php5 5.3.10-1ubuntu3.20 source package in Ubuntu

Changelog

php5 (5.3.10-1ubuntu3.20) precise-security; urgency=medium

  * debian/patches/bug65481.patch: backport bugfix to get new
    var_push_dtor_no_addref function.
  * SECURITY UPDATE: phar segfault on invalid file
    - debian/patches/CVE-2015-5589-1.patch: check stream before closing in
      ext/phar/phar_object.c.
    - debian/patches/CVE-2015-5589-2.patch: add better checks in
      ext/phar/phar_object.c.
    - CVE-2015-5589
  * SECURITY UPDATE: phar buffer overflow in phar_fix_filepath
    - debian/patches/CVE-2015-5590.patch: properly handle path in
      ext/phar/phar.c.
    - CVE-2015-5590
  * SECURITY UPDATE: multiple use-after-free issues in unserialize()
    - debian/patches/CVE-2015-6831-1.patch: fix SPLArrayObject in
      ext/spl/spl_array.c, added test to ext/spl/tests/bug70166.phpt.
    - debian/patches/CVE-2015-6831-2.patch: fix SplObjectStorage in
      ext/spl/spl_observer.c.
    - CVE-2015-6831
  * SECURITY UPDATE: dangling pointer in the unserialization of ArrayObject
    items
    - debian/patches/CVE-2015-6832.patch: fix dangling pointer in
      ext/spl/spl_array.c.
    - CVE-2015-6832
  * SECURITY UPDATE: phar files extracted outside of destination dir
    - debian/patches/CVE-2015-6833-1.patch: limit extracted files to given
      directory in ext/phar/phar_object.c.
    - CVE-2015-6833
  * SECURITY UPDATE: multiple vulnerabilities in unserialize()
    - debian/patches/CVE-2015-6834-1.patch: fix use-after-free in
      ext/standard/var.c, ext/standard/var_unserializer.*.
    - debian/patches/CVE-2015-6834-2.patch: fix use-after-free in
      ext/spl/spl_observer.c.
    - CVE-2015-6834
  * SECURITY UPDATE: use after free in session deserializer
    - debian/patches/CVE-2015-6835-1.patch: fix use after free in
      ext/session/session.c, ext/standard/var_unserializer.*
      fixed tests in ext/session/tests/session_decode_error2.phpt,
      ext/session/tests/session_decode_variation3.phpt.
    - CVE-2015-6835
  * SECURITY UPDATE: SOAP serialize_function_call() type confusion
    - debian/patches/CVE-2015-6836.patch: check type in ext/soap/soap.c,
      added test to ext/soap/tests/bug70388.phpt.
    - CVE-2015-6836
  * SECURITY UPDATE: NULL pointer dereference in XSLTProcessor class
    - debian/patches/CVE-2015-6837-6838.patch: fix logic in
      ext/xsl/xsltprocessor.c.
    - CVE-2015-6837
    - CVE-2015-6838

 -- Marc Deslauriers <email address hidden>  Tue, 29 Sep 2015 12:51:49 -0400

Upload details

Uploaded by:
Marc Deslauriers
Uploaded to:
Precise
Original maintainer:
Ubuntu Developers
Architectures:
any all
Section:
php
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
php5_5.3.10.orig.tar.gz 14.7 MiB ee26ff003eaeaefb649735980d9ef1ffad3ea8c2836e6ad520de598da225eaab
php5_5.3.10-1ubuntu3.20.diff.gz 395.3 KiB c3cb48dfb2ed5a47c7c562a232d3bd20e30c282f264860f87dd3437203d6c2fc
php5_5.3.10-1ubuntu3.20.dsc 4.0 KiB 0f85c12cf4bb2c39d8813db4f81ea1e1161e9ace580f154bdd20b0ed3c52ca96

View changes file

Binary packages built by this source

libapache2-mod-php5: server-side, HTML-embedded scripting language (Apache 2 module)

 This package provides the PHP5 module for the Apache 2 webserver (as
 found in the apache2-mpm-prefork package). Please note that this package
 ONLY works with Apache's prefork MPM, as it is not compiled thread-safe.
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcre Phar posix Reflection session shmop SimpleXML
  soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx xml
  xmlreader xmlwriter zip zlib.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

libapache2-mod-php5filter: server-side, HTML-embedded scripting language (apache 2 filter module)

 This package provides the PHP5 Filter module for the Apache 2 webserver (as
 found in the apache2-mpm-prefork package). Please note that this package
 ONLY works with Apache's prefork MPM, as it is not compiled thread-safe.
 Unless you specifically need filter-module support, you most likely
 should instead install libapache2-mod-php5.
 .
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcre Phar posix Reflection session shmop SimpleXML
  soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx xml
  xmlreader xmlwriter zip zlib.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php-pear: PEAR - PHP Extension and Application Repository

 This package contains the base PEAR classes for PHP, as well as the PEAR
 installer. Many PEAR classes are already packaged for Debian, and can be
 easily identified by names beginning with "php-", such as php-db and
 php-auth. Note: to build and install precompiled PECL extensions, you
 will need one of the php development packages installed.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5: server-side, HTML-embedded scripting language (metapackage)

