Format: 1.8 Date: Thu, 28 Apr 2011 05:37:29 -0700 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-dev php5-dbg php-pear php5-curl php5-gd php5-gmp php5-ldap php5-mhash php5-mysql php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: amd64 amd64_translations Version: 5.2.10.dfsg.1-2ubuntu6.9 Distribution: karmic Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Steve Beattie Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-ldap - LDAP module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Changes: php5 (5.2.10.dfsg.1-2ubuntu6.9) karmic-security; urgency=low . * SECURITY UPDATE: arbitrary files removal via cronjob - debian/php5-common.php5.cron.d: take greater care when removing session files. - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09 - CVE-2011-0441 * SECURITY UPDATE: symlink tmp races in pear install - debian/patches/php5-pear-CVE-2011-1072.patch: improved tempfile handling. - debian/rules: apply patch manually after unpacking PEAR phar archive. - CVE-2011-1072 * SECURITY UPDATE: more symlink races in pear install - debian/patches/php5-pear-CVE-2011-1144.patch: add TOCTOU save file handler. - debian/rules: apply patch manually after unpacking PEAR phar archive. - CVE-2011-1144 * SECURITY UPDATE: use-after-free vulnerability - debian/patches/php5-CVE-2010-4697.patch: retain reference to object until getter/setter are done. - CVE-2010-4697 * SECURITY UPDATE: denial of service through application crash with invalid images - debian/patches/php5-CVE-2010-4698.patch: verify anti-aliasing steps are either 4 or 16. - CVE-2010-4698 * SECURITY UPDATE: denial of service through application crash - debian/patches/php5-CVE-2011-0421.patch: fail operation gracefully when handling zero sized zipfile with the FL_UNCHANGED argument - CVE-2011-0421 * SECURITY UPDATE: denial of service through application crash when handling images with invalid exif tags - debian/patches/php5-CVE-2011-0708.patch: stricter exif checking - CVE-2011-0708 * SECURITY UPDATE: denial of service and possible data disclosure through integer overflow - debian/patches/php5-CVE-2011-1092.patch: better boundary condition checks in shmop_read() - CVE-2011-1092 * SECURITY UPDATE: use-after-free vulnerability - debian/patches/php5-CVE-2011-1148.patch: improve reference counting - CVE-2011-1148 * SECURITY UPDATE: denial of service through buffer overflow crash (code execution mitigated by compilation with Fortify Source) - debian/patches/php5-CVE-2011-1464.patch: limit amount of precision to ensure fitting within MAX_BUF_SIZE - CVE-2011-1464 * SECURITY UPDATE: denial of service through application crash via integer overflow. - debian/patches/php5-CVE-2011-1466.patch: improve boundary condition checking in SdnToJulian() - CVE-2011-1466 * SECURITY UPDATE: denial of service through application crash when using HTTP proxy with the FTP wrapper - debian/patches/php5-CVE-2011-1469.patch: improve pointer handling - CVE-2011-1469 * SECURITY UPDATE: denial of service through application crash when handling ziparchive streams - debian/patches/php5-CVE-2011-1470.patch: set necessary elements of the meta data structure - CVE-2011-1470 * SECURITY UPDATE: denial of service through application crash when handling malformed zip files - debian/patches/php5-CVE-2011-1471.patch: correct integer signedness error when handling zip_fread() return value. - CVE-2011-1471 Checksums-Sha1: 84261bd184218635e13873a2daf6781ecdc36093 429100 php5-common_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 06e2086c68f01ec7c83351a78a538c4c8fe5e83a 2643742 libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 1fe193e46d2e3f19d69de0ae26df44260dc6c1e1 2642732 libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 5a8dfb1548639f3020ca525ce112231e3a8773cd 5151038 php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb ea5026f8d82b4994683651435e694f5622b4f641 2598706 php5-cli_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb b7a15c1cddb50f61dfbd27c52b3553b7658923eb 370460 php5-dev_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb f1f3f6206bef29976d0cfa68c151cf3c870ccfc2 8312730 php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb dc3da633584d12cb4772ed83bd75854db9c0a314 25498 php5-curl_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 4953312da69b39a8032de07b4386d45e10a7a58c 37624 php5-gd_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 033496bbd4aa5e5e89e9fde7b52d3d2164db5f0d 16374 php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb b14c9e2fca9dd484f0c823542b2ea8b7dcadff26 20640 php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb aba67ee34b191cb1c8ddf71d22fba7cbf8364506 5688 php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 9874de1c0f555b471f2e5b9584b7b6fd6eedec80 75408 php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 27316934a885dc689a07c39dac2adcb4c9e7373a 39240 php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 9df072a13fff1a45e03163e9e4dc70883e519c4a 58192 php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 5fe083348939403835031cfa47ac27d6efb493aa 10084 php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb b8b07598702c71e6dcebba27668e4b378a2f73eb 5192 php5-recode_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 85f92ed4881aa4fda92fe9665d3138bdbedcdf31 13138 php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb f31e07150967048fee9b5c67ba6c36d4ad511252 40342 php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 490df2d818ba257ab025ec54abab164231bb5bc8 29072 php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 7b04b0eb1275072d6fb04c19b80104790aa3fa49 18214 php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb d15b4b50090bed3610db9f2678095262a14df7e0 39368 php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb a0acc6ba6768a7e8fcf49751298eae81022de371 14056 php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 133144728690232212825fad2499f752e633fcef 542 