severity 429343 grave
merge 429193 429343
On Sunday 17 June 2007 12:43, Moritz Muehlenhoff wrote:
Package: ipplan
Severity: serious
Your package includes a copy of PHPMailer, which also is packaged as
libphp-phpmailer in the archive. You need to fix your package
to use the system-wide library. Otherwise it requires too much overhead
whenever a vulnerability in PHPMailer is found. (like right now
CVE-2007-3215)
Hi Moritz,
thanks for your bugreport. There is allready a bug (429193) open about the
issue. A bugfix is available at
http://ftp.cyconet.org/debian/archive/official/ipplan/4.85-2/ipplan_4.85-2.dsc,
but waiting for my sponsor. Since the debconf takes place and the package is
not in stable, I don't feel any pressure at the moment.
Anyways, if anybody is willing to upload the package, feel free to do so.
Thanks and with kind regards, Jan.
pgpVny9uCL3Cd.pgp
Description: PGP signature