-
php5 (5.2.6-2ubuntu4.6) intrepid-security; urgency=low
* SECURITY UPDATE: information disclosure and denial of service via
zend_restore_ini_entry_cb function.
- debian/patches/CVE-2009-2626.patch: make sure new_value exists in
main/main.c, gracefully handle failure in Zend/zend_ini.c.
- CVE-2009-2626
* SECURITY UPDATE: Cross-site scripting via incomplete htmlspecialchars
filtering
- debian/patches/CVE-2009-4142.patch: rewrite handling logic in
ext/standard/html.c, add ext/standard/tests/strings/bug49785.phpt
test script, fix ext/standard/tests/strings/htmlentities-utf.phpt
test script.
- CVE-2009-4142
* SECURITY UPDATE: restrictions bypass via incorrect session data
handling
- debian/patches/CVE-2009-4143.patch: protect from interrupt
corruption in ext/session/session.c.
- CVE-2009-4143
-- Marc Deslauriers <email address hidden> Wed, 06 Jan 2010 08:57:19 -0500
-
php5 (5.2.6-2ubuntu4.5) intrepid-security; urgency=low
* SECURITY UPDATE: file truncation via key with null byte
- debian/patches/CVE-2008-7068.patch: make sure key and value are sane
in ext/dba/libinifile/inifile.c.
- CVE-2008-7068
* SECURITY UPDATE: certificate spoofing via null-byte certs (LP: #446313)
- debian/patches/CVE-2009-3291.patch: validate certificate's CN length
in ext/openssl/openssl.c.
- CVE-2009-3291
* SECURITY UPDATE: denial of service via malformed exif images
(LP: #446313)
- debian/patches/CVE-2009-3292.patch: check length, return codes, and
nesting level in ext/exif/exif.c.
- CVE-2009-3292
* SECURITY UPDATE: safe_mode bypass via tempam function
- debian/patches/CVE-2009-3557.patch: check for safe_mode in
ext/standard/file.c.
- CVE-2009-3557
* SECURITY UPDATE: open_basedir restrictions bypass via posix_mkfifo
- debian/patches/CVE-2009-3558.patch: check for open_basedir in
ext/posix/posix.c.
- CVE-2009-3558
* SECURITY UPDATE: denial of service via large number of files in
form-data POST request.
- debian/patches/CVE-2009-4017.patch: introduce new "max_file_uploads"
directive and enforce in main/main.c, main/rfc1867.c.
- ATTENTION: this update changes previous php5 behaviour by limiting
the number of files in a POST request to 50. This may be increased
by adding a "max_file_uploads" directive to the php.ini configuration
file.
- CVE-2009-4017
* SECURITY UPDATE: safe_mode_protected_env_vars bypass via proc_open()
- debian/patches/CVE-2009-4018.patch: add safe_mode check in
ext/standard/proc_open.c
- CVE-2009-4018
* debian/patches/fix-xmlrpc-datetime.diff
- Prevent stack smashing when using xmlrpc and datetime. (LP: #239513)
-- Marc Deslauriers <email address hidden> Thu, 26 Nov 2009 08:06:47 -0500
-
php5 (5.2.6-2ubuntu4.3) intrepid-security; urgency=low
* SECURITY UPDATE: denial of service via malformed JPEG image with
invalid offset fields
- debian/patches/130-SECURITY-CVE-2009-2687.patch: validate
offset_of_ifd in ext/exif/exif.c.
- CVE-2009-2687
-- Marc Deslauriers <email address hidden> Fri, 21 Aug 2009 10:42:29 -0400
-
php5 (5.2.6-2ubuntu4.2) intrepid-security; urgency=low
* SECURITY UPDATE: cross-site scripting vulnerability when display_errors
is enabled.
- debian/patches/127-SECURITY-CVE-2008-5814.patch: don't print back
cookie names or values in ext/standard/head.c.
- CVE-2008-5814
* SECURITY UPDATE: mbstring.func_overload setting in .htaccess affects
other virtual hosts.
- debian/patches/128-SECURITY-CVE-2009-0754.patch: don't terminate on
the first function that is not overloaded in ext/mbstring/mbstring.c.
- CVE-2009-0754
* SECURITY UPDATE: denial of service via malformed string to the
json_decode API function.
- debian/patches/129-SECURITY-CVE-2009-1271.patch: add extra mode
checks in ext/json/JSON_parser.c. Add test to ext/json/tests/001.phpt.
- CVE-2009-1271
-- Marc Deslauriers <email address hidden> Fri, 17 Apr 2009 08:11:24 -0400
-
php5 (5.2.6-2ubuntu4.1) intrepid-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code execution
via crafted font file. (LP: #286851)
- debian/patches/120-SECURITY-CVE-2008-3658.patch: make sure font->nchars,
font->h, and font->w don't cause overflows in ext/gd/gd.c. Also, add
test script ext/gd/tests/imageloadfont_invalid.phpt.