php5_5.2.10.dfsg.1-2ubuntu6.9_amd64_translations.tar.gz Checksums-Sha256: 8f85906695c2dc6132647b0ea861c46951fbb16d8916351f821ccc89a4be9e86 429100 php5-common_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 9a48286beec2b35f9a27f4c48d15ddfc87198cc5cf37c0d8517755940999c1ba 2643742 libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 88bb8e14d77de201272189e0522dd64f0ab63cbe5e23c7817651efbb1229a279 2642732 libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb c95349b037757908065f60e97ef96834495ac06f7859652f7fe0e1f89496a092 5151038 php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb ac93a5a2e92635c8af36bd68327aa4021801725645df8612133fefdf20136841 2598706 php5-cli_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb d8e9d88511dc7255464a81eec1ca84bac9b07de99513a86837c0fd907c07c4c1 370460 php5-dev_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb f69c9005eed2d93bd6327d0bd27c4d955018cadc47574b1eb6ebbbcfde45a584 8312730 php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 181bd88b37ac61f5067881ef5a94cab39b1e478c44e81dc979c37571b57fb619 25498 php5-curl_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 7c258f18bcf198aa26c83a4288eb834ff48696bb101b375d8690dc692a4a0240 37624 php5-gd_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 967acf52f4d24373271c8ea8f62979737e3dbb0baa2ca9bad77a487703111d78 16374 php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 2d00d8d72925c280ed5f29fc06bf278df84ef2f33cf22f7490a1de2988b70d34 20640 php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 5d4c045effb5098fabe26abd3e18dcab40a0f2ec01049fac5d9aa08663fdf26f 5688 php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 62a963bcf1ef304266e95fd56a639bbfe9ee96e503c55feb88323a6b48fd9a54 75408 php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 5ed76251b95b12d3b7d09117439bfb6a38da83350b0308a6a8486608dacd02df 39240 php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb b3beef52a26422e9c6e924931896dc8e5e2880f87a04a9a401580841b44b4fd9 58192 php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 82c7063bb738881f89fed6c5d0e1156a63ed47be5e38f01ef03ef026ed47161e 10084 php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb c34cbf9b750d490b337747adc98241d38e24924e374851db6dc1d5c773e59733 5192 php5-recode_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb dca6f36230bfae047915c3bbdb01cf52fd2e8ee46cd0524bad58693ee30c5db8 13138 php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb e4a87d52f3b6c82702317926fff6b38c02989046fd0ad73abdb6b0f691f13b14 40342 php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb c8124b697783a57ef7d1c377824c9edf7d9f35e37959050f1654b643ec30951c 29072 php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 274feec26813f82d206955776d54f3554db67b7b22b18771aae3b31827d8813a 18214 php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 7402933596cd6209e66941b243b56dcaa9e97df02cd55e925a3a556726031bae 39368 php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb d4c5763327cc9a193dd6a1f2b5a76e9099b3892242e52040db2bdaa6345ec86e 14056 php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 87f0b19389728cdddeefa5f6852e1a06d844bdf1c2ce6cb1424bbb014fd2cb48 542 php5_5.2.10.dfsg.1-2ubuntu6.9_amd64_translations.tar.gz Files: 8ecb8f915f44eedec4b1cffcc94293b7 429100 php optional php5-common_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb ca34530d71db600392c4e2d0fd481fd7 2643742 httpd optional libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb e0255e8f1d0f14112c400dbc7317e0c0 2642732 httpd optional libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 8183018001bbce703b925006b5a89633 5151038 php optional php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 4939e4cd988e54f8b6c1202f8a77f664 2598706 php optional php5-cli_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 7f0f9b41b7be806ebff15150eac65ae4 370460 php optional php5-dev_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 8f98108f8a73fc9dd8714dcd4757b4bc 8312730 debug extra php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 18f81c8f7ebf966ca1cd62210c080892 25498 php optional php5-curl_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb ad12f4af505a4016233409fedb08000f 37624 php optional php5-gd_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb be81a76a4af02ebe08db013464d31df5 16374 php optional php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 2acf58d42fac6ac74635c9d777d84f82 20640 php optional php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb faa06691a1a716127a388abdc59c79f7 5688 php optional php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 680e7299ccf4289aadeae7652ba55b4d 75408 php optional php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 7ded939fea703a9874b3398a24cdcb8b 39240 php optional php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 703bb969667eac4b92b34b3c15e2f031 58192 php optional php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 4efae7d44b1dac683afe93edc0f276e3 10084 php optional php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 4a7600a4f32ce25849bcb58d1ee92443 5192 php optional php5-recode_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb e6d2afc60696c0694010a38cba21f766 13138 php optional php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 402c43b4529175a0701ace4a041beb93 40342 php optional php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 1b3978ab443f35d7ee42e519403fd2dd 29072 php optional php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 925c68c31dc6eecefd085f89421624f5 18214 php optional php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 23a40e01b633bbd0d12e74c8a89b60f1 39368 php optional php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb 9653273e566d2a3c67efcc129538a9d3 14056 php optional php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_amd64.deb d07552a8599d7fbe28549eaef4636569 542 raw-translations - php5_5.2.10.dfsg.1-2ubuntu6.9_amd64_translations.tar.gz Original-Maintainer: Debian PHP Maintainers