Format: 1.8 Date: Thu, 28 Apr 2011 05:37:29 -0700 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-dev php5-dbg php-pear php5-curl php5-gd php5-gmp php5-ldap php5-mhash php5-mysql php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: i386 i386_translations all Version: 5.2.10.dfsg.1-2ubuntu6.9 Distribution: karmic Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Steve Beattie Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-ldap - LDAP module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Changes: php5 (5.2.10.dfsg.1-2ubuntu6.9) karmic-security; urgency=low . * SECURITY UPDATE: arbitrary files removal via cronjob - debian/php5-common.php5.cron.d: take greater care when removing session files. - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09 - CVE-2011-0441 * SECURITY UPDATE: symlink tmp races in pear install - debian/patches/php5-pear-CVE-2011-1072.patch: improved tempfile handling. - debian/rules: apply patch manually after unpacking PEAR phar archive. - CVE-2011-1072 * SECURITY UPDATE: more symlink races in pear install - debian/patches/php5-pear-CVE-2011-1144.patch: add TOCTOU save file handler. - debian/rules: apply patch manually after unpacking PEAR phar archive. - CVE-2011-1144 * SECURITY UPDATE: use-after-free vulnerability - debian/patches/php5-CVE-2010-4697.patch: retain reference to object until getter/setter are done. - CVE-2010-4697 * SECURITY UPDATE: denial of service through application crash with invalid images - debian/patches/php5-CVE-2010-4698.patch: verify anti-aliasing steps are either 4 or 16. - CVE-2010-4698 * SECURITY UPDATE: denial of service through application crash - debian/patches/php5-CVE-2011-0421.patch: fail operation gracefully when handling zero sized zipfile with the FL_UNCHANGED argument - CVE-2011-0421 * SECURITY UPDATE: denial of service through application crash when handling images with invalid exif tags - debian/patches/php5-CVE-2011-0708.patch: stricter exif checking - CVE-2011-0708 * SECURITY UPDATE: denial of service and possible data disclosure through integer overflow - debian/patches/php5-CVE-2011-1092.patch: better boundary condition checks in shmop_read() - CVE-2011-1092 * SECURITY UPDATE: use-after-free vulnerability - debian/patches/php5-CVE-2011-1148.patch: improve reference counting - CVE-2011-1148 * SECURITY UPDATE: denial of service through buffer overflow crash (code execution mitigated by compilation with Fortify Source) - debian/patches/php5-CVE-2011-1464.patch: limit amount of precision to ensure fitting within MAX_BUF_SIZE - CVE-2011-1464 * SECURITY UPDATE: denial of service through application crash via integer overflow. - debian/patches/php5-CVE-2011-1466.patch: improve boundary condition checking in SdnToJulian() - CVE-2011-1466 * SECURITY UPDATE: denial of service through application crash when using HTTP proxy with the FTP wrapper - debian/patches/php5-CVE-2011-1469.patch: improve pointer handling - CVE-2011-1469 * SECURITY UPDATE: denial of service through application crash when handling ziparchive streams - debian/patches/php5-CVE-2011-1470.patch: set necessary elements of the meta data structure - CVE-2011-1470 * SECURITY UPDATE: denial of service through application crash when handling malformed zip files - debian/patches/php5-CVE-2011-1471.patch: correct integer signedness error when handling zip_fread() return value. - CVE-2011-1471 Checksums-Sha1: 8fc6f9a11f3b8bc225d6f3c5a08016ba34c41e58 424028 php5-common_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 0ca24305743312b0b6ea9ab8fa29b49a6773c633 2505392 libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 1d27d33164131ad237acce6355157f340799082a 2503908 libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 0789d496623a399efa18cf36989305df13bb15da 4982712 php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_i386.deb e74873f40eb1519cc03eb99300a6a8efccfb54a0 2512726 php5-cli_5.2.10.dfsg.1-2ubuntu6.9_i386.deb fb8e9635ba6b2becff33081bbb06677e43673e6c 370246 php5-dev_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 5b51283c7936318230c082fc615a48f57944a3bf 8511488 php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 