Ubuntu (and Debian) PHP was not affected by the CVE. The CVE was
introduced by some other broken fixes to CVE 2007-1375 that were not
used in Ubuntu.
** Changed in: php5 (Ubuntu)
Importance: Undecided = Low
Assignee: (unassigned) = Kees Cook (kees)
Status: New = Invalid
--
** Visibility changed to: Public
--
[php5][CVE-2007-2748] substr_count function allows context-dependent attackers
to obtain sensitive information vi unspecified vectors
https://bugs.launchpad.net/bugs/236869
You received this bug notification because you are a member of Ubuntu
Server Team,