On Mon, Oct 03, 2016 at 02:37:07PM +0200, Salvatore Bonaccorso wrote: > Hi > > On Sat, Oct 01, 2016 at 08:45:20PM -0400, Roberto C. Sánchez wrote: > > On Fri, Sep 30, 2016 at 07:45:33AM -0400, Roberto C. Sánchez wrote: > > > > > > I am currently preparing an LTS upload for this vulnerability. > > > > > I tried for quite some time to reproduce this based on the original PHP > > bug report, but I was unable. I have annotated the security tracker > > with my (lack of) findings so far. > > That's okay. Just please remember that lack of reproducibility for an > issue does not mean it's not present. In my initial mail I asked > Laszlo if he can forward this to upstream and/if this is already know > to upstream (which I hope in meanwhile it is). But I have not found an > upstream ticket on this issue yet. > > Laszlo, do you know more already? Other distributions seem in the same > boat, like Red Hat in > https://bugzilla.redhat.com/show_bug.cgi?id=1377361#c3 > Good to know. I can contact upstream if that would help.
Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com
