.org
Sun Oct 9 15:04:18 UTC 2005
Florian Weimer wrote:
> > +CAN-2005-XXXX [Missing safemode checks in PHP's _php_image_output functions]
> > + - php5 5.0.5-2
> > + - php4 4:4.4.0-3
>
> According to Debian's stable security bug fixing policy, these aren't
> security vulnerabilities. Shall we track them nevertheless?
As this hasn't been specifically publicly announced, we should do so?
I don't have a strong opinion, though and my knowlege/appreciation of PHP
is limited.
Moritz
More information about the Secure-testing-team
mailing list