[Bug 1227485] Re: Sync php-openid 2.2.2-1.2 (universe) from Debian unstable (main)
Daniel Holbach
daniel.holbach at ubuntu.com
Thu Sep 19 07:38:05 UTC 2013
This bug was fixed in the package php-openid - 2.2.2-1.2
Sponsored for Jackson Doak (noskcaj)
---------------
php-openid (2.2.2-1.2) unstable; urgency=high
* Non-maintainer upload.
* debian/patches/CVE-2013-4701.patch:
- Disable external XML entities and libxml errors. Fixes
security issue. (Closes: #721221)
- CVE-2013-4701
-- Artur Rona <ari-tczew at tlen.pl> Wed, 11 Sep 2013 16:57:40 +0200
** Changed in: php-openid (Ubuntu)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2013-4701
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1227485
Title:
Sync php-openid 2.2.2-1.2 (universe) from Debian unstable (main)
Status in “php-openid” package in Ubuntu:
Fix Released
Bug description:
Please sync php-openid 2.2.2-1.2 (universe) from Debian unstable (main)
THis fixes a CVE and nothing else.
Changelog entries since current saucy version 2.2.2-1.1:
php-openid (2.2.2-1.2) unstable; urgency=high
* Non-maintainer upload.
* debian/patches/CVE-2013-4701.patch:
- Disable external XML entities and libxml errors. Fixes
security issue. (Closes: #721221)
- CVE-2013-4701
-- Artur Rona <ari-tczew at tlen.pl> Wed, 11 Sep 2013 16:57:40 +0200
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php-openid/+bug/1227485/+subscriptions
More information about the Ubuntu-sponsors
mailing list