Debian Bug report logs - #479723
php 5.2.6 Security Fixes

version graph

Package: php5; Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>; Source for php5 is src:php5.

Reported by: Moritz Naumann <bugs.debian.org@moritz-naumann.com>

Date: Tue, 6 May 2008 10:18:02 UTC

Severity: normal

Tags: etch, fixed-upstream, lenny, security, upstream

Found in version php5/5.2.0-8+etch10

Fixed in version 5.2.0-8+etch11

Done: sean finney <seanius@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#479723; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Moritz Naumann <bugs.debian.org@moritz-naumann.com>:
New Bug report received and forwarded. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Moritz Naumann <bugs.debian.org@moritz-naumann.com>
To: submit@bugs.debian.org
Cc: secure-testing-team@lists.alioth.debian.org, debian-security-tracker@lists.debian.org, team@security.debian.org
Subject: php 5.2.6 Security Fixes
Date: Tue, 06 May 2008 10:16:25 +0000
Package: php5
Version: 5.2.0-8+etch10
Tags: security, upstream, fixed-upstream, etch, lenny

http://www.php.net/ChangeLog-5.php lists several security fixes which are
included in upstream PHP 5.2.6:

    * Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei
Nigmatulin)
      --> CVE-2008-2050 (acc. to
http://marc.info/?l=oss-security&m=120974347717937)
      --> not tracked by Debian yet
    * Properly address incomplete multibyte chars inside escapeshellcmd()
(Ilia, Stefan Esser)
      --> CVE-2008-2051 (acc. to
http://marc.info/?l=oss-security&m=120974347717937)
      --> not tracked yet
    * Fixed security issue detailed in CVE-2008-0599. (Rasmus)
      --> CVE-2008-0599 (acc. to http://www.php.net/ChangeLog-5.php)
      --> already tracked at
http://security-tracker.debian.net/tracker/CVE-2008-0599
    * Fixed a safe_mode bypass in cURL identified by Maksymilian
Arciemowicz. (Ilia)
      --> CVE-2007-4850 (acc. to
http://securityreason.com/achievement_securityalert/51)
      --> already tracked at
http://security-tracker.debian.net/tracker/CVE-2007-4850
      --> missing source package reference at
http://security-tracker.debian.net/tracker/source-package/php5
    * Upgraded PCRE to version 7.6 (Nuno)
      --> CVE-2008-0674 (best match, no reference found)
      --> not tracked yet
      --> possibly missing reference at
http://security-tracker.debian.net/tracker/CVE-2008-0674
          (but should really be tracked seperately)
      --> local code execution through buffer overflow


CC to team@security.debian.org: contains info on security issues not fixed
in Debian Stable
CC to secure-testing-team: contains info on security issues not fixed in
Debian Testing
CC to debian-security-tracker: contains info on missing cross references on
security-tracker.d~.n~





Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#479723; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Thijs Kinkhorst <thijs@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #10 received at 479723@bugs.debian.org (full text, mbox):

From: Thijs Kinkhorst <thijs@debian.org>
To: Moritz Naumann <bugs.debian.org@moritz-naumann.com>, 479723@bugs.debian.org
Cc: team@security.debian.org, debian-security-tracker@lists.debian.org
Subject: Re: [php-maint] Bug#479723: php 5.2.6 Security Fixes
Date: Tue, 6 May 2008 12:37:42 +0200
[Message part 1 (text/plain, inline)]
Hi Moritz,

On Tuesday 6 May 2008 12:16, Moritz Naumann wrote:
> http://www.php.net/ChangeLog-5.php lists several security fixes which are
> included in upstream PHP 5.2.6:

Thanks for your help in matching the changelog issues to CVE names, I've put 
your suggestions into the tracker.

