For instance I'm running the php5 package using apt-get install php5. The reported version is: PHP/5.2.6-1+lenny9
However, there's currently listed 53 vulnerabilities for PHP/5.2.6 on CVE:
Long link to CVE exploits list
Here's my question. Is PHP/5.2.6-1+lenny9 patched against these vulnerabilities? (Perhaps that's what the +lenny9 part is for?) How do I check?
For instance, how would I check whether the recent EXIF vulnerability is patched in the current Debian Lenny package?
Take a look here: http://patch-tracker.debian.org/package/php5/5.2.6.dfsg.1-1+lenny9