Since yesterday, version 5.6.36 is available. The version has this bug too.
Since 5.6.33 wandered into main, 5.6.30 isn't available anymore. So we
have to use a local mirror snapshot for php5.6 from debian.
Why hasn't this been fixed yet? Patches are available and we have many
servers stuck
Are there any news about this?
Package: php5-common
Version: 5.6.33+dfsg-0+deb8u1
Severity: important
Tags: patch
There was a bug reported and fixed:
https://bugs.php.net/bug.php?id=74216
https://security-tracker.debian.org/tracker/CVE-2017-7272
The fix consisted of two parts, first:
https://github.com/php/php-src/commit/bab0b
3 matches
Mail list logo
