Format: 1.8 Date: Tue, 14 Sep 2010 14:41:26 -0400 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-dev php5-dbg php-pear php5-curl php5-gd php5-gmp php5-ldap php5-mhash php5-mysql php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: sparc sparc_translations Version: 5.2.10.dfsg.1-2ubuntu6.5 Distribution: karmic Urgency: low Maintainer: Ubuntu/sparc Build Daemon Changed-By: Marc Deslauriers Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-ldap - LDAP module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Changes: php5 (5.2.10.dfsg.1-2ubuntu6.5) karmic-security; urgency=low . * SECURITY UPDATE: denial of service via xmlrpc crafted argument - debian/patches/CVE-2010-0397.patch: make sure method_name isn't empty in ext/xmlrpc/xmlrpc-epi-php.c, add test to ext/xmlrpc/tests/bug51288.phpt. - CVE-2010-0397 * SECURITY UPDATE: weak entropy in Linear Congruential Generator (LCG) - debian/patches/CVE-2010-1128.patch: add more entropy in ext/standard/lcg.c. - CVE-2010-1128 * SECURITY UPDATE: safe_mode bypass via trailing slash in dir pathnames - debian/patches/CVE-2010-1129.patch: properly validate pathname in ext/standard/file.c. - CVE-2010-1129 * SECURITY UPDATE: safe_mode bypass via semicolon in session_save_path - debian/patches/CVE-2010-1130.patch: check for semicolon in ext/session/session.c. - CVE-2010-1130 * SECURITY UPDATE: arbitrary code execution via empty SQL query - debian/patches/CVE-2010-1868.patch: use ecalloc instead of emalloc in ext/sqlite/sqlite.c. - CVE-2010-1868 * SECURITY UPDATE: denial of service via fnmatch stack consumption - debian/patches/CVE-2010-1917.patch: limit size of pattern in ext/standard/file.c. - CVE-2010-1917 * SECURITY UPDATE: sensitive information disclosure or arbitrary code execution via use-after-free in SplObjectStorage unserializer - debian/patches/CVE-2010-2225.patch: fix logic in ext/spl/spl_observer.c. - CVE-2010-2225 * SECURITY UPDATE: sensitive information disclosure via error messages - debian/patches/CVE-2010-2531.patch: don't display data when flushing output buffer in ext/standard/{var.c,php_var.h}, fix tests in ext/standard/tests/general_functions/*. - CVE-2010-2531 * SECURITY UPDATE: arbitrary session variable modification via crafted session variable name - debian/patches/CVE-2010-3065.patch: handle PS_UNDEF_MARKER marker in ext/session/session.c. - CVE-2010-3065 Checksums-Sha1: b4e94fa9d31514970b3f2792ee362ad13e464d4e 426708 php5-common_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb e622e397f47c0c1c65bc148632abb182cff8f882 2493918 libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 0abcb93387cfd978e9275f3f7d5dd628efff1868 2492420 libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 53066169d8b32c39ce6ba8b272e5ddaf3165afc9 4884740 php5-cgi_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 52f09e9dd77f8449fc8f228aba03721351a1e4e4 2461434 php5-cli_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb bce0f3ae6d208365fe4fa6d7d099eb12d5d14e37 367006 php5-dev_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb eecd403794c6eb52ae603f35ae01c55f6b38e07b 8364802 php5-dbg_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 88a57ee0360fcfdd53541958e178eb77b7d59596 24558 php5-curl_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb ccfa4d62810513d5ccf65f5025d326931181c94d 33102 php5-gd_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 0badbb5fe9d171c1ed2e137135ee95b8d6e315a7 13328 php5-gmp_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 49e6f6992517ca7f5591aac3075a3b633208b0f0 17918 php5-ldap_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 7ed6f88a1099f222da0666b326d21312901ad472 5182 php5-mhash_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb c528021ac5dc9dfbab8aa9247b1ba1c85416120e 62936 php5-mysql_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb f42e3d85e6b1528321e95826d2628a6bf8728193 33388 php5-odbc_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 5c6dba10687294c0561a5f1fc3721eead7e02712 50238 php5-pgsql_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 10cf9550890d3bb83fdcf196c717953089ef3376 8624 php5-pspell_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 57a6e9c5b031dc95bef4237994afb8794006022d 4838 php5-recode_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 802b1fd64a8dce7380e01dcc710d51763697a6fb 11978 php5-snmp_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb cf654a339a34f09aa4f6f707cc2bb23eaf9abbf8 32614 php5-sqlite_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb e47c98e04809c844e4e26465ba131289166f717f 24980 php5-sybase_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 591e739e75b93b8d653e8d0c91687dfc63bdbeaa 16586 php5-tidy_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb a4211375e2746067b4cedac0e225040a523016a5 34984 php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 9a08944a03782b8a575191cf475bbe50c26b87cf 12372 php5-xsl_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb f9d187049a42d20b29fe1a87295e097f97191c49 543 php5_5.2.10.dfsg.1-2ubuntu6.5_sparc_translations.tar.gz Checksums-Sha256: af81d41e8327fdc1101f5a11547d77ab3264fbbd10e977d37770113fd71ecff4 426708 php5-common_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb e0d885f22f93c62337016e4a2de1328af0622711aaac989e44b996c0f8345515 2493918 libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb d14100cc7fd352f1a4fa8be65ac4c815e15f0f62a5569829a43f468488a3bf89 2492420 libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb d92a94683c61656f484b8f97f05d79d1a3e9e5bb6d8e6583f49456a4defa752b 4884740 