1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
|
php-dompdf (0.6.1+dfsg-2+deb8u1) jessie; urgency=medium
* [22610bd] Add 0.6.2 hotfix patch which bundles CVE hotfixes from the
upstream release. (Closes: #813849)
This is a security-focused release that addresses a number of
vulnerabilities that can expose your system to exploitation. In tandem
with this release we have also posted a document to the wiki with advice
for securing dompdf [1]. Please read the new document and take appropriate
measures to protect your systems.
This update addresses the following announced vulnerabilities:
* CVE-2014-5011 - Information Disclosure
* CVE-2014-5012 - Denial Of Service Vector
* CVE-2014-5013 - Remote Code Execution (complement of CVE-2014-2383)
-- Markus Frosch <lazyfrosch@debian.org> Thu, 24 Mar 2016 22:07:34 +0100
php-dompdf (0.6.1+dfsg-2) unstable; urgency=medium
* Document security issue fixed in last upstream version, and upload to
unstable.
-- David Prévot <taffit@debian.org> Wed, 23 Apr 2014 15:23:50 -0400
php-dompdf (0.6.1+dfsg-1) experimental; urgency=medium
* New upstream release, uploaded to experimental because of the php-font-lib
dependency:
- Fixes an arbitrary file read vulnerability, that requires
DOMPDF_ENABLE_REMOTE (disabled by default) to be enabled.
(Closes: #745619) [CVE-2014-2383]
* Add ownCloud for Debian to uploaders
* Bump standards version to 3.9.5
* Use Files-Excluded feature of uscan
* Use phpcomposer from pkg-php-tools
* Ship upstream README.md
* Update dependencies, as recommended upstream
* Update copyright
* Acknowledge upstream separation of cache and fonts
* Update upstream changelog
* Use internal CSS in example
-- David Prévot <taffit@debian.org> Sat, 12 Apr 2014 14:32:12 -0400
php-dompdf (0.6.0~beta3+dfsg0-1) unstable; urgency=low
* Initial release (Closes: #567928)
-- David Prévot <taffit@debian.org> Sat, 23 Nov 2013 10:00:18 -0400
|
