Ubuntu

“php5” 5.3.5-1ubuntu7.3 source package in Ubuntu

Changelog

php5 (5.3.5-1ubuntu7.3) natty-security; urgency=low

  [ Angel Abad ]
  * SECURITY UPDATE: File path injection vulnerability in RFC1867 File
    upload filename (LP: #813115)
    - debian/patches/php5-CVE-2011-2202.patch:
    - CVE-2011-2202
  * SECURITY UPDATE: Fixed stack buffer overflow in socket_connect()
    (LP: #813110)
    - debian/patches/php5-CVE-2011-1938.patch:
    - CVE-2011-1938

  [ Steve Beattie ]
  * SECURITY UPDATE: DoS in zip handling due to addGlob() crashing
    on invalid flags
    - debian/patches/php5-CVE-2011-1657.patch: check for valid flags
    - CVE-2011-1657
  * SECURITY UPDATE: crypt_blowfish doesn't properly handle 8-bit
    (non-ascii) passwords leading to a smaller collision space
    - debian/patches/php5-CVE-2011-2483.patch: update crypt_blowfish
      to 1.2 to correct handling of passwords containing 8-bit
      (non-ascii) characters.
      CVE-2011-2483
  * SECURITY UPDATE: DoS due to failure to check for memory allocation errors
    - debian/patches/php5-CVE-2011-3182.patch: check the return values
      of the malloc, calloc, and realloc functions
    - CVE-2011-3182
  * SECURITY UPDATE:  DoS in errorlog() when passed NULL
    - debian/patches/php5-CVE-2011-3267.patch: fix NULL pointer crash in
      errorlog()
    - CVE-2011-3267
  * debian/patches/fix_crash_in__php_mssql_get_column_content_without_type.patch:
    refresh patch to make it cleanly apply.
 -- Steve Beattie <email address hidden>   Thu, 13 Oct 2011 13:49:23 -0700

Upload details

Uploaded by:
Steve Beattie on 2011-10-13
Uploaded to:
Natty
Original maintainer:
Ubuntu Developers
Component:
main
Architectures:
any
Section:
php
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size MD5 Checksum
php5_5.3.5.orig.tar.gz 12.7 MiB 1568bff29e1d2c742589dda540e7c2d7
php5_5.3.5-1ubuntu7.3.diff.gz 226.6 KiB 3b282581ba089f56bd931c03b373f942
php5_5.3.5-1ubuntu7.3.dsc 3.2 KiB b1fb89186e5a78c86a4e0bb9074f3c01

Binary packages built by this source

libapache2-mod-php5: No summary available for libapache2-mod-php5 in ubuntu natty.

No description available for libapache2-mod-php5 in ubuntu natty.

libapache2-mod-php5filter: No summary available for libapache2-mod-php5filter in ubuntu natty.

No description available for libapache2-mod-php5filter in ubuntu natty.

php-pear: No summary available for php-pear in ubuntu natty.

No description available for php-pear in ubuntu natty.

php5: No summary available for php5 in ubuntu natty.

No description available for php5 in ubuntu natty.

php5-cgi: No summary available for php5-cgi in ubuntu natty.

No description available for php5-cgi in ubuntu natty.

php5-cli: No summary available for php5-cli in ubuntu natty.

No description available for php5-cli in ubuntu natty.

php5-common: No summary available for php5-common in ubuntu natty.

No description available for php5-common in ubuntu natty.

php5-curl: No summary available for php5-curl in ubuntu natty.

No description available for php5-curl in ubuntu natty.

php5-dbg: No summary available for php5-dbg in ubuntu natty.

No description available for php5-dbg in ubuntu natty.

php5-dev: No summary available for php5-dev in ubuntu natty.

No description available for php5-dev in ubuntu natty.

php5-enchant: No summary available for php5-enchant in ubuntu natty.

No description available for php5-enchant in ubuntu natty.

php5-fpm: No summary available for php5-fpm in ubuntu natty.

No description available for php5-fpm in ubuntu natty.

php5-gd: No summary available for php5-gd in ubuntu natty.

No description available for php5-gd in ubuntu natty.

php5-gmp: No summary available for php5-gmp in ubuntu natty.

No description available for php5-gmp in ubuntu natty.

php5-intl: No summary available for php5-intl in ubuntu natty.

No description available for php5-intl in ubuntu natty.

php5-ldap: No summary available for php5-ldap in ubuntu natty.

No description available for php5-ldap in ubuntu natty.

php5-mysql: No summary available for php5-mysql in ubuntu natty.

No description available for php5-mysql in ubuntu natty.

php5-odbc: No summary available for php5-odbc in ubuntu natty.

No description available for php5-odbc in ubuntu natty.

php5-pgsql: No summary available for php5-pgsql in ubuntu natty.

No description available for php5-pgsql in ubuntu natty.

php5-pspell: No summary available for php5-pspell in ubuntu natty.

No description available for php5-pspell in ubuntu natty.

php5-recode: No summary available for php5-recode in ubuntu natty.

No description available for php5-recode in ubuntu natty.

php5-snmp: No summary available for php5-snmp in ubuntu natty.

No description available for php5-snmp in ubuntu natty.

php5-sqlite: No summary available for php5-sqlite in ubuntu natty.

No description available for php5-sqlite in ubuntu natty.

php5-sybase: No summary available for php5-sybase in ubuntu natty.

No description available for php5-sybase in ubuntu natty.

php5-tidy: No summary available for php5-tidy in ubuntu natty.

No description available for php5-tidy in ubuntu natty.

php5-xmlrpc: No summary available for php5-xmlrpc in ubuntu natty.

No description available for php5-xmlrpc in ubuntu natty.

php5-xsl: No summary available for php5-xsl in ubuntu natty.

No description available for php5-xsl in ubuntu natty.