php5 5.1.6-1ubuntu2.2 source package in Ubuntu
Changelog
php5 (5.1.6-1ubuntu2.2) edgy-security; urgency=low * SECURITY UPDATE: Remote code execution. * Add debian/patches/CVE-2007-0906_imap.patch: - Buffer overflows in the imap extension. - http://cvs.php.net/viewvc.cgi/php-src/ext/imap/php_imap.c?r1=1.208.2.7.2.11&r2=1.208.2.7.2.12 - http://cvs.php.net/viewvc.cgi/php-src/ext/imap/php_imap.c?r1=1.208.2.7.2.15&r2=1.208.2.7.2.16 * Add debian/patches/CVE-2007-0906_session.patch: - Buffer overflow in the session extension. - http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.22&r2=1.417.2.8.2.23 * Add debian/patches/CVE-2007-0906_streams.patch: - Buffer overflows in the stream filters functions. - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/streamsfuncs.c?r1=1.58.2.6.2.12&r2=1.58.2.6.2.13 - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/streamsfuncs.c?r1=1.98&r2=1.99 * Add debian/patches/CVE-2007-0906_string.patch: - Buffer overflow in the string extension. - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.629&r2=1.631 * Add debian/patches/CVE-2007-0907.patch: - Buffer underflow in sapi_header_op() that can be exploited to crash the PHP interpreter. - http://cvs.php.net/viewvc.cgi/php-src/main/SAPI.c?r1=1.202.2.7.2.3&r2=1.202.2.7.2.4 * Add debian/patches/CVE-2007-0908.patch: - Fix forgotten initialization of key_length and buffer overflow in the wddx extension that could be exploited to reveal memory that is not supposed to be accessible (potential information disclosure). - http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.119.2.10.2.8&r2=1.119.2.10.2.10 * Add debian/patches/CVE-2007-0909_print.patch: - Fix format string vulnerability on 64 bit systems in the *print() functions. - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/formatted_print.c?r1=1.82.2.1.2.11&r2=1.82.2.1.2.12 * Add debian/patches/CVE-2007-0909_odbc.patch: - Fix format string vulnerability on 64 bit systems in odbc_result_all(). - http://cvs.php.net/viewvc.cgi/php-src/ext/odbc/php_odbc.c?r1=1.189.2.4.2.1&r2=1.189.2.4.2.2 - http://cvs.php.net/viewvc.cgi/php-src/ext/odbc/php_odbc.c?r1=1.189.2.4.2.3&r2=1.189.2.4.2.4 * Add debian/patches/CVE-2007-0910.patch: - Fix clobbering of superglobal variables during session variable unserialization. - http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.458&r2=1.459 - http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.24&r2=1.417.2.8.2.26 - http://cvs.php.net/viewvc.cgi/php-src/main/php_variables.c?r1=1.104.2.10.2.3&r2=1.104.2.10.2.4 * Add debian/patches/CVE-2007-0988.patch: - Fix infinite loop in zend_hash_init() when unserializing untrusted data on 64 bit systems. - http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_hash.c?r1=1.121.2.4.2.5&r2=1.121.2.4.2.6 -- Martin Pitt <email address hidden> Wed, 21 Feb 2007 09:22:55 +0100
Upload details
- Uploaded by:
- Martin Pitt
- Uploaded to:
- Edgy
- Original maintainer:
- Debian PHP Maintainers
- Architectures:
- any
- Section:
- web
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
php5_5.1.6.orig.tar.gz | 7.8 MiB | 5c7963ff5915c15b10ab9cfab48976c55fa45955161519a61bc885ef89a335a5 |
php5_5.1.6-1ubuntu2.2.diff.gz | 104.4 KiB | 028f00d0d4d2b107a6101a29bb1270a4c7ca86229a5c4dea2b41132c3f88b78c |
php5_5.1.6-1ubuntu2.2.dsc | 1.7 KiB | 96bd600d5efd61a3add0682e16e1854c2433420d75b8dfd6880a0d1404ee32dd |
Binary packages built by this source
- libapache2-mod-php5: No summary available for libapache2-mod-php5 in ubuntu edgy.
No description available for libapache2-mod-php5 in ubuntu edgy.
- php-pear: No summary available for php-pear in ubuntu edgy.
No description available for php-pear in ubuntu edgy.
- php5: No summary available for php5 in ubuntu edgy.
No description available for php5 in ubuntu edgy.
- php5-cgi: No summary available for php5-cgi in ubuntu edgy.
No description available for php5-cgi in ubuntu edgy.
- php5-cli: No summary available for php5-cli in ubuntu edgy.
No description available for php5-cli in ubuntu edgy.
- php5-common: No summary available for php5-common in ubuntu edgy.
No description available for php5-common in ubuntu edgy.
- php5-curl: No summary available for php5-curl in ubuntu edgy.
No description available for php5-curl in ubuntu edgy.
- php5-dev: No summary available for php5-dev in ubuntu edgy.
No description available for php5-dev in ubuntu edgy.
- php5-gd: No summary available for php5-gd in ubuntu edgy.
No description available for php5-gd in ubuntu edgy.
- php5-ldap: No summary available for php5-ldap in ubuntu edgy.
No description available for php5-ldap in ubuntu edgy.
- php5-mhash: No summary available for php5-mhash in ubuntu edgy.
No description available for php5-mhash in ubuntu edgy.
- php5-mysql: No summary available for php5-mysql in ubuntu edgy.
No description available for php5-mysql in ubuntu edgy.
- php5-mysqli: No summary available for php5-mysqli in ubuntu edgy.
No description available for php5-mysqli in ubuntu edgy.
- php5-odbc: No summary available for php5-odbc in ubuntu edgy.
No description available for php5-odbc in ubuntu edgy.
- php5-pgsql: No summary available for php5-pgsql in ubuntu edgy.
No description available for php5-pgsql in ubuntu edgy.
- php5-recode: No summary available for php5-recode in ubuntu edgy.
No description available for php5-recode in ubuntu edgy.
- php5-snmp: No summary available for php5-snmp in ubuntu edgy.
No description available for php5-snmp in ubuntu edgy.
- php5-sqlite: No summary available for php5-sqlite in ubuntu edgy.
No description available for php5-sqlite in ubuntu edgy.
- php5-sybase: No summary available for php5-sybase in ubuntu edgy.
No description available for php5-sybase in ubuntu edgy.
- php5-xmlrpc: No summary available for php5-xmlrpc in ubuntu edgy.
No description available for php5-xmlrpc in ubuntu edgy.
- php5-xsl: No summary available for php5-xsl in ubuntu edgy.
No description available for php5-xsl in ubuntu edgy.