Ubuntu
php-openid package

Sync php-openid 2.2.2-1.2 (universe) from Debian unstable (main)

Bug #1227485 reported by Jackson Doak on 2013-09-19

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	php-openid (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Please sync php-openid 2.2.2-1.2 (universe) from Debian unstable (main)
THis fixes a CVE and nothing else.

Changelog entries since current saucy version 2.2.2-1.1:

php-openid (2.2.2-1.2) unstable; urgency=high

  * Non-maintainer upload.
  * debian/patches/CVE-2013-4701.patch:
    - Disable external XML entities and libxml errors. Fixes
      security issue. (Closes: #721221)
    - CVE-2013-4701

-- Artur Rona <email address hidden> Wed, 11 Sep 2013 16:57:40 +0200

CVE References

2013-4701

Revision history for this message

Daniel Holbach (dholbach) wrote on 2013-09-19:

This bug was fixed in the package php-openid - 2.2.2-1.2
Sponsored for Jackson Doak (noskcaj)

---------------
php-openid (2.2.2-1.2) unstable; urgency=high

  * Non-maintainer upload.
  * debian/patches/CVE-2013-4701.patch:
    - Disable external XML entities and libxml errors. Fixes
      security issue. (Closes: #721221)
    - CVE-2013-4701

-- Artur Rona <email address hidden> Wed, 11 Sep 2013 16:57:40 +0200

Changed in php-openid (Ubuntu):
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntuphp-openid package