>     * Fixed a safe_mode bypass in cURL identified by Maksymilian
> Arciemowicz. (Ilia)
>       --> CVE-2007-4850 (acc. to
> http://securityreason.com/achievement_securityalert/51)
>       --> already tracked at
> http://security-tracker.debian.net/tracker/CVE-2007-4850
>       --> missing source package reference at
> http://security-tracker.debian.net/tracker/source-package/php5

It is not really missing, we track the issue but it's marked as a non-issue 
(we treat safe mode bypasses as non-issues) and thus not shown in that 
overview.

>     * Upgraded PCRE to version 7.6 (Nuno)
>       --> CVE-2008-0674 (best match, no reference found)
>       --> not tracked yet
>       --> possibly missing reference at
> http://security-tracker.debian.net/tracker/CVE-2008-0674
>           (but should really be tracked seperately)
>       --> local code execution through buffer overflow

The php5 package in Debian uses the system copy of PCRE, so this isn't an open 
issue. I've updated the tracker to add this information to that CVE.


cheers,
Thijs
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#479723; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Kees Cook <kees@outflux.net>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #15 received at 479723@bugs.debian.org (full text, mbox):

From: Kees Cook <kees@outflux.net>
To: Moritz Naumann <bugs.debian.org@moritz-naumann.com>
Cc: team@security.debian.org, secure-testing-team@lists.alioth.debian.org, debian-security-tracker@lists.debian.org, Dustin Kirkland <kirkland@canonical.com>, 479723@bugs.debian.org
Subject: Re: [Secure-testing-team] php 5.2.6 Security Fixes
Date: Wed, 7 May 2008 14:52:41 -0700
Hi,

Dustin Kirkland from the Ubuntu Server Team tracked down commits that
map to these issues.

On Tue, May 06, 2008 at 10:16:25AM +0000, Moritz Naumann wrote:
>     * Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei
> Nigmatulin)
>       --> CVE-2008-2050 (acc. to
> http://marc.info/?l=oss-security&m=120974347717937)
>       --> not tracked by Debian yet

http://marc.info/?l=php-cvs&m=120721829703242&w=2

>     * Properly address incomplete multibyte chars inside escapeshellcmd()
> (Ilia, Stefan Esser)
>       --> CVE-2008-2051 (acc. to
> http://marc.info/?l=oss-security&m=120974347717937)
>       --> not tracked yet

http://marc.info/?l=php-cvs&m=120579496007399&w=2

>     * Fixed security issue detailed in CVE-2008-0599. (Rasmus)
>       --> CVE-2008-0599 (acc. to http://www.php.net/ChangeLog-5.php)
>       --> already tracked at
> http://security-tracker.debian.net/tracker/CVE-2008-0599

http://marc.info/?l=php-cvs&m=120415902925033&w=2

>     * Fixed a safe_mode bypass in cURL identified by Maksymilian
> Arciemowicz. (Ilia)
>       --> CVE-2007-4850 (acc. to
> http://securityreason.com/achievement_securityalert/51)
>       --> already tracked at
> http://security-tracker.debian.net/tracker/CVE-2007-4850
>       --> missing source package reference at
> http://security-tracker.debian.net/tracker/source-package/php5

http://marc.info/?l=php-cvs&m=119963956428826&w=2

>     * Upgraded PCRE to version 7.6 (Nuno)
>       --> CVE-2008-0674 (best match, no reference found)
>       --> not tracked yet
>       --> possibly missing reference at
> http://security-tracker.debian.net/tracker/CVE-2008-0674
>           (but should really be tracked seperately)
>       --> local code execution through buffer overflow

http://marc.info/?l=php-cvs&m=120163838831816&w=2

php links against the system pcre, though, correct?  So I think this can
be ignored?  Ah, yes, Thijs confirmed this in the bug report.

