Format: 1.8 Date: Thu, 28 Apr 2011 05:37:29 -0700 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-dev php5-dbg php-pear php5-curl php5-gd php5-gmp php5-ldap php5-mhash php5-mysql php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: lpia lpia_translations Version: 5.2.10.dfsg.1-2ubuntu6.9 Distribution: karmic Urgency: low Maintainer: Ubuntu/i386 Build Daemon Changed-By: Steve Beattie Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-ldap - LDAP module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Changes: php5 (5.2.10.dfsg.1-2ubuntu6.9) karmic-security; urgency=low . * SECURITY UPDATE: arbitrary files removal via cronjob - debian/php5-common.php5.cron.d: take greater care when removing session files. - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09 - CVE-2011-0441 * SECURITY UPDATE: symlink tmp races in pear install - debian/patches/php5-pear-CVE-2011-1072.patch: improved tempfile handling. - debian/rules: apply patch manually after unpacking PEAR phar archive. - CVE-2011-1072 * SECURITY UPDATE: more symlink races in pear install - debian/patches/php5-pear-CVE-2011-1144.patch: add TOCTOU save file handler. - debian/rules: apply patch manually after unpacking PEAR phar archive. - CVE-2011-1144 * SECURITY UPDATE: use-after-free vulnerability - debian/patches/php5-CVE-2010-4697.patch: retain reference to object until getter/setter are done. - CVE-2010-4697 * SECURITY UPDATE: denial of service through application crash with invalid images - debian/patches/php5-CVE-2010-4698.patch: verify anti-aliasing steps are either 4 or 16. - CVE-2010-4698 * SECURITY UPDATE: denial of service through application crash - debian/patches/php5-CVE-2011-0421.patch: fail operation gracefully when handling zero sized zipfile with the FL_UNCHANGED argument - CVE-2011-0421 * SECURITY UPDATE: denial of service through application crash when handling images with invalid exif tags - debian/patches/php5-CVE-2011-0708.patch: stricter exif checking - CVE-2011-0708 * SECURITY UPDATE: denial of service and possible data disclosure through integer overflow - debian/patches/php5-CVE-2011-1092.patch: better boundary condition checks in shmop_read() - CVE-2011-1092 * SECURITY UPDATE: use-after-free vulnerability - debian/patches/php5-CVE-2011-1148.patch: improve reference counting - CVE-2011-1148 * SECURITY UPDATE: denial of service through buffer overflow crash (code execution mitigated by compilation with Fortify Source) - debian/patches/php5-CVE-2011-1464.patch: limit amount of precision to ensure fitting within MAX_BUF_SIZE - CVE-2011-1464 * SECURITY UPDATE: denial of service through application crash via integer overflow. - debian/patches/php5-CVE-2011-1466.patch: improve boundary condition checking in SdnToJulian() - CVE-2011-1466 * SECURITY UPDATE: denial of service through application crash when using HTTP proxy with the FTP wrapper - debian/patches/php5-CVE-2011-1469.patch: improve pointer handling - CVE-2011-1469 * SECURITY UPDATE: denial of service through application crash when handling ziparchive streams - debian/patches/php5-CVE-2011-1470.patch: set necessary elements of the meta data structure - CVE-2011-1470 * SECURITY UPDATE: denial of service through application crash when handling malformed zip files - debian/patches/php5-CVE-2011-1471.patch: correct integer signedness error when handling zip_fread() return value. - CVE-2011-1471 Checksums-Sha1: 687b1db5ae95c1f4e7e7c550e60b6cc9fdbda8c5 425852 php5-common_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 1f12ab8dcbb14a3d7e05021f84348b49d3fef6c8 2493150 libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 3456bdb4ad165dc45eb03ac5d613c197964e6045 2492050 libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 7a7b40758f1a98ed5b1664dadef44c78fc872922 4957620 php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 8f8e6914737c8d93ba328d161fc46fd468ba4f3d 2499162 php5-cli_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 8764f89a67fda510886cdc8a2840b5f5b01bf8cb 367266 php5-dev_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb e2f02d7de051ff10ee1a790dbeda96d30fd6349a 8612482 php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 48f9f391e36fc653d7bae21f36f5391dcca00853 23638 php5-curl_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb f8d8f48e8c92532c26e9bd913ab6a708a8d3bcd9 32726 php5-gd_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 024bc8ee3cc937ffca32ba692983034b6d848269 14150 php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 900145922d44f7fc3fea041342f3ddef8fcaef9d 18594 php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 516d6c9f179e7ff0f7d8894918ea5cfe33e9637e 5252 php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 62c7b041840082c6a25e6ae79bafbd6a97ed594d 64878 php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb e36b2a34cdcee4392273288d19fe3ca25f6d5772 35472 php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 5ce9b52835aee269aa57513836db5583ffe8fb2f 53530 php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 69d3c4984a82c72bc71c07a8cdb79a9f28435fec 9090 php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb a26a0d23578b95e2432439f418d9c85c3d0d77cf 4894 php5-recode_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb c58810c61576e0d5e32f04d24b7484e0c127b820 11942 php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 9cadef1f395850e272da6f8c42665e7ddd169350 34616 php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 3f102e80403adfe2128576a9f21d93ebb7e47b76 26598 php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 60d125e812d612b8767d4b20b3ba36a21ab2a191 16704 php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 3fd9035a53f6169f5d2d24fa0180a1642a849890 36258 php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 60782aa865913763831089d63970233ab0ec0aa0 12910 php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 6897c93a8044af073e4912f2c50f4ebc0fc3d85b 541 php5_5.2.10.dfsg.1-2ubuntu6.9_lpia_translations.tar.gz Checksums-Sha256: 