Hi Moritz, > http://www.php.net/ChangeLog-5.php lists several security fixes which are > included in upstream PHP 5.2.6:
Thanks, there are two more, which I found and which I just commited to the tracker: +CVE-2008-XXXX [php integer overflow in printf] + - php5 <unfixed> + NOTE: http://www.php.net/ChangeLog-5.php + NOTE: Needs further details or digging in SVN +CVE-2008-XXXX [php suboptimal seeding] + - php5 <unfixed> (low) + - php4 <unfixed> (low) + NOTE: http://www.sektioneins.de/advisories/SE-2008-02.txt + NOTE: I don't believe we need to address this, likely no-dsa, but needs further checking Cheers, Moritz -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