On Tue, May 06, 2008 at 04:47:32PM +0200, Moritz Muehlenhoff wrote:
> > http://www.php.net/ChangeLog-5.php lists several security fixes which are
> > included in upstream PHP 5.2.6:
> 
> Thanks, there are two more, which I found and which I just commited to
> the tracker:
> 
> +CVE-2008-XXXX [php integer overflow in printf]
> +       - php5 <unfixed>
> +       NOTE: http://www.php.net/ChangeLog-5.php
> +       NOTE: Needs further details or digging in SVN

http://marc.info/?l=php-cvs&m=120579485607237&w=2

> +CVE-2008-XXXX [php suboptimal seeding]
> +       - php5 <unfixed> (low)
> +       - php4 <unfixed> (low)
> +       NOTE: http://www.sektioneins.de/advisories/SE-2008-02.txt
> +       NOTE: I don't believe we need to address this, likely no-dsa, but needs further checking

http://marc.info/?l=php-cvs&m=117601921106002&w=2
"However, the last one is from Sun Apr  8 08:04:31 2007 UTC, which seems
like ages ago.  We might already have that one?"


-- 
Kees Cook                                            @outflux.net




Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#479723; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #20 received at 479723@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: pkg-php-maint@lists.alioth.debian.org, Kees Cook <kees@outflux.net>, 479723@bugs.debian.org
Cc: Moritz Naumann <bugs.debian.org@moritz-naumann.com>, secure-testing-team@lists.alioth.debian.org, Dustin Kirkland <kirkland@canonical.com>, team@security.debian.org, debian-security-tracker@lists.debian.org
Subject: Re: [php-maint] Bug#479723: [Secure-testing-team] php 5.2.6 Security Fixes
Date: Thu, 8 May 2008 07:36:52 +0200
[Message part 1 (text/plain, inline)]
hi everyone,

On Wednesday 07 May 2008 11:52:41 pm Kees Cook wrote:
> Dustin Kirkland from the Ubuntu Server Team tracked down commits that
> map to these issues.

and earlier the following url's were forwarded to me by nico:

http://www.openwall.com/lists/oss-security/2008/05/02/2
http://www.openwall.com/lists/oss-security/2008/05/02/3

which can be used as a second reference (assuming dustin didn't also use 
those).

anyway, i'll look at this tonight and see how much progress i can make.


	sean
[signature.asc (application/pgp-signature, inline)]

Tags added: pending Request was from Sean Finney <seanius@alioth.debian.org> to control@bugs.debian.org. (Thu, 08 May 2008 20:09:04 GMT) Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#479723; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #27 received at 479723@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: pkg-php-maint@lists.alioth.debian.org, Kees Cook <kees@outflux.net>, 479723@bugs.debian.org
Cc: Moritz Naumann <bugs.debian.org@moritz-naumann.com>, secure-testing-team@lists.alioth.debian.org, Dustin Kirkland <kirkland@canonical.com>, team@security.debian.org, debian-security-tracker@lists.debian.org
Subject: Re: [php-maint] Bug#479723: [Secure-testing-team] php 5.2.6 Security Fixes
Date: Thu, 8 May 2008 22:31:13 +0200
[Message part 1 (text/plain, inline)]
hi everyone (again)

sat down and spent some time looking at these:

On Wednesday 07 May 2008 11:52:41 pm Kees Cook wrote:
> On Tue, May 06, 2008 at 10:16:25AM +0000, Moritz Naumann wrote:
> >     * Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei
> > Nigmatulin)
> >       --> CVE-2008-2050 (acc. to
> > http://marc.info/?l=oss-security&m=120974347717937)
> >       --> not tracked by Debian yet
>
> http://marc.info/?l=php-cvs&m=120721829703242&w=2

this patch matches the one i referenced earlier

> >     * Properly address incomplete multibyte chars inside escapeshellcmd()
> > (Ilia, Stefan Esser)
> >       --> CVE-2008-2051 (acc. to
> > http://marc.info/?l=oss-security&m=120974347717937)
> >       --> not tracked yet
>
> http://marc.info/?l=php-cvs&m=120579496007399&w=2

likewise
	
>
> >     * Fixed security issue detailed in CVE-2008-0599. (Rasmus)
> >       --> CVE-2008-0599 (acc. to http://www.php.net/ChangeLog-5.php)
> >       --> already tracked at
> > http://security-tracker.debian.net/tracker/CVE-2008-0599

this looks like a coding error introduced >> 5.2.0, thus no fix needed afaict.

