severity 530914 wishlist thanks Hi,
On Thursday 28 May 2009 13:27:43 Aenoch Lynn wrote: [...] > CVE-2008-5498 describes a potential remote vulnerability in imageRoate: > > http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498 > > A PCI scan found this a Medium severity and I need this fixed to pass the > scan. Thanks :), but the packages are not affected. When performing such scans on packages in Debian you should take a look at our security tracker (if you find any inconsistencies don't hesitate to contact the security team, though), it will make your life easier. The report of this issue is http://security-tracker.debian.net/tracker/CVE-2008-5498 > Notes > - php5 <not-affected> (php5 links to the shared lib) > - libgd2 <not-affected> (code is specific to php's libgd) > http://cvs.php.net/viewvc.cgi/php-src/NEWS?r1=1.2027.2.547.2.1360&r2=1.2027 >.2.547.2.1361 Since we don't use the embedded library I don't think this will be fixed in lenny (and squeeze/sid is already at .9), but leaving the report open for other members of the PHP team to express their opinion. Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