- CVE-2008-3658
* SECURITY UPDATE: denial of service and possible arbitrary code execution
via the delimiter argument to the explode function. (LP: #286851)
- debian/patches/121-SECURITY-CVE-2008-3659.patch: make sure needle_length
is sane in ext/standard/tests/strings/explode_bug.phpt. Also, add test
script ext/standard/tests/strings/explode_bug.phpt.
- CVE-2008-3659
* SECURITY UPDATE: denial of service via a request with multiple dots
preceding the extension. (ex: foo..php) (LP: #286851)
- debian/patches/122-SECURITY-CVE-2008-3660.patch: improve .. cleaning with
a new is_valid_path() function in sapi/cgi/cgi_main.c.
- CVE-2008-3660
* SECURITY UPDATE: mbstring extension arbitrary code execution via crafted
string containing HTML entity. (LP: #317672)
- debian/patches/123-SECURITY-CVE-2008-5557.patch: improve
mbfl_filt_conv_html_dec_flush() error handling in
ext/mbstring/libmbfl/filters/mbfilter_htmlent.c.
- CVE-2008-5557
* SECURITY UPDATE: safe_mode restriction bypass via unrestricted variable
settings.
- debian/patches/124-SECURITY-CVE-2008-5624.patch: make sure the page_uid
and page_gid get initialized properly in ext/standard/basic_functions.c.
Also, init server_context before processing config variables in
sapi/apache/mod_php5.c.
- CVE-2008-5624
* SECURITY UPDATE: arbitrary file write by placing a "php_value error_log"
entry in a .htaccess file.
- debian/patches/125-SECURITY-CVE-2008-5625.patch: enforce restrictions
when merging in dir entry in sapi/apache/mod_php5.c and
sapi/apache2handler/apache_config.c.
- CVE-2008-5625
* SECURITY UPDATE: arbitrary file overwrite from directory traversal via zip
file with dot-dot filenames.
- debian/patches/126-SECURITY-CVE-2008-5658.patch: clean up filename paths
in ext/zip/php_zip.c with new php_zip_realpath_r(),
php_zip_virtual_file_ex() and php_zip_make_relative_path() functions.
- CVE-2008-5658
-- Marc Deslauriers <email address hidden> Mon, 26 Jan 2009 08:43:21 -0500
-
php5 (5.2.6-2ubuntu4) intrepid; urgency=low
* debian/patches/fix-pecl-libtool.dpatch: fix libtool brokenness
with pecl. (LP: #262251)
-- Chuck Short <email address hidden> Tue, 14 Oct 2008 15:16:36 -0400
-
php5 (5.2.6-2ubuntu3) intrepid; urgency=low
* debian/rules: Point /usr/lib/php5/build/{libtool.m4, ltmain.sh}
to the right locations.
-- Chuck Short <email address hidden> Wed, 20 Aug 2008 11:23:46 -0400
-
php5 (5.2.6-2ubuntu2) intrepid; urgency=low
* Revert to using upstream's bundled libtool for now, until either upstream
moves to libtool 2.x, or Debian/Ubuntu have the time to rewrite some m4.
* Manually copy autotools-dev's versions of config.{sub,guess}, since we
no longer have libtoolize doing it for us, thanks to the above change.
* Fix libedit_is_editline.patch to patch sap/cli/php_cli* too (LP: 249800)
* Include patch from Debian (deprecated_freetds_check.patch) to fix FTBFS
with more recent versions of FreeTDS.
-- Adam Conrad <email address hidden> Tue, 12 Aug 2008 14:01:15 -0600
-
php5 (5.2.6-2ubuntu1) intrepid; urgency=low
* Merge from debian unstable, remaining changes:
- debin/control, debian/rules: Disable a few build dependencies and
accompanying binary pckages which we do not want to support in main:
+ freebird2-dev/php5-interbase (we have a seperate php-interbase source)
+ libc-client-dev/php5-imap (we have a seperate php-imap source)
+ libmcrypt-dev/php5-mcrypt (seperate php-mcrypt source)
+ readline support again, now that the libedit issue is fixed.
- debian/control: Add build dependency: libedit-dev (>= 2.9.cvs.20050518-1)
CLI readline support
- debian/rules:
+ Correctly mangle PHP5_* macros for lpia
- debian/patches/use-specific-libdb-version.patch (LP: #165247), mangle
version ordering in patch to match code for clean application.
- debian/patches/119-sybase-alias.patch:
+ Fix sybase regression since change to msqql. (LP: #240519)
- debian/control: Use libdb-4.6-dev
php5 (5.2.6-2) unstable; urgency=high
[ Raphael Geissert ]
* Lintian-based changes:
- also install a lintian override for libapache2-mod-php5filter
- fixed the generic lintian overrides so they are meaningful
- dropping linda overrides, linda is gone now
- s/meta-package/metapackage
* debian/control:
- Updated php5's description so it mentions three instead of
only two server-side SAPIs
- Depend on php5-cli in php-pear (Closes: #482517)
+ Previous change reverted because of PEAR packages FTBFS
- {B-,}Depend on tzdata to avoid crashes caused by the tz ext patch
- Dropped some versioned {b-,}dependencies that are satisified
even on sarge
* php.ini-*: state that when using a custom save_path,
gc_probability should also be set (Closes: #388808, #321460)
* tzdb-nofree_ents_ifnotzdata.patch: avoid free'ing ents when the tz dir does
not exist (Closes: #483461)
[ Sean Finney ]
* Fix for CVE-2008-2829: unsafe usage of deprecated imap functions
Patch: CVE-2008-2829.patch
* Modifications to suhosin.patch due to alignment problems on some
architectures. Thanks to Stefan Esser for the initial suggestion.
(Closes: #481737).
* Rename the apache2 filter module to libphp5filter.so, to prevent
conflicting filenames for symbols in the debug package.
-- Chuck Short <email address hidden> Thu, 17 Jul 2008 15:16:15 +0100
-
php5 (5.2.6-1ubuntu4) intrepid; urgency=low
* debian/patches/119-sybase-alias.patch:
- Update patch fixes FTBFS.
-- Chuck Short <email address hidden> Fri, 20 Jun 2008 14:07:29 +0000
-
php5 (5.2.6-1ubuntu3) intrepid; urgency=low
* debian/control: Use libdb4.6-dev.
* debian/patches/119-sybase-alias.patch:
- Fix sybase regression since change to mssql. (LP: #240519)
-- Chuck Short <email address hidden> Thu, 19 Jun 2008 18:52:29 +0000
-
php5 (5.2.6-1ubuntu2) intrepid; urgency=low
* debian/patches/119-sybase-alias.patch:
- Fixes missing sybase support. (LP: #240519)
-- Chuck Short <email address hidden> Wed, 18 Jun 2008 19:53:32 +0000
-
php5 (5.2.6-1ubuntu1) intrepid; urgency=low
* Merge from Debian unstable. Remaining Ubuntu changes:
- debian/control, debian/rules: Disable a few build dependencies and
accompanying binary packages which we do not want to support in main:
+ firebird2-dev/php5-interbase (we have a separate php-interbase source)
+ libc-client-dev/php5-imap (we have a separate php-imap source)
+ libmcrypt-dev/php5-mcrypt (separate php-mcrypt source)
+ readline support again, now that the libedit issue is fixed.
- debian/control: Add build dependency: libedit-dev (>= 2.9.cvs.20050518-1)
CLI readline support
- debian/rules:
+ Correctly mangle PHP5_* macros for lpia
- debian/patches/use-specific-libdb-version.patch (LP: #165247), mangle
version ordering in patch to match code for clean application
* Accepted into Debian
- debian/patches/027-readline_is_editline.patch (LP: #124846), patch
indexes bumped up to 5.2.6
* Dropped changes:
- debian/rules:
+ use 32M memory_limit for CLI and 16M for cgi/libapache (LP: #148871)
- debian/patches/fix_64bit_time.patch (LP: #194318), upstream
* New Ubuntu changes:
- main/php_version.h: updated with 5.2.6-1 Ubuntu version info
-- Dustin Kirkland <email address hidden> Tue, 27 May 2008 09:22:58 -0500
-
php5 (5.2.5-3ubuntu1) intrepid; urgency=low
* Merge from Debian unstable. Remaining Ubuntu changes:
- debian/control, debian/rules: Disable a few build dependencies and
accompanying binary packages which we do not want to support in main:
+ firebird2-dev/php5-interbase (we have a separate php-interbase source)
+ libc-client-dev/php5-imap (we have a separate php-imap source)
+ libmcrypt-dev/php5-mcrypt (separate php-mcrypt source)
+ readline support again, now that the libedit issue is fixed.
- debian/control: Add build dependency: libedit-dev (>= 2.9.cvs.20050518-1)
CLI readline support
- debian/rules:
+ Correctly mangle PHP5_* macros for lpia
+ use 32M memory_limit for CLI and 16M for cgi/libapache (LP: #148871)
- debian/patches/027-readline_is_editline.patch (LP: #124846)
- debian/patches/use-specific-libdb-version.patch (LP: #165247)
* New Ubuntu changes:
- debian/patches/fix_64bit_time.patch (LP: #194318)
- debian/patches/use-specific-libdb-version.patch (LP: #165247),
updated patch to match change in ordering of db versions
- main/php_version.h: updated with 5.2.5-3 Ubuntu version info
-- Dustin Kirkland <email address hidden> Tue, 06 May 2008 10:24:33 -0500
-
php5 (5.2.4-2ubuntu5) hardy; urgency=low
* fixes strtotime support for 64 bit timestamps (LP: #194318)
- Upstream: http://bugs.php.net/bug.php?id=44209
* Update tests to account for newly working timestamps
- Upstream: http://bugs.php.net/?id=44219
-- Dustin Kirkland <email address hidden> Wed, 27 Feb 2008 13:00:18 -0500