 This package is a metapackage that, when installed, guarantees that you
 have at least one of the four server-side versions of the PHP5 interpreter
 installed. Removing this package won't remove PHP5 from your system, however
 it may remove other packages that depend on this one.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-cgi: server-side, HTML-embedded scripting language (CGI binary)

 This package provides the /usr/lib/cgi-bin/php5 CGI interpreter built
 for use in Apache 2 with mod_actions, or any other CGI httpd that
 supports a similar mechanism. Note that MOST Apache users probably
 want the libapache2-mod-php5 package.
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcntl pcre Phar posix Reflection session shmop
  SimpleXML soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx
  xml xmlreader xmlwriter zip zlib.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-cli: command-line interpreter for the php5 scripting language

 This package provides the /usr/bin/php5 command interpreter, useful for
 testing PHP scripts from a shell or performing general shell scripting tasks.
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcntl pcre Phar posix readline Reflection session
  shmop SimpleXML soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer
  wddx xml xmlreader xmlwriter zip zlib.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-common: Common files for packages built from the php5 source

 This package contains the documentation and example files relevant to all
 the other packages built from the php5 source.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-curl: CURL module for php5

 CURL is a library for getting files from FTP, GOPHER, HTTP server.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-dbg: Debug symbols for PHP5

 This package provides the debug symbols for PHP5 needed for properly
 debugging errors in PHP5 with gdb.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-dev: Files for PHP5 module development

 This package provides the files from the PHP5 source needed for compiling
 additional modules.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-enchant: Enchant module for php5

 This package provides a module for the generic spell checking library
 Enchant, which can use engines such as ispell, aspell and myspells.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-fpm: server-side, HTML-embedded scripting language (FPM-CGI binary)

 This package provides the Fast Process Manager interpreter that runs
 as a daemon and receives Fast/CGI requests. Note that MOST Apache users
 probably want the libapache2-mod-php5 package.
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcre Phar posix Reflection session shmop SimpleXML
  soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx xml
  xmlreader xmlwriter zip zlib.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly.

php5-gd: GD module for php5

 This package provides a module for handling graphics directly from PHP
 scripts. It supports the PNG, JPEG, XPM formats as well as Freetype/ttf fonts.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-gmp: GMP module for php5

 This package provides a module for arbitrary precision arithmetic via the
 GNU Multiple Precision (GMP) Arithmetic Library.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-intl: internationalisation module for php5

 This package provides a module to ease internationalisation of PHP scripts.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-intl-dbgsym: debug symbols for package php5-intl

 This package provides a module to ease internationalisation of PHP scripts.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-ldap: LDAP module for php5

 This package provides a module for LDAP functions in PHP scripts.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-mysql: MySQL module for php5

 This package provides modules for MySQL database connections directly from
 PHP scripts. It includes the generic "mysql" module which can be used
 to connect to all versions of MySQL, an improved "mysqli" module for
 MySQL version 4.1 or later, and the pdo_mysql module for use with
 the PHP Data Object extension.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-mysqlnd: MySQL module for php5 (Native Driver)

 This package provides modules for MySQL database connections directly from
 PHP scripts. It includes the generic "mysql" module which can be used
 to connect to all versions of MySQL, an improved "mysqli" module for
 MySQL version 4.1 or later, and the pdo_mysql module for use with
 the PHP Data Object extension.
 .
 This package use the MySQL Native Driver.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-odbc: ODBC module for php5

 This package provides a module for database access through ODBC drivers.
 It uses the unixODBC library as an ODBC provider. It also contains the
 pdo_odbc module, for use with the PHP Data Object extension.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-pgsql: PostgreSQL module for php5

 This package provides a module for PostgreSQL database connections
 directly from PHP scripts. It also includes the pdo_pgsql module for
 use with the PHP Data Object extension.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-pspell: pspell module for php5

 This package provides a module for pspell functions in PHP scripts.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-recode: recode module for php5

 This package provides a module for recode - character set recoding.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-snmp: SNMP module for php5

 This package provides a module for SNMP functions in PHP scripts.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-sqlite: SQLite module for php5

 This package provides a module allowing you to use the SQLite self-contained
 database engine from within your PHP scripts, eliminating the need for a full
 SQL server installation like MySQL or PostgreSQL. It also includes the
 pdo_sqlite module, for use with the PHP Data Object extension.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-sybase: Sybase / MS SQL Server module for php5

 This package provides a module for Sybase and Microsoft SQL Server
 database connections directly from PHP scripts. It also includes the
 pdo_dblib module for use with the PHP Data Object extension.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-tidy: tidy module for php5

 This package provides a module for tidy functions in PHP scripts.
 .
 Tidy is an extension based on Libtidy (http://tidy.sf.net/) and allows
 a PHP developer to clean, repair, and traverse HTML, XHTML, and XML
 documents -- including ones with embedded scripting languages such as PHP
 or ASP within them using OO constructs.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-xmlrpc: XML-RPC module for php5

 This package provides a module for XML-RPC functions in PHP scripts.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.

php5-xsl: XSL module for php5

 This package provides a module for XSL using the libxslt XSL parser.
 .
 PHP5 is a widely-used general-purpose scripting language that is
 especially suited for Web development and can be embedded into HTML.
 The goal of the language is to allow web developers to write
 dynamically generated pages quickly.