Format: 1.8 Date: Wed, 08 Feb 2012 20:56:28 -0800 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-fpm php5-dev php5-dbg php-pear php5-curl php5-enchant php5-gd php5-gmp php5-intl php5-ldap php5-mysql php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: amd64 amd64_translations Version: 5.3.6-13ubuntu3.5 Distribution: oneiric Urgency: low Maintainer: Ubuntu/amd64 Build Daemon Changed-By: Steve Beattie Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-enchant - Enchant module for php5 php5-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary) php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-intl - internationalisation module for php5 php5-ldap - LDAP module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Launchpad-Bugs-Fixed: 910296 925772 Changes: php5 (5.3.6-13ubuntu3.5) oneiric-security; urgency=low . * SECURITY UPDATE: memory allocation failure denial of service - debian/patches/php5-CVE-2011-4153.patch: check result of zend_strdup() and calloc() for failed allocations - CVE-2011-4153 * SECURITY UPDATE: predictable hash collision denial of service (LP: #910296) - debian/patches/php5-CVE-2011-4885.patch: add max_input_vars directive with default limit of 1000 - ATTENTION: this update changes previous php5 behavior by limiting the number of external input variables to 1000. This may be increased by adding a "max_input_vars" directive to the php.ini configuration file. See http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars for more information. - CVE-2011-4885 * SECURITY UPDATE: remote code execution vulnerability introduced by the fix for CVE-2011-4885 (LP: #925772) - debian/patches/php5-CVE-2012-0830.patch: return rather than continuing if max_input_vars limit is reached - CVE-2012-0830 * SECURITY UPDATE: XSLT arbitrary file overwrite attack - debian/patches/php5-CVE-2012-0057.patch: add xsl.security_prefs ini option to define forbidden operations within XSLT stylesheets - CVE-2012-0057 * SECURITY UPDATE: PDORow session denial of service - debian/patches/php5-CVE-2012-0788.patch: fail gracefully when attempting to serialize PDORow instances - CVE-2012-0788 * SECURITY UPDATE: magic_quotes_gpc remote disable vulnerability - debian/patches/php5-CVE-2012-0831.patch: always restore magic_quote_gpc on request shutdown - CVE-2012-0831 Checksums-Sha1: badf4ababf68e0889a39a1ec1bf37b50ec1bb204 420942 php5-common_5.3.6-13ubuntu3.5_amd64.deb 4abcf1d2990ad8804dad2ac76647b643ddf8562b 3135550 libapache2-mod-php5_5.3.6-13ubuntu3.5_amd64.deb af1e2cd85a3ca9ab79bd87455a70319f74db6e9d 3134306 libapache2-mod-php5filter_5.3.6-13ubuntu3.5_amd64.deb 3f2c3a55505ff86d851e190ece00098ef1de73e5 6102528 php5-cgi_5.3.6-13ubuntu3.5_amd64.deb 47a0ade2ddbc87efd861ade667b0561e24a2f3d2 3050982 php5-cli_5.3.6-13ubuntu3.5_amd64.deb 9007618629c827ab6ef675df8aa288daf29deb8c 3081836 php5-fpm_5.3.6-13ubuntu3.5_amd64.deb f6e8bda6d4524177a37d839bcf052ce1e0be89d8 420054 php5-dev_5.3.6-13ubuntu3.5_amd64.deb 7bbe216fb934a7ff60d8d99b068a470c1473aa30 13226382 php5-dbg_5.3.6-13ubuntu3.5_amd64.deb db670df7b56548ecc9a9b8654d7c06cbe8758fd0 27040 php5-curl_5.3.6-13ubuntu3.5_amd64.deb c5a6ad630157d7266e4f031e3e075aa4026ae6e6 9074 php5-enchant_5.3.6-13ubuntu3.5_amd64.deb b73e4551b1a652a69bdc4ecd697399fc4f718194 38840 php5-gd_5.3.6-13ubuntu3.5_amd64.deb