> http://marc.info/?l=php-cvs&m=120415902925033&w=2
>
> >     * Fixed a safe_mode bypass in cURL identified by Maksymilian
> > Arciemowicz. (Ilia)
> >       --> CVE-2007-4850 (acc. to
> > http://securityreason.com/achievement_securityalert/51)
> >       --> already tracked at
> > http://security-tracker.debian.net/tracker/CVE-2007-4850
> >       --> missing source package reference at
> > http://security-tracker.debian.net/tracker/source-package/php5
>
> http://marc.info/?l=php-cvs&m=119963956428826&w=2

as has already been stated, we don't bother looking at safe_mode bypasses.

> On Tue, May 06, 2008 at 04:47:32PM +0200, Moritz Muehlenhoff wrote:
> > > http://www.php.net/ChangeLog-5.php lists several security fixes which
> > > are included in upstream PHP 5.2.6:
> >
> > Thanks, there are two more, which I found and which I just commited to
> > the tracker:
> >
> > +CVE-2008-XXXX [php integer overflow in printf]
> > +       - php5 <unfixed>
> > +       NOTE: http://www.php.net/ChangeLog-5.php
> > +       NOTE: Needs further details or digging in SVN
>
> http://marc.info/?l=php-cvs&m=120579485607237&w=2

this matches up as well.

> > +CVE-2008-XXXX [php suboptimal seeding]
> > +       - php5 <unfixed> (low)
> > +       - php4 <unfixed> (low)
> > +       NOTE: http://www.sektioneins.de/advisories/SE-2008-02.txt
> > +       NOTE: I don't believe we need to address this, likely no-dsa, but
> > needs further checking
>
> http://marc.info/?l=php-cvs&m=117601921106002&w=2
> "However, the last one is from Sun Apr  8 08:04:31 2007 UTC, which seems
> like ages ago.  We might already have that one?"

the relevant code is either gone or totally refactored in mcrypt.c it seems, 
so i'll assume that it's fixed unless someone digs up proof to the contrary.


anyway, the patches are all in svn now, and they cleanly apply.  i have not 
tested the build/update though, and will not have time to do this until 
sometime next week most likely.  could someone else pick it up from here?


	sean
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#479723; Package php5. Full text and rfc822 format available.

Acknowledgement sent to Thijs Kinkhorst <thijs@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #32 received at 479723@bugs.debian.org (full text, mbox):

From: Thijs Kinkhorst <thijs@debian.org>
To: pkg-php-maint@lists.alioth.debian.org, 479723@bugs.debian.org
Cc: sean finney <seanius@debian.org>, team@security.debian.org
Subject: Re: [php-maint] Bug#479723: Bug#479723: [Secure-testing-team] php 5.2.6 Security Fixes
Date: Fri, 9 May 2008 09:31:33 +0200
[Message part 1 (text/plain, inline)]
Hi Sean,

On Thursday 8 May 2008 22:31, sean finney wrote:
> anyway, the patches are all in svn now, and they cleanly apply.  i have not
> tested the build/update though, and will not have time to do this until
> sometime next week most likely.  could someone else pick it up from here?

Ok, I've build and installed this version and it works well for me, with 
phpinfo() and some standard apps like phpmyadmin aswell as a custom project. 
So I think we're safe to go. I've also added an extra patch for a minor DoS 
which could be fixed with a very simple patch.

Anyone who finds some time to review or test, please go ahead. If I hear no 
further objections I'll release the DSA as soon as I get to it (and the 
buildds finish it) sometime over the weekend.

Next up: php4 in stable. What's the status?


cheers,
Thijs
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#479723; Package php5. Full text and rfc822 format available.

