Debian Bug report logs - #731112
php5: CVE-2013-6712

version graph

Package: php5; Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>; Source for php5 is src:php5.

Reported by: Moritz Muehlenhoff <jmm@inutil.org>

Date: Mon, 2 Dec 2013 08:57:02 UTC

Severity: important

Tags: security

Found in versions php5/5.3.3-7+squeeze17, php5/5.4.4-14+deb7u5

Fixed in versions php5/5.5.6+dfsg-2, php5/5.3.3-7+squeeze18, php5/5.4.4-14+deb7u7

Done: Ondřej Surý <ondrej@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>:
Bug#731112; Package php5. (Mon, 02 Dec 2013 08:57:06 GMT) Full text and rfc822 format available.

Acknowledgement sent to Moritz Muehlenhoff <jmm@inutil.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>. (Mon, 02 Dec 2013 08:57:06 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Moritz Muehlenhoff <jmm@inutil.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: php5: CVE-2013-6712
Date: Mon, 02 Dec 2013 09:47:26 +0100
Package: php5
Severity: important
Tags: security

See http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6712

Not sure whether this warrants a DSA, needs more investigation.

Cheers,
        Moritz



Reply sent to Ondřej Surý <ondrej@debian.org>:
You have taken responsibility. (Thu, 12 Dec 2013 10:54:05 GMT) Full text and rfc822 format available.

Notification sent to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer. (Thu, 12 Dec 2013 10:54:05 GMT) Full text and rfc822 format available.

Message #10 received at 731112-close@bugs.debian.org (full text, mbox):

From: Ondřej Surý <ondrej@debian.org>
To: 731112-close@bugs.debian.org
Subject: Bug#731112: fixed in php5 5.5.6+dfsg-2
Date: Thu, 12 Dec 2013 10:50:33 +0000
Source: php5
Source-Version: 5.5.6+dfsg-2

We believe that the bug you reported is fixed in the latest version of
php5, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 731112@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý <ondrej@debian.org> (supplier of updated php5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 12 Dec 2013 11:07:11 +0100
Source: php5
Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-fpm libphp5-embed php5-dev php5-dbg php-pear php5-curl php5-enchant php5-gd php5-gmp php5-imap php5-interbase php5-intl php5-ldap php5-mcrypt php5-readline php5-mysql php5-mysqlnd php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl
Architecture: source all amd64
Version: 5.5.6+dfsg-2
Distribution: unstable
Urgency: high
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description: 
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module)
 libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo
 libphp5-embed - HTML-embedded scripting language (Embedded SAPI library)
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (metapackage)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language
 php5-common - Common files for packages built from the php5 source
 php5-curl  - CURL module for php5
 php5-dbg   - Debug symbols for PHP5
 php5-dev   - Files for PHP5 module development
 php5-enchant - Enchant module for php5
 php5-fpm   - server-side, HTML-embedded scripting language (FPM-CGI binary)
 php5-gd    - GD module for php5
 php5-gmp   - GMP module for php5
 php5-imap  - IMAP module for php5
 php5-interbase - interbase/firebird module for php5
 php5-intl  - internationalisation module for php5
 php5-ldap  - LDAP module for php5
 php5-mcrypt - MCrypt module for php5
 php5-mysql - MySQL module for php5
 php5-mysqlnd - MySQL module for php5 (Native Driver)
 php5-odbc  - ODBC module for php5
 php5-pgsql - PostgreSQL module for php5
 php5-pspell - pspell module for php5
 php5-readline - Readline module for php5
 php5-recode - recode module for php5
 php5-snmp  - SNMP module for php5
 php5-sqlite - SQLite module for php5
 php5-sybase - Sybase / MS SQL Server module for php5
 php5-tidy  - tidy module for php5
 php5-xmlrpc - XML-RPC module for php5
 php5-xsl   - XSL module for php5
Closes: 731112 731895 731698
Changes: 
 php5 (5.5.6+dfsg-2) unstable; urgency=high
 .
   * [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes: #731895)
   * [CVE-2013-6712] Fix heap buffer over-read in DateInterval (Closes: #731112)
   * Add patch to fix freetype2 include directory (Closes: #731698)
Checksums-Sha1: 
 a078b7a256c7f808cde24b5e0822ecca05ce5c2c 3937 php5_5.5.6+dfsg-2.dsc
 2cf4431227dbe3f64349f182421ddaccc5180f45 137521 php5_5.5.6+dfsg-2.debian.tar.gz
 0a2b6c0f007cad63d4d4b8cd1ff1e6d1e0939bb7 1256 php5_5.5.6+dfsg-2_all.deb
 9bddfbd0b6b1ee680d5bbec2e1cad4ed9340cd3e 266874 php-pear_5.5.6+dfsg-2_all.deb
 ed45bca39a76babb81f56d7992ddcefdecccddd3 352170 php5-common_5.5.6+dfsg-2_amd64.deb
 99a489a28265d60471fb5809a74a64dcf8b0add1 2131768 libapache2-mod-php5_5.5.6+dfsg-2_amd64.deb
 11bba93679be8169f353f73ac25868e4601c7e8b 2137596 libapache2-mod-php5filter_5.5.6+dfsg-2_amd64.deb
 e8bdff9f9cea910395e06a3289d94cfe23c66d3e 4107548 php5-cgi_5.5.6+dfsg-2_amd64.deb
 50a48a6f644f69d10a885c373acf9a6f5fea57a0 2090256 php5-cli_5.5.6+dfsg-2_amd64.deb
 c13244e2f0eaea04c524a8febaf293a6a6777d13 2107996 php5-fpm_5.5.6+dfsg-2_amd64.deb
 3685964cf929c801e317adcfc61bbd13d02a0cbc 2133294 libphp5-embed_5.5.6+dfsg-2_amd64.deb
 c21eeec038d586efcda227bc1ef157515292aca1 348648 php5-dev_5.5.6+dfsg-2_amd64.deb
 83ae15203f6903e083824ee428601a6d6912f140 30274104 php5-dbg_5.5.6+dfsg-2_amd64.deb
 b349535f57b8c65afedb5da451129ee96142aa5f 