Bug#885321: dolibarr: CVE-2017-17897 CVE-2017-17898 CVE-2017-17899 CVE-2017-17900

2017-12-27 Thread Laurent Destailleur (aka Eldy)
Fixed in 6.0.5 2017-12-26 8:38 GMT+01:00 Salvatore Bonaccorso : > Source: dolibarr > Version: 3.5.5+dfsg1-1 > Severity: grave > Tags: patch security upstream > > Hi, > > the following vulnerabilities were published for dolibarr. > > CVE-2017-17897[0]: > | SQL injection

Bug#885320: dolibarr: CVE-2017-14238 CVE-2017-14239 CVE-2017-14240 CVE-2017-14241

2017-12-27 Thread Laurent Destailleur (aka Eldy)
Fixed in 6.0.5 2017-12-26 8:11 GMT+01:00 Salvatore Bonaccorso : > Source: dolibarr > Version: 3.5.5+dfsg1-1 > Severity: grave > Tags: patch security upstream > > Hi, > > the following vulnerabilities were published for dolibarr, filling > only one bug for the four CVEs since

Bug#814030: Intent to bring php-tcpdf in the Debian PHP PEAR (and Composer) Maintainers team (Was: Bug#814030: Security flaw fixed in version 6.2.0)

2016-02-23 Thread Laurent Destailleur (aka Eldy)
Hi David. I have sent to my mentor (Raphael Hertzog), a commit with the new upstream 6.2.12 updated, of TCPDF. If you plan/want to move package maintenance into Debian PHP PEAR umbrella, why not. What will be the benefit and impact ? 2016-02-23 4:33 GMT+01:00 David Prévot :