php5 5.2.4-2ubuntu5.3 source package in Ubuntu

Changelog

php5 (5.2.4-2ubuntu5.3) hardy-security; urgency=low

  [ Tormod Volden ]
  * Backport security fixes from 5.2.6: (LP: #227464)
    - debian/patches/SECURITY_CVE-2008-2050.patch
      + Fixed possible stack buffer overflow in FastCGI SAPI
      + Fixed sending of uninitialized paddings which may contain some
        information
    - debian/patches/SECURITY_CVE-2008-0599.patch
      + Fixed security issue detailed in CVE-2008-0599
    - debian/patches/SECURITY_CVE-2007-4850.patch
      + Fixed a safe_mode bypass in cURL identified by Maksymilian
        Arciemowicz
    - debian/patches/security526-pcre_compile.patch:
      + avoid stack overflow (fix from pcre 7.6)

  [ Jamie Strandboge ]
  * debian/patches/SECURITY_CVE-2008-2051.patch: properly address incomplete
    multibyte chars inside escapeshellcmd() (thanks Tormod Volden)
  * Add debian/patches/SECURITY_CVE-2007-5898.patch: don't accept partial utf8
    sequences. Backported upstream fixes.
  * Add debian/patches/SECURITY_CVE-2007-5899.patch: don't send session id to
    remote forms. Backported upstream fixes.
  * Add debian/patches/SECURITY_CVE-2008-2829.patch: unsafe usage of
    deprecated imap functions (patch from Debian)
  * Add debian/patches/SECURITY_CVE-2008-1384.patch: integer overflow in
    printf() (patch from Debian)
  * Add debian/patches/SECURITY_CVE-2008-2107+2108.patch: weak random number
    seed. Backported upstream patches.
  * Add debian/patches/SECURITY_CVE-2007-4782.patch: DoS via long string in
    the fnmatch functions
  * Add debian/patches/SECURITY_CVE-2008-2371.patch: buffer overflow.
    Backported upstream patches.
  * References
    CVE-2008-2050
    CVE-2008-2051
    CVE-2008-0599
    CVE-2007-4850
    CVE-2007-5898
    CVE-2007-5899
    CVE-2008-2829
    CVE-2008-1384
    CVE-2008-2107
    CVE-2008-2108
    CVE-2007-4782
    CVE-2008-2371

 -- Jamie Strandboge <email address hidden>   Fri, 18 Jul 2008 11:50:38 -0400

Upload details

Uploaded by:
Jamie Strandboge on 2008-07-23
Uploaded to:
Hardy
Original maintainer:
Ubuntu Development Team
Architectures:
any
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
php5_5.2.4.orig.tar.gz 9.3 MiB 66cf9b0d0946aeeb7ebdccb95af39a5d4d8ffe4fec2c3e03a5a3935242546350
php5_5.2.4-2ubuntu5.3.diff.gz 128.3 KiB 54db77856d1885e1166e7a0813c6667019c2f8281d0e4726cbef451a48b9728e
php5_5.2.4-2ubuntu5.3.dsc 1.9 KiB 9ab0a9f91cab7550c6e84ebb51a112fd9708c37cd3b136e7de1ed56d9c4989b3

View changes file

Binary packages built by this source

libapache2-mod-php5: No summary available for libapache2-mod-php5 in ubuntu hardy.

No description available for libapache2-mod-php5 in ubuntu hardy.

php-pear: No summary available for php-pear in ubuntu hardy.

No description available for php-pear in ubuntu hardy.

php5: No summary available for php5 in ubuntu hardy.

No description available for php5 in ubuntu hardy.

php5-cgi: No summary available for php5-cgi in ubuntu hardy.

No description available for php5-cgi in ubuntu hardy.

php5-cli: No summary available for php5-cli in ubuntu hardy.

No description available for php5-cli in ubuntu hardy.

php5-common: No summary available for php5-common in ubuntu hardy.

No description available for php5-common in ubuntu hardy.

php5-curl: No summary available for php5-curl in ubuntu hardy.

No description available for php5-curl in ubuntu hardy.

php5-dev: No summary available for php5-dev in ubuntu hardy.

No description available for php5-dev in ubuntu hardy.

php5-gd: No summary available for php5-gd in ubuntu hardy.

No description available for php5-gd in ubuntu hardy.

php5-gmp: No summary available for php5-gmp in ubuntu hardy.

No description available for php5-gmp in ubuntu hardy.

php5-ldap: No summary available for php5-ldap in ubuntu hardy.

No description available for php5-ldap in ubuntu hardy.

php5-mhash: No summary available for php5-mhash in ubuntu hardy.

No description available for php5-mhash in ubuntu hardy.

php5-mysql: No summary available for php5-mysql in ubuntu hardy.

No description available for php5-mysql in ubuntu hardy.

php5-odbc: No summary available for php5-odbc in ubuntu hardy.

No description available for php5-odbc in ubuntu hardy.

php5-pgsql: No summary available for php5-pgsql in ubuntu hardy.

No description available for php5-pgsql in ubuntu hardy.

php5-pspell: No summary available for php5-pspell in ubuntu hardy.

No description available for php5-pspell in ubuntu hardy.

php5-recode: No summary available for php5-recode in ubuntu hardy.

No description available for php5-recode in ubuntu hardy.

php5-snmp: No summary available for php5-snmp in ubuntu hardy.

No description available for php5-snmp in ubuntu hardy.

php5-sqlite: No summary available for php5-sqlite in ubuntu hardy.

No description available for php5-sqlite in ubuntu hardy.

php5-sybase: No summary available for php5-sybase in ubuntu hardy.

No description available for php5-sybase in ubuntu hardy.

php5-tidy: No summary available for php5-tidy in ubuntu hardy.

No description available for php5-tidy in ubuntu hardy.

php5-xmlrpc: No summary available for php5-xmlrpc in ubuntu hardy.

No description available for php5-xmlrpc in ubuntu hardy.

php5-xsl: No summary available for php5-xsl in ubuntu hardy.

No description available for php5-xsl in ubuntu hardy.