[SECURITY] [DLA 357-1] libphp-snoopy security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 357-1] libphp-snoopy security update
From: Scott Kitterman <debian@kitterman.com>
Date: Mon, 30 Nov 2015 17:43:45 -0500
Message-id: <[🔎] 1777985.Bdr6k6vMAI@kitterma-e6430>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libphp-snoopy
Version        : 2.0.0-1~deb6u1
CVE ID         : CVE-2008-7313 CVE-2014-5008
Debian Bug     : 778634

It was discovered that missing input sanitizing in Snoopy, a PHP class that
simulates a web browser may result in the execution of arbitrary
commands.

For the oldoldstable distribution (squeeze-lts), this problem has been fixed
in version 2.0.0-1~deb6u1.

We recommend that you upgrade your libphp-snoopy packages.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCAAGBQJWXNElAAoJEHjX3vua1Zrx73QP/0fH7gd2IaswruxK8Wu4EUS+
WryCf4EAnuMLa72GLlJRxBxdRsFODe8dXM74kO/BUKOcRPHVmow4ALUlyStZVGc3
iPZ3ow7klMiSt9CDBrbIXdORqnIC6NZT1MjV9WLUASENlJUWVW1MfZL1gqVq+FCn
XeZXh1+zDlUw55iBTp/QOiZ8vEgylzpb92JFdCuzAdS9zrvaPs0Cm2Va1jSRzSLx
2yYdd655rnCxOf5mDyrVMj4ncgaK5u1bpsV2benQokSxmrwjnoDrLD01GHXZIQL5
FPG8HpS09UeAGoMQ1SCiRweLNtir6MRYEixaEZCqzHPfcSl5bQ7fpNe3wHgZjV88
ACjAn4sM5qmmK3Cej7NWCcwaSKy4gyRjPkUsFZ7UBZXURzMmRRqhoFXHO1l9k4Yj
/o/DGiYEyclJQ6sGau/pR7DTTZfwEOZfUmLMU/q63DWV9ND88M7QVqjg8wofgoCP
trtiLWTmcKMsksOKfBuTxoQQ7rlWkoR3gWpiszgY/wZObh4aEGjfVW6Lm495bwU+
jwvfDkngFGKLgpU2JgugNhYiUEDJlHAXFgKQL0kyT1lsM2tHZfMpx3l+YPyLNdO8
ulg4eHpGcL77/J70aLcIn4lZT4ECjJ5+5SU6qsaR+7nYbXomjqURLRHzEpDNjcFH
gXdGWD7S008D9KGr3+ML
=Iavp
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 356-1] libsndfile security update
Previous by thread: [SECURITY] [DLA 356-1] libsndfile security update
Index(es):
- Date
- Thread