16602b0b23dc07e92d34447ad678e99ebba874a6cea46c27cf6b0678592bbe6d 425852 php5-common_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 06de744d43a179e9825622a7b0e65a04d7be3f58856469ada9967d1e80840278 2493150 libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 8b254d0fc5d01d48a0e2fb09992bf11ece84c6bff66c6231d89dea80e2781c85 2492050 libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb e7ac4a30ea9a9178c63a7c41f4f02415b10b6a82eaa6d49dc105732a54e3d47e 4957620 php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb b79d45918ecb402fcc08b0d7ea299bfa12f4ff273a455c95fdd526b94f705a4b 2499162 php5-cli_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 79c3641766f04d6c91f1db0896f0218b4257c1d3e49e28a580ea664dad012e03 367266 php5-dev_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb dec727bfdd09cc4c17a72942c2edd83419f1dc598e12511ac6b0661a22c12a6d 8612482 php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 67807df7f228a0845fb8b8d325baefad6b37e0c65c265da02f934f969bd6ee98 23638 php5-curl_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 87cf4caa868272b902e23cb0a23f5f20b88c98715bb3557b5c832557e35ea032 32726 php5-gd_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 9d7aa85f4defd625ec726154b45d06d42b8934d71f5274fe6708d485d297dc39 14150 php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 79a90472a4352ff45ebbff7c7ca69facfbe41b9767c530b0abfd5200017ff482 18594 php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 4e24d2672c0bfdb93631d10686369039b9157db237c146a285f15fd89dba7f21 5252 php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 51db669e9e981a355119c38a3b20248c441361ba9b2931a997273a7fa27761ea 64878 php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 3b554d31171d709480219d9d30c67fab63fe5e65e0e5014f17c73537a2d92920 35472 php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 9422f55c69df9261b2c729ddd35aab5c9a3ec424cff7e674d9a2e5227a059bd7 53530 php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 43973aa43f0a2b2ffd1d9534c17bb5388823ec6ab7937893b4c3bd63c57bef0b 9090 php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 08b5c1e1ecf72f89c026962aa40d83ea34390d0f185874d978d57e4d7d3133b4 4894 php5-recode_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 4bb4e08183c0d21f4cfeab99e7f20a0753a41481b52def212a33b0b892543a4c 11942 php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 1069f36a9e3e34767727f59415168191d3aea9a02e13fe954c177637d2fe8c5a 34616 php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb c69163a91b60af8f0355bfea483cf40a72db6ed118de54921070cc8f1ca89902 26598 php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 5ab99d6dcee9c6da72b542a0087155b3e89992faf6f526d1363322441b829839 16704 php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 5b0903c1b3ba54f2712b15b5f611ef607a3f0813e6b93f90855938df64d20fcb 36258 php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 1854b4a2419a27a21b11216d9875e6c386f7c67661cb48125ffb53f55cbd62be 12910 php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 3de562806ef605c527351f8a577d04a3b589a70f594ebb22084081484ae4e381 541 php5_5.2.10.dfsg.1-2ubuntu6.9_lpia_translations.tar.gz Files: 272ad0de9024cf97edbeb3f620b30261 425852 php optional php5-common_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb ffc82d496a09e23408b6efceb0301bc5 2493150 httpd optional libapache2-mod-php5_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb c9cb605edf23bbd2629b24fbfbbc4b6e 2492050 httpd optional libapache2-mod-php5filter_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 55f2fdb9f630cd915f45b1d9f17c410e 4957620 php optional php5-cgi_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 92524e346228855dd76fa89eb9516a42 2499162 php optional php5-cli_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 488b189b81925fbf10b7d9bb2db22ee1 367266 php optional php5-dev_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 78a37f2ce723abafc4c36b4a68c70cc6 8612482 debug extra php5-dbg_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 3c77c281647d41c6b97d5fb682117c52 23638 php optional php5-curl_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 00298fdb9273a2a4af3173bf063aba74 32726 php optional php5-gd_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb adbafab2115247d22a26aa20d4209c3f 14150 php optional php5-gmp_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 8bd6334ce834ef6fcd8059e6e1d4ce38 18594 php optional php5-ldap_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 234153522140264e7df73d0c64cc3e9b 5252 php optional php5-mhash_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 39b4780f0f938abf393af94a6f031eae 64878 php optional php5-mysql_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb b1503c43036b403ce6595f1e83f16853 35472 php optional php5-odbc_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 77e89c29124e643f34be3b8d5860aaba 53530 php optional php5-pgsql_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 5b1e028e5a8a1a0de71cff1ab8cb1a99 9090 php optional php5-pspell_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 3f3d29dc3af382fda1f8ea16a22c3adf 4894 php optional php5-recode_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 592c8c607e06afebdcdcf3fc80158373 11942 php optional php5-snmp_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 15a12e59f11de579833df1de9a5c1152 34616 php optional php5-sqlite_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 87a7398fc0e1ed7dcaffeb56866309f6 26598 php optional php5-sybase_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 2ae2050cd0859b9246eb1b109377cf37 16704 php optional php5-tidy_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 85b00da249cfd6e13f4355cd6a1d6ca1 36258 php optional php5-xmlrpc_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 5bcc749081692e300518b812a956d490 12910 php optional php5-xsl_5.2.10.dfsg.1-2ubuntu6.9_lpia.deb 66f329039c0cbcb43952ed15c7c6c5e0 541 raw-translations - php5_5.2.10.dfsg.1-2ubuntu6.9_lpia_translations.tar.gz Original-Maintainer: Debian PHP Maintainers