bac48ca44bfcc2e6fde320946d2331aed974843e 16426 php5-gmp_5.3.6-13ubuntu3.5_amd64.deb f04a5d75bc1a0169b8848b9f63c6b3c58578ee3f 60248 php5-intl_5.3.6-13ubuntu3.5_amd64.deb 31236882858cfa5d3156feb5c1087230a93cd9e3 19526 php5-ldap_5.3.6-13ubuntu3.5_amd64.deb 2ccd387d93519ac20cf88b547a4b06129912c067 75856 php5-mysql_5.3.6-13ubuntu3.5_amd64.deb 4135645562f5206b5623ac2ef2527cfcae608dcb 35756 php5-odbc_5.3.6-13ubuntu3.5_amd64.deb f59bc005f8f24d20e03c0b922400e2b4359e9b45 58814 php5-pgsql_5.3.6-13ubuntu3.5_amd64.deb 4d727ff0b8ce4631b585d175a2ac6ecfd2dcfd70 8320 php5-pspell_5.3.6-13ubuntu3.5_amd64.deb c0232d610d04b1282f36016b4fbbf2b1a3a47f7d 4322 php5-recode_5.3.6-13ubuntu3.5_amd64.deb af99c4be99321e043d32bffb464461f3f19a107a 11000 php5-snmp_5.3.6-13ubuntu3.5_amd64.deb 5997e0c600dd81e5a59a746886f00685aee1630b 27404 php5-sqlite_5.3.6-13ubuntu3.5_amd64.deb 72613949b2c875eed10b035e75fe4b6bdbaba313 26212 php5-sybase_5.3.6-13ubuntu3.5_amd64.deb 8045378893d0b58de28f32de45738c96e5433b50 18200 php5-tidy_5.3.6-13ubuntu3.5_amd64.deb 1192b9f2d9d1e4bd319a525bc04b7e3874663733 35114 php5-xmlrpc_5.3.6-13ubuntu3.5_amd64.deb de78675746d507b5eb4fd29f8cc6217c5012d523 14064 php5-xsl_5.3.6-13ubuntu3.5_amd64.deb 3e825488adfa0ef6b8e0a6d9c6e120f0fa12cd8b 816 php5_5.3.6-13ubuntu3.5_amd64_translations.tar.gz Checksums-Sha256: 5992cc4c805fcdf788d98c7f865eb85dfdd36452992985a97811106c63980f43 420942 php5-common_5.3.6-13ubuntu3.5_amd64.deb 54792d924ef3df2ff975e6593d8a47d172cef5fb091f0bce09c527022ac90d32 3135550 libapache2-mod-php5_5.3.6-13ubuntu3.5_amd64.deb d1404c0bc09296b5ed359f2f0f8e28dbb5e3b070c2c9d101c84b4c68a1716427 3134306 libapache2-mod-php5filter_5.3.6-13ubuntu3.5_amd64.deb fa964f2ff98e9c6b561c4b07b1f0de7e780049c5179f92841f787044ec86abb5 6102528 php5-cgi_5.3.6-13ubuntu3.5_amd64.deb a0ad1a6d126665aef8d38eb0d5ac747279ac4068c28a95ce1dfff2de669101b4 3050982 php5-cli_5.3.6-13ubuntu3.5_amd64.deb 6ff8b4082ae1234d7942ce3ebea26c845e95edeef1a2e43542c09050b179778b 3081836 php5-fpm_5.3.6-13ubuntu3.5_amd64.deb 7b0dacc74876d2f7782ef9f3070314ed3e2d472624370290f06e512acd0c27cb 420054 php5-dev_5.3.6-13ubuntu3.5_amd64.deb 90a3260f8a568169982e5955aae4b090d7f10d4cb1bea189cfdf39ef2912386f 13226382 php5-dbg_5.3.6-13ubuntu3.5_amd64.deb b75ef002ba72d43c1ec1e44daed3922b7901bd3c2e156c0f01f7b7dee8ea5f54 27040 php5-curl_5.3.6-13ubuntu3.5_amd64.deb 2a8dcf2b12cfb80e3f7d00660128545e4f5ef76e6b887c827ca6c67c72cac030 9074 php5-enchant_5.3.6-13ubuntu3.5_amd64.deb 4a51964e3122fd92e307635d62adf5b34d38e9bdc1c7ab9361b5d80e40aec0b5 38840 php5-gd_5.3.6-13ubuntu3.5_amd64.deb 7251603f134428843d4e1eb58f4a82e777cfc45b580850b140b7ff0e6f685c0e 16426 php5-gmp_5.3.6-13ubuntu3.5_amd64.deb 93c74d8dc9cd24c902a80e8a284ec527644f56103b3f1a0bfd87c004b310308f 60248 php5-intl_5.3.6-13ubuntu3.5_amd64.deb 365bc43107dd27292cd86d79de0e6a9ca96af642f06ba9f9886774349df87637 19526 php5-ldap_5.3.6-13ubuntu3.5_amd64.deb ecf9b75424c6759031b58f5ef5dfe3f2780e3ed35de87546a43b8e4386fb3ef2 75856 php5-mysql_5.3.6-13ubuntu3.5_amd64.deb aa1edb568f3f6b16ed996453d043e5df4400e86c094ae1f8bbdf96c146fbf3f6 35756 php5-odbc_5.3.6-13ubuntu3.5_amd64.deb f165639ab6a80c8fb07a25628746648339bbe41898238741bfdecab8cf891375 58814 php5-pgsql_5.3.6-13ubuntu3.5_amd64.deb ecda66e464da465fa75d530368b91c063b004944d6b7c3115a731e1abf960d3a 8320 php5-pspell_5.3.6-13ubuntu3.5_amd64.deb 