Florian Weimer wrote:
> > +CAN-2005-XXXX [Missing safemode checks in PHP's _php_image_output
> > functions]
> > + - php5 5.0.5-2
> > + - php4 4:4.4.0-3
>
> According to Debian's stable security bug fixing policy, these aren't
> security vulnerabilities. Shall we track them nevertheless?
As this hasn't been specifically publicly announced, we should do so?
I don't have a strong opinion, though and my knowlege/appreciation of PHP
is limited.
Moritz
_______________________________________________
Secure-testing-team mailing list
[email protected]
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team
