Ubuntu

“php5” 5.3.3-1ubuntu9.9 source package in Ubuntu

Changelog

php5 (5.3.3-1ubuntu9.9) maverick-security; urgency=low

  * SECURITY UPDATE: memory allocation failure denial of service
    - debian/patches/php5-CVE-2011-4153.patch: check result of
      zend_strdup() and calloc() for failed allocations
    - CVE-2011-4153
  * SECURITY UPDATE: predictable hash collision denial of service
    (LP: #910296)
    - debian/patches/php5-CVE-2011-4885.patch: add max_input_vars
      directive with default limit of 1000
    - ATTENTION: this update changes previous php5 behavior by
      limiting the number of external input variables to 1000.
      This may be increased by adding a "max_input_vars"
      directive to the php.ini configuration file. See
      http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars
      for more information.
    - CVE-2011-4885
  * SECURITY UPDATE: remote code execution vulnerability introduced by
    the fix for CVE-2011-4885 (LP: #925772)
    - debian/patches/php5-CVE-2012-0830.patch: return rather than
      continuing if max_input_vars limit is reached
    - CVE-2012-0830
  * SECURITY UPDATE: XSLT arbitrary file overwrite attack
    - debian/patches/php5-CVE-2012-0057.patch: add xsl.security_prefs
      ini option to define forbidden operations within XSLT stylesheets
    - CVE-2012-0057
  * SECURITY UPDATE: PDORow session denial of service
    - debian/patches/php5-CVE-2012-0788.patch: fail gracefully when
      attempting to serialize PDORow instances
    - CVE-2012-0788
  * SECURITY UPDATE: magic_quotes_gpc remote disable vulnerability
    - debian/patches/php5-CVE-2012-0831.patch: always restore
      magic_quote_gpc on request shutdown
    - CVE-2012-0831
 -- Steve Beattie <email address hidden>   Wed, 08 Feb 2012 20:59:18 -0800

Upload details

Uploaded by:
Steve Beattie on 2012-02-09
Uploaded to:
Maverick
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
php
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
php5_5.3.3.orig.tar.gz 13.3 MiB 5adf1a537895c2ec933fddd48e78d8a2
php5_5.3.3-1ubuntu9.9.diff.gz 242.3 KiB 682387bdcd36a2a38b3b7910e756ed04
php5_5.3.3-1ubuntu9.9.dsc 3.2 KiB 87ae75afffdb1e7e4fc7d673cbc9fc9e

Binary packages built by this source

libapache2-mod-php5: server-side, HTML-embedded scripting language (Apache 2 module)

 This package provides the PHP5 module for the Apache 2 webserver (as
 found in the apache2-mpm-prefork package). Please note that this package
 ONLY works with Apache's prefork MPM, as it is not compiled thread-safe.
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcre Phar posix Reflection session shmop SimpleXML
  soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx xml
  xmlreader xmlwriter zip zlib.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

libapache2-mod-php5filter: server-side, HTML-embedded scripting language (apache 2 filter module)

 This package provides the PHP5 Filter module for the Apache 2 webserver (as
 found in the apache2-mpm-prefork package). Please note that this package
 ONLY works with Apache's prefork MPM, as it is not compiled thread-safe.
 Unless you specifically need filter-module support, you most likely
 should instead install libapache2-mod-php5.
 .
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcre Phar posix Reflection session shmop SimpleXML
  soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx xml
  xmlreader xmlwriter zip zlib.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php-pear: PEAR - PHP Extension and Application Repository

 This package contains the base PEAR classes for PHP, as well as the PEAR
 installer. Many PEAR classes are already packaged for Debian, and can be
 easily identified by names beginning with "php-", such as php-db and
 php-auth. Note: to build and install precompiled PECL extensions, you
 will need one of the php development packages installed.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5: server-side, HTML-embedded scripting language (metapackage)

 This package is a metapackage that, when installed, guarantees that you
 have at least one of the three server-side versions of the PHP5 interpreter
 installed. Removing this package won't remove PHP5 from your system, however
 it may remove other packages that depend on this one.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-cgi: server-side, HTML-embedded scripting language (CGI binary)

