> >>>>> "JB" == Josh Bressers <(bressers) <fedora-extras-commits@xxxxxxxxxx>> writes:
>
> JB> Modified Files: fc5 fc6 Log Message: Note some new PHP CVE ids.
>
> FC6 seems to have PHP 5.1.6 now, so should these:
>
> +CVE-2006-4486 VULNERABLE (php, fixed 5.1.6)
> +CVE-2006-4485 VULNERABLE (php, fixed 5.1.5)
> +CVE-2006-4484 ignore (php, fixed 5.1.5)
> +CVE-2006-4482 VULNERABLE (php, fixed 5.1.5)
>
> be listed as fixed?
That's what any sane person would think :)
The file is a snapshot of FC6, in this case it's a snapshot of FC6 Test 2.
Since FC6 Test 2 contained php 5.1.4, we mark them vulnerable. Once Test 3
comes out we'll look through the file again.
--
JB
--
Fedora-security-list mailing list
Fedora-security-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-security-list