Acknowledgement sent to sean finney <seanius@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #37 received at 479723@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: Thijs Kinkhorst <thijs@debian.org>
Cc: pkg-php-maint@lists.alioth.debian.org, 479723@bugs.debian.org, team@security.debian.org
Subject: Re: [php-maint] Bug#479723: Bug#479723: [Secure-testing-team] php 5.2.6 Security Fixes
Date: Wed, 14 May 2008 08:05:34 +0200
[Message part 1 (text/plain, inline)]
hiya,

On Friday 09 May 2008 09:31:33 am Thijs Kinkhorst wrote:
> Next up: php4 in stable. What's the status?

i have backported the patches that seem relevant into the php4 etch branch.  
i've verified that it builds a working /usr/bin/php4 but haven't verified 
more than that.

i guess i can check a little more thoroughly tonight and then throw something 
at the security queue.


	sean
[signature.asc (application/pgp-signature, inline)]

Tags added: pending Request was from Sean Finney <seanius@alioth.debian.org> to control@bugs.debian.org. (Thu, 15 May 2008 16:15:06 GMT) Full text and rfc822 format available.

Bug marked as fixed in version 5.2.0-8+etch11, send any further explanations to Moritz Naumann <bugs.debian.org@moritz-naumann.com> Request was from Thijs Kinkhorst <thijs@debian.org> to control@bugs.debian.org. (Tue, 20 May 2008 12:33:03 GMT) Full text and rfc822 format available.

Reply sent to sean finney <seanius@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Moritz Naumann <bugs.debian.org@moritz-naumann.com>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #46 received at 479723-close@bugs.debian.org (full text, mbox):

From: sean finney <seanius@debian.org>
To: 479723-close@bugs.debian.org
Subject: Bug#479723: fixed in php5 5.2.0-8+etch11
Date: Tue, 27 May 2008 19:52:25 +0000
Source: php5
Source-Version: 5.2.0-8+etch11

We believe that the bug you reported is fixed in the latest version of
php5, which is due to be installed in the Debian FTP archive:

libapache-mod-php5_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/libapache-mod-php5_5.2.0-8+etch11_i386.deb
libapache2-mod-php5_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/libapache2-mod-php5_5.2.0-8+etch11_i386.deb
php-pear_5.2.0-8+etch11_all.deb
  to pool/main/p/php5/php-pear_5.2.0-8+etch11_all.deb
php5-cgi_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-cgi_5.2.0-8+etch11_i386.deb
php5-cli_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-cli_5.2.0-8+etch11_i386.deb
php5-common_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-common_5.2.0-8+etch11_i386.deb
php5-curl_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-curl_5.2.0-8+etch11_i386.deb
php5-dev_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-dev_5.2.0-8+etch11_i386.deb
php5-gd_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-gd_5.2.0-8+etch11_i386.deb
php5-imap_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-imap_5.2.0-8+etch11_i386.deb
php5-interbase_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-interbase_5.2.0-8+etch11_i386.deb
php5-ldap_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-ldap_5.2.0-8+etch11_i386.deb
php5-mcrypt_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-mcrypt_5.2.0-8+etch11_i386.deb
php5-mhash_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-mhash_5.2.0-8+etch11_i386.deb
php5-mysql_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-mysql_5.2.0-8+etch11_i386.deb
php5-odbc_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-odbc_5.2.0-8+etch11_i386.deb
php5-pgsql_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-pgsql_5.2.0-8+etch11_i386.deb
php5-pspell_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-pspell_5.2.0-8+etch11_i386.deb
php5-recode_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-recode_5.2.0-8+etch11_i386.deb
php5-snmp_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-snmp_5.2.0-8+etch11_i386.deb
php5-sqlite_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-sqlite_5.2.0-8+etch11_i386.deb
php5-sybase_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-sybase_5.2.0-8+etch11_i386.deb
php5-tidy_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-tidy_5.2.0-8+etch11_i386.deb
php5-xmlrpc_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-xmlrpc_5.2.0-8+etch11_i386.deb
php5-xsl_5.2.0-8+etch11_i386.deb
  to pool/main/p/php5/php5-xsl_5.2.0-8+etch11_i386.deb
php5_5.2.0-8+etch11.diff.gz
  to pool/main/p/php5/php5_5.2.0-8+etch11.diff.gz
php5_5.2.0-8+etch11.dsc
  to pool/main/p/php5/php5_5.2.0-8+etch11.dsc
php5_5.2.0-8+etch11_all.deb
  to pool/main/p/php5/php5_5.2.0-8+etch11_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 479723@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
sean finney <seanius@debian.org> (supplier of updated php5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 21 Feb 2008 07:09:01 +0100
Source: php5
Binary: php5-gd php5-ldap php5 php5-xmlrpc php5-pspell libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-tidy php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mcrypt php5-mysql php5-common php5-imap php5-snmp php5-dev php5-sqlite libapache-mod-php5 php5-interbase
Architecture: source i386 all
Version: 5.2.0-8+etch11
Distribution: stable-security
Urgency: high
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Changed-By: sean finney <seanius@debian.org>
Description: 
 libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 module)
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2 module)
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (meta-package)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language
 php5-common - Common files for packages built from the php5 source
 php5-curl  - CURL module for php5
 php5-dev   - Files for PHP5 module development
 php5-gd    - GD module for php5
 php5-imap  - IMAP module for php5
 php5-interbase - interbase/firebird module for php5
 php5-ldap  - LDAP module for php5
 php5-mcrypt - MCrypt module for php5
 php5-mhash - MHASH module for php5
 php5-mysql - MySQL module for php5
 php5-odbc  - ODBC module for php5
 php5-pgsql - PostgreSQL module for php5
 php5-pspell - pspell module for php5
 php5-recode - recode module for php5
 php5-snmp  - SNMP module for php5
 php5-sqlite - SQLite module for php5
 php5-sybase - Sybase / MS SQL Server module for php5
 php5-tidy  - tidy module for php5
 php5-xmlrpc - XML-RPC module for php5
 php5-xsl   - XSL module for php5
Closes: 459020 479723
Changes: 
 php5 (5.2.0-8+etch11) stable-security; urgency=high
 .
   * Upload to etch for security issues.
   * The following security issues are addressed with this update:
     - CVE-2007-3806: glob denial of service
     - CVE-2008-1384: integer overflow in printf()
     - CVE-2008-2050: possible stack buffer overflow in the FastCGI SAPI
     - CVE-2008-2051: incomplete multibyte chars inside escapeshellcmd()
     closes: #479723
 .
 php5 (5.2.0-8+etch11~p1) stable; urgency=high
 .
   * zend_parse_parameters does not handle size_t's, causing issues with
     043-recode_size_t.patch and segmentation faults for recode-using pages.
     changed problematic parameters back to "int" and added an overflow check.
     thanks to Thomas Stegbauer, Tim Dijkstra, Bart Cortooms, Sebastian Göbel,
     and Vincent Tondellier for their reports.  closes: #459020.
Files: 
 3e8ad8ca8cc172c304768666383ebbc9 2270 web optional php5_5.2.0-8+etch11.dsc
 ea2e45b0854e3837d66e570f0330592a 916209 web optional php5_5.2.0-8+etch11.diff.gz
 67165436c7332cad7e617a1c7ba23a6a 216436 web optional php5-common_5.2.0-8+etch11_i386.deb
 cd24e72308c9a3522dc3d9b249118b90 2412826 web optional libapache-mod-php5_5.2.0-8+etch11_i386.deb
 bf9a64884732f6613852671f05d53f7e 2413316 web optional libapache2-mod-php5_5.2.0-8+etch11_i386.deb
 cbcd560954179345119dafeef18d711b 4757388 web optional php5-cgi_5.2.0-8+etch11_i386.deb
 81caf9afe0c288a75615d667be22e305 2397708 web optional php5-cli_5.2.0-8+etch11_i386.deb
 efa56ef4145fa46d8ca2545cdd4c064f 349070 devel optional php5-dev_5.2.0-8+etch11_i386.deb
 363b5b4a86b351471af72045d35ecaf9 24470 web optional php5-curl_5.2.0-8+etch11_i386.deb
 2a4a581d79640faff08a527203ce5ec3 33410 web optional php5-gd_5.2.0-8+etch11_i386.deb
 3d2aa86d92bb0f863e2ff2a89d3db0b1 34492 web optional php5-imap_5.2.0-8+etch11_i386.deb
 77c5c8fb872edc3c6be892e27ef6d922 44382 web optional php5-interbase_5.2.0-8+etch11_i386.deb
 6f369ddd9d72999ad020c610cd20097a 17244 web optional php5-ldap_5.2.0-8+etch11_i386.deb
 fa42ab2e0e6deb4548ab9e798d02e6cf 12832 web optional php5-mcrypt_5.2.0-8+etch11_i386.deb
 d894cd54608dd355a3ab70f3abfde3fd 5048 web optional php5-mhash_5.2.0-8+etch11_i386.deb
 64e9d20b6474561c3aa97d7e6fb4e45d 64684 web optional php5-mysql_5.2.0-8+etch11_i386.deb
 f12363b920702c9d0263c4ac173dfef3 33432 web optional php5-odbc_5.2.0-8+etch11_i386.deb
 7285f424f23121b0a421f0d0336e17ac 50482 web optional php5-pgsql_5.2.0-8+etch11_i386.deb
 88c4c31a65fc2cecedeaa051f89d2ce6 8626 web optional php5-pspell_5.2.0-8+etch11_i386.deb
 93001e931fcd48c5c4d4344fbed3c959 4772 web optional php5-recode_5.2.0-8+etch11_i386.deb
 1351bb06e1543a6a6fd41cde73a13d95 11304 web optional php5-snmp_5.2.0-8+etch11_i386.deb
 3f9daacd91e8e7282056c7d8b74194ff 34494 web optional php5-sqlite_5.2.0-8+etch11_i386.deb
 5e910225267b4bc620eb47ce81aa89dc 18406 web optional php5-sybase_5.2.0-8+etch11_i386.deb
 1a2e4817f422d4560e00df78e0935fc6 16470 web optional php5-tidy_5.2.0-8+etch11_i386.deb
 108db9ef7d31dfe1bacc3c14dd7fc97b 36446 web optional php5-xmlrpc_5.2.0-8+etch11_i386.deb
 35d3142ebd5d51b244a004c5ac83725d 12250 web optional php5-xsl_5.2.0-8+etch11_i386.deb
 586e42f3362ca1542baf751f588c8113 1046 web optional php5_5.2.0-8+etch11_all.deb
 43475d1d330358729d695d2ef35b30dc 311398 web optional php-pear_5.2.0-8+etch11_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iQEVAwUBSCVv62z0hbPcukPfAQI8VggApeXN+zcPAG12/PfG00xumzYRK0SujZye
Zb5eLPzB5CTYKfFjmf99ND4uILvhJ86+45XoHwikmNEI4xH1UwakEYd1+ihzAqnz
Dn/rZ9Hvy/5u5ZAcphfUT9+dFgjsFbBs+ALPmgBeg56i1quPtGVvzfqozaJbMPoN
EWkyXpYx9knzagSNSFfvc2f+gK0e6F9XQcqOiO0u9XJqJWeBiArXaZ8AUHQATgEw
Pfwycu8EKmONOlLKiccpc9AsbPJ1KxJOMB9wb1PtyFnvCeyq54oo3/gY47rah6Yc
n9VZh/KlTZgAgW0w8g6Qk9+N9iFu+/stSiVQrZVgbqC143zQEhAsOA==
=hCwe
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 25 Jun 2008 07:29:22 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 18:59:56 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.