 This package provides the /usr/lib/cgi-bin/php5 CGI interpreter built
 for use in Apache 2 with mod_actions, or any other CGI httpd that
 supports a similar mechanism. Note that MOST Apache users probably
 want the libapache2-mod-php5 package.
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcre Phar posix Reflection session shmop SimpleXML
  soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx xml
  xmlreader xmlwriter zip zlib.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-cli: command-line interpreter for the php5 scripting language

 This package provides the /usr/bin/php5 command interpreter, useful for
 testing PHP scripts from a shell or performing general shell scripting tasks.
 The following extensions are built in: bcmath bz2 calendar Core ctype date
  dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
  mbstring mhash openssl pcntl pcre Phar posix readline Reflection session
  shmop SimpleXML soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer
  wddx xml xmlreader xmlwriter zip zlib.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-common: Common files for packages built from the php5 source

 This package contains the documentation and example files relevant to all
 the other packages built from the php5 source.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-curl: CURL module for php5

 CURL is a library for getting files from FTP, GOPHER, HTTP server.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-dbg: Debug symbols for PHP5

 This package provides the debug symbols for PHP5 needed for properly
 debugging errors in PHP5 with gdb.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-dev: Files for PHP5 module development

 This package provides the files from the PHP5 source needed for compiling
 additional modules.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-enchant: Enchant module for php5

 This package provides a module for the generic spell checking library
 Enchant, which can use engines such as ispell, aspell and myspells.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-fpm: No summary available for php5-fpm in ubuntu maverick.

No description available for php5-fpm in ubuntu maverick.

php5-gd: GD module for php5

 This package provides a module for handling graphics directly from PHP
 scripts. It supports the PNG, JPEG, XPM formats as well as Freetype/ttf fonts.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-gmp: GMP module for php5

 This package provides a module for arbitrary precision arithmetic via the
 GNU Multiple Precision (GMP) Arithmetic Library.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-intl: internationalisation module for php5

 This package provides a module to ease internationalisation of PHP scripts.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-ldap: LDAP module for php5

 This package provides a module for LDAP functions in PHP scripts.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-mysql: MySQL module for php5

 This package provides modules for MySQL database connections directly from
 PHP scripts. It includes the generic "mysql" module which can be used
 to connect to all versions of MySQL, an improved "mysqli" module for
 MySQL version 4.1 or later, and the pdo_mysql module for use with
 the PHP Data Object extension.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-odbc: ODBC module for php5

 This package provides a module for database access through ODBC drivers.
 It uses the unixODBC library as an ODBC provider. It also contains the
 pdo_odbc module, for use with the PHP Data Object extension.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-pgsql: PostgreSQL module for php5

 This package provides a module for PostgreSQL database connections
 directly from PHP scripts. It also includes the pdo_pgsql module for
 use with the PHP Data Object extension.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-pspell: pspell module for php5

 This package provides a module for pspell functions in PHP scripts.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-recode: recode module for php5

 This package provides a module for recode - character set recoding.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-snmp: SNMP module for php5

 This package provides a module for SNMP functions in PHP scripts.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-sqlite: SQLite module for php5

 This package provides a module allowing you to use the SQLite self-contained
 database engine from within your PHP scripts, eliminating the need for a full
 SQL server installation like MySQL or PostgreSQL. It also includes the
 pdo_sqlite module, for use with the PHP Data Object extension.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-sybase: Sybase / MS SQL Server module for php5

 This package provides a module for Sybase and Microsoft SQL Server
 database connections directly from PHP scripts. It also includes the
 pdo_dblib module for use with the PHP Data Object extension.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-tidy: tidy module for php5

 This package provides a module for tidy functions in PHP scripts.
 .
 Tidy is an extension based on Libtidy (http://tidy.sf.net/) and allows
 a PHP developer to clean, repair, and traverse HTML, XHTML, and XML
 documents -- including ones with embedded scripting languages such as PHP
 or ASP within them using OO constructs.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-xmlrpc: XML-RPC module for php5

 This package provides a module for XML-RPC functions in PHP scripts.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.

php5-xsl: XSL module for php5

 This package provides a module for XSL using the libxslt XSL parser.
 .
 PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
 from C, Java and Perl with a couple of unique PHP-specific features thrown
 in. The goal of the language is to allow web developers to write dynamically
 generated pages quickly. This version of PHP5 was built with the Suhosin patch.