98fb79beaecca27e37679f1e47bf531e07606ce2 24030 php5-curl_5.2.10.dfsg.1-2ubuntu6.9_i386.deb ada2c452a3c1365a2e8cf05eb878501943799dc1 33208 php5-gd_5.2.10.dfsg.1-2ubuntu6.9_i386.deb b9923bf1dc9fd1706bf1cee5c6b4eaee682e9449 14222 php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_i386.deb fd44c55560456ac88882766e70eae6aa2b29de89 18782 php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 0e30986c60406446766eb9445a17ac1489383d5d 5364 php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 5a1942a1c698dc14ceefc49c8d9395e6f11b4fe6 66136 php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 6511332f5010023904a29db9dce803912e1c8c05 35100 php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 86011a070beec56a5e8eb44a24f6fe33c885307a 53874 php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 26f839a9d433b376429042fd9dbe4f8a794d68b8 9186 php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 9ce221fef4611592b2ef626c0febb2b67ba80100 4956 php5-recode_5.2.10.dfsg.1-2ubuntu6.9_i386.deb f11badc4e45688c3d952f8f02c8bc23b7657620a 12074 php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 7fa25a6f716bbba81576874bf26c7b70f0d87ee4 34974 php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 03e7f7520594f52df8c52c637fca9da9d3d7de42 26684 php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_i386.deb cb6331f4a95544f6706c47c9c2937bd537c62e4a 16600 php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 66d1f106776267af91ae45739178d4f470b7d895 36534 php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 9fd1b888df789ee749ce0c5dad2dfddf7e683218 12934 php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 92875be81998dd3b084b5605288c7f5fd4f38ba1 543 php5_5.2.10.dfsg.1-2ubuntu6.9_i386_translations.tar.gz c7bec1afc631770bec782059e865bd442284fc1a 1120 php5_5.2.10.dfsg.1-2ubuntu6.9_all.deb 5e014e9f17b7c786682da8e2058054dbe64d1326 335336 php-pear_5.2.10.dfsg.1-2ubuntu6.9_all.deb Checksums-Sha256: 253426d9719f583bbf835b26e384fc24c27ccfec83bcf7277cef37f5dbd9d497 424028 php5-common_5.2.10.dfsg.1-2ubuntu6.9_i386.deb b5b6fe93f27b4fd91c257635946033cbf49f7d467caf5016d5544952b2e7a402 2505392 libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 803d7b958be6fbd0604b0a9c4924d39324dae8e588d8a766c37c51a6012eaf93 2503908 libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 6d473fa1cf0f22bfd9bc4f0c909224fd559749518f1101ca57a20d96d004ebb9 4982712 php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 1d5259aa7a0b8d1a9e3fe8e6fbf213f37172b790928132984d84202f8081ce8d 2512726 php5-cli_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 613bcb1d2cd9340ff95ca0a7e1237af2d086ba49fac8835383b78c1a87050906 370246 php5-dev_5.2.10.dfsg.1-2ubuntu6.9_i386.deb bbf7a13301352d595483c350e92e7238ff8ded8a65a8644dec4157ede3afa12f 8511488 php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 9ac98bf17147f07f1a01de5cd33b1f42506443e93fe481d086ead6cbdef81b31 24030 php5-curl_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 49dad1c9a7c7db030eec2381b9a30b105420a34f6b77b0e2b80f2a1def6a57e8 33208 php5-gd_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 0b3c2e7a080a0d1b0a03aeae1204a6f16166397a5a604295de6093b2e0de32b0 14222 php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 0b9bb2879983d51a4a44d695cd4d57d2366703e5a6309debd6d79f75a90767b2 18782 php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 5c9a3eb84a70f9ff0bda07ca8d2ae96ee2d3474154249a1bd7a4927e3c7d31b2 5364 php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_i386.deb aca57fc732e29dd7077d007cbb506c13b107e1392c40e3246b654eb4c83ae8b3 66136 php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 0adbbdcfb0f42e54033f175d48514e2f21d61b9b38bd53d5da1824cd2b10e566 35100 php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 67ad484059ebbe44d65eb303958b87c062998f24399ad7eed64453e14250bfb3 53874 php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_i386.deb c3f47e50b44780e4ce65c2a05d2b5c779607a2be04606d7796a6fb657affecda 9186 php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_i386.deb c9d48bdfaf2b940a6fb078b43314a53a262c5c0dd7a5ec20b5d60c36042da5f1 4956 