php5-cgi_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 210ea7b8b06a0da52c50964a987bc36e5dcead1c596d47491c5fa42f91123321 2461434 php5-cli_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb a5ef4101391958f75244929f37681de69adfafadb44c70f4dc1c4b0e4b47bcce 367006 php5-dev_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb f08f2f8ecd2be68212619cca70fc75a6ea4f704effe69e871200bdd2cf2bc87f 8364802 php5-dbg_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 17a35aca6198615e2aa5c36566f09c07bce7f3b0bf4898e06a7825a3a7562de7 24558 php5-curl_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb f4c8580408a6307cad8611bfa946f78132e1c74ffa6ba66217fc33fd69bdef97 33102 php5-gd_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 14e997e0f513d9809f2c671015b42431f86ce126d3ea6a3825beb14cb7a266b8 13328 php5-gmp_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 6bfbcefc1dca9611c0350ffb7fb2da98cc4feab9f6e084774c38443122b7d608 17918 php5-ldap_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 61e25d8173d11f6cc2e1a7fc759b7b60ad810d5656daf42f190a320c42bc251a 5182 php5-mhash_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 9ab73cd953155c5a69ddfb4df2a67c9aa4578b301759c5586990a3760529ce40 62936 php5-mysql_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 030affe6448a7455197abfa2b1a9cd232a18b874fdaefcca4c6069a839acf263 33388 php5-odbc_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 589452a770cd7d5a95425c76af66a68966658b50a8f6082258556acbcf7df02d 50238 php5-pgsql_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb e41eec6d8a0b2efc0ab7850cb917e2539855d47f99d9c967fe15543589a3e138 8624 php5-pspell_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb a28f860eeac2633b19ca4c33de376efb5786b8879eef6d0f6eb252ae223ba68d 4838 php5-recode_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 24c2dd89f18d934c0208d7e5fffd7160b449b00757681764b302dde1a7b973a1 11978 php5-snmp_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 2a3401c7aa0a4d0d7bcadf68c4781af3aa48393a7a796089fc090d3863f16978 32614 php5-sqlite_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 2ff61fb7cf7f2630c84340acb6494fae65c4e1b308ee49a22b95e0c574b6eb83 24980 php5-sybase_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 6e243496b1ce0689a4aba9bcd24eb3b0afa5c9c105cdd3da4a5467f21ea6beac 16586 php5-tidy_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb d8f0110469e16d7ec2bf9de4b160b5f00219b603aaa1d9081186106f80cc1501 34984 php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb dc3c7d28351fc00818ca5a1eb0275bc7d3ab4a0f9f7646a8976468435980d752 12372 php5-xsl_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb d63ba4bacba44ffe5d53702583130e90c940599085c6583d8286de35e147665b 543 php5_5.2.10.dfsg.1-2ubuntu6.5_sparc_translations.tar.gz Files: d4d8482727581c3db16617a7f91315d6 426708 php optional php5-common_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 6134f9d30cc54202803cec4cbd09b089 2493918 httpd optional libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 9c3d3e00f0d3235b7e8fea7445a8b4ff 2492420 httpd optional libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 9ee77e28f22302996c9bc0d499b16ee8 4884740 php optional php5-cgi_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb b0592abeb7163d5563f2f11b36acc180 2461434 php optional php5-cli_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 5a35dc140710a454cceee1c45924d6b6 367006 php optional php5-dev_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 9536a211a4e9f84f1ca9831c8aebb248 8364802 debug extra php5-dbg_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 1c4743a993cce53736de01ad77221b5c 24558 php optional php5-curl_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 619dc9f75d423425032e6b7e1a01b37f 33102 php optional php5-gd_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 9e98ed23927a3a8e34caba948fe1e629 13328 php optional php5-gmp_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 6d655f547456d39027eb36ed76bd2306 17918 php optional php5-ldap_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb a2594f1f8a4f434a4c9d11ee339bb821 5182 php optional php5-mhash_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 93c4aa26cabd75d81fa0909c59acfd7b 62936 php optional php5-mysql_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb b5bcfa2559b467a4aabe6982ae9e2d95 33388 php optional php5-odbc_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 936fd084a37bd4ff6cbb5ffdd65fb6a0 50238 php optional php5-pgsql_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 4a0c4b79000a3c2a81629548ec6714ba 8624 php optional php5-pspell_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb da0ddd7f1b1331bc535f637d5755428d 4838 php optional php5-recode_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 2fda121576ea99b10d3b8db75f6dba5c 11978 php optional php5-snmp_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 4604ad783d42311d027014e46bab7419 32614 php optional php5-sqlite_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 857c67ca2718ebad409b82da72b6a642 24980 php optional php5-sybase_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb c3408d7a01e71ca520a016fd981102e8 16586 php optional php5-tidy_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb 82e9a29752fe18f116e158609a3e910c 34984 php optional php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb ff28e25e311babf6a5995fc1acbc2a08 12372 php optional php5-xsl_5.2.10.dfsg.1-2ubuntu6.5_sparc.deb e921e8b23061408e94561adb3e7646a5 543 raw-translations - php5_5.2.10.dfsg.1-2ubuntu6.5_sparc_translations.tar.gz Original-Maintainer: Debian PHP Maintainers