On 10 May 2012 00:26, Steve Wills <[email protected]> wrote: > On May 10, 2012, at 12:20 AM, Eitan Adler wrote: > >> On 10 May 2012 00:10, Steve Wills <[email protected]> wrote: >>> Hi, >>> >>> Thanks for making this happen so quickly! Just wondering, should the vuxml >>> entry be updated or perhaps a new one added? >> >> CVE-2012-1823 seems to be documented already with the correct version >> numbers. >> This commit is missing a Security: tag but other that I don't see >> anything wrong. > > The current VuXML entry says php5 < 5.3.12. Is there really no need to > upgrade to 5.3.13 or am I missing something?
I'm an idiot - the fix in 5.3.12 was only a partial fix. When originally committed it should have had <le> not <lt>. The existing VuXML should be updated and the body text should explain the specifics. I won't have time to do that tonight :( -- Eitan Adler Source & Ports committer X11, Bugbusting teams _______________________________________________ [email protected] mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "[email protected]"