php5-recode_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 76a51aea10051df4d0359a6bb33a99b90d0926e2ebb7a257792fe7bf44e23bc0 12074 php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 3181d119f1ed3a169bffba441fe1b4a4c60540d239bd0c14a8f2ee3f3b7ae030 34974 php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 1686abc8ea15147d28b4dc3bb5f7046097bfb4aafdc8f1a91466efdd9453ae03 26684 php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 363faf9c9b8f5c2a8b7f0cf4d535cec21a1b1600e8d3db7997b7cf5bc481d14c 16600 php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 8ffb249102a883800e0a93fb132df1c0eafa8f14cb452a4d9324c7a2261ed99a 36534 php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_i386.deb c7baafed0821c6648b016cd69181dc3154a89c22f91949a4d3ba59c211a0177e 12934 php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_i386.deb d8b1d93d208ac2e5ccdac61429679757e1aa1de377a96c041e4524aec2be7696 543 php5_5.2.10.dfsg.1-2ubuntu6.9_i386_translations.tar.gz 45ed4d846190c3b26a3fd83673100951f0fb9bd8b101499629c98e6d993cb5f6 1120 php5_5.2.10.dfsg.1-2ubuntu6.9_all.deb 756b80708fc13a964676e9157af318781628ecc687d03d1da17342ef28727641 335336 php-pear_5.2.10.dfsg.1-2ubuntu6.9_all.deb Files: 3c060b04e830bb24a4bf4bdc1518a631 424028 php optional php5-common_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 5d85d36e8650753f4d6cef90df58edec 2505392 httpd optional libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 2ec325d0734fcc40f85700e7f2febb0a 2503908 httpd optional libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 01eef45a30bbefaf36d534f78f6c5863 4982712 php optional php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_i386.deb f1742dc8927bfa206c08533e416cb1a5 2512726 php optional php5-cli_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 03f2eb66357f4fb1d3e056d5e16d6cf8 370246 php optional php5-dev_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 6ec6fc5f194131bd448da1824ba466f2 8511488 debug extra php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 321a83acb8b4eae11c30203d3f3effda 24030 php optional php5-curl_5.2.10.dfsg.1-2ubuntu6.9_i386.deb b60278c499f23221c3fd2f21e6bd629c 33208 php optional php5-gd_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 04f485c1b602fe562685a7c2d0e5653c 14222 php optional php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 189473cda7dfb9b6426fd18d8b39beb7 18782 php optional php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_i386.deb a80be700942fa4eea15e332b27d0590a 5364 php optional php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_i386.deb a8b8440b6ee6bf6de2adf3913f37d64d 66136 php optional php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 992d5573ef23eeef7cfc592b8b6baf56 35100 php optional php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 7680ee54c2cc237cd33f7e4e46a15726 53874 php optional php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_i386.deb a6e7bebd094c79bcb875c1476cb6a314 9186 php optional php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 5bf11812e4891d033bf9bb3344dd5788 4956 php optional php5-recode_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 3ea4ba53622dd578c54f32988d4faad3 12074 php optional php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 0239a1a765959c896ad051080fa19027 34974 php optional php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 3a8714c0079e5f996ca658d5bf2c1a07 26684 php optional php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_i386.deb ec1794b54a3cc5e55d21359ebfd6ecc3 16600 php optional php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_i386.deb f555cc57a06d4438a36bf240ac00e11d 36534 php optional php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_i386.deb a915df3be4adeaa1db28cfa4f42f9859 12934 php optional php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_i386.deb 7dd2e352212cb18028ba3358e16bb115 543 raw-translations - php5_5.2.10.dfsg.1-2ubuntu6.9_i386_translations.tar.gz 55ef4c96e1c1e5d85fd3cec7cee3b259 1120 php optional php5_5.2.10.dfsg.1-2ubuntu6.9_all.deb cf94661e54ba2190ff5c0a58da7eb048 335336 php optional php-pear_5.2.10.dfsg.1-2ubuntu6.9_all.deb Original-Maintainer: Debian PHP Maintainers