69e2d68b570bcface644632c416626a8448f5978a4844b1b5c159a7aad232696 4322 php5-recode_5.3.6-13ubuntu3.5_amd64.deb d7d10c14c7664442186d573aa2252057ff0f146c423e49c706367044850d3a79 11000 php5-snmp_5.3.6-13ubuntu3.5_amd64.deb 3d67970f3637c567d9369baaf5f9d9f4cb241f3f343662803eb0388b600031ad 27404 php5-sqlite_5.3.6-13ubuntu3.5_amd64.deb ff73b48dcb227dfc0e347b03112de6e7fba4a59b856f844a512553a4b53a4dd9 26212 php5-sybase_5.3.6-13ubuntu3.5_amd64.deb 08f195c53fd5ea02bc835ce7e53f978e9d888c9d5fb98b95f4fa4a21a4dfdaa8 18200 php5-tidy_5.3.6-13ubuntu3.5_amd64.deb cae1a53827164157545a7a5bfc464ffcd82249f1de25148d016c60385a0dc169 35114 php5-xmlrpc_5.3.6-13ubuntu3.5_amd64.deb 4275c765a6e0a52959b8e7bc663638337c7291fcf56441498fd56dedc6da9481 14064 php5-xsl_5.3.6-13ubuntu3.5_amd64.deb 7fc3610d2d6e9f38ca5e0b87b34638bad5be0fb8b81b975d0d392bda37a51f93 816 php5_5.3.6-13ubuntu3.5_amd64_translations.tar.gz Files: 961f9294f60bf2b11250281f4bfc4841 420942 php optional php5-common_5.3.6-13ubuntu3.5_amd64.deb eea44f112a5192eefcadfe393d725d84 3135550 httpd optional libapache2-mod-php5_5.3.6-13ubuntu3.5_amd64.deb 8e1cf155bcedea6496b2f76ca934e205 3134306 httpd extra libapache2-mod-php5filter_5.3.6-13ubuntu3.5_amd64.deb c63e7dd557a14facb71c05c5a9882b8d 6102528 php optional php5-cgi_5.3.6-13ubuntu3.5_amd64.deb f4d57c9dc3ab8465a91eb14f09e1c716 3050982 php optional php5-cli_5.3.6-13ubuntu3.5_amd64.deb 785ed72569f0ea160bf095e0702620cc 3081836 php optional php5-fpm_5.3.6-13ubuntu3.5_amd64.deb 1007ed0363de31ef5ac54cfb356509dc 420054 php optional php5-dev_5.3.6-13ubuntu3.5_amd64.deb 78fdc8a5725ee4eea6926f8112083b8c 13226382 debug extra php5-dbg_5.3.6-13ubuntu3.5_amd64.deb 55680f08ed6b568a14d4f1521dec6e77 27040 php optional php5-curl_5.3.6-13ubuntu3.5_amd64.deb 32bd8940834f2b4199fe1bbb3f89bba5 9074 php optional php5-enchant_5.3.6-13ubuntu3.5_amd64.deb 37eb782d208a0beadeb4a2993f68be4d 38840 php optional php5-gd_5.3.6-13ubuntu3.5_amd64.deb 933a5b1c0e7013815f048ea92985e6dc 16426 php optional php5-gmp_5.3.6-13ubuntu3.5_amd64.deb ab354fce1958d246361477105e10ecdb 60248 php optional php5-intl_5.3.6-13ubuntu3.5_amd64.deb 551efac4a533bc7872abd0832011b2a7 19526 php optional php5-ldap_5.3.6-13ubuntu3.5_amd64.deb f52a15020606a4a7a933e02505529253 75856 php optional php5-mysql_5.3.6-13ubuntu3.5_amd64.deb 11961cc4030abc37c16528de69669dc2 35756 php optional php5-odbc_5.3.6-13ubuntu3.5_amd64.deb 74aa2b539b976f0d70704b0f71892eaf 58814 php optional php5-pgsql_5.3.6-13ubuntu3.5_amd64.deb 1a848d6abda0ba54037e0ae623c86f4d 8320 php optional php5-pspell_5.3.6-13ubuntu3.5_amd64.deb 6d692537d146881820b13834b6297255 4322 php optional php5-recode_5.3.6-13ubuntu3.5_amd64.deb e2549b52bcf4c02c98202ccff9801489 11000 php optional php5-snmp_5.3.6-13ubuntu3.5_amd64.deb d80919ddc20608408278a5b96f7be517 27404 php optional php5-sqlite_5.3.6-13ubuntu3.5_amd64.deb 60faf4e1250820096bc703175f0f2646 26212 php optional php5-sybase_5.3.6-13ubuntu3.5_amd64.deb 6eee2fb421e54b50cded43732b63a95f 18200 php optional php5-tidy_5.3.6-13ubuntu3.5_amd64.deb be8837a788b4b00b2989b8da81fbf61e 35114 php optional php5-xmlrpc_5.3.6-13ubuntu3.5_amd64.deb 9cbd41a69a25a6ff5891b33961427550 14064 php optional php5-xsl_5.3.6-13ubuntu3.5_amd64.deb 6f224bac76367772d4acc49b60d112fc 816 raw-translations - php5_5.3.6-13ubuntu3.5_amd64_translations.tar.gz Original-Maintainer: Debian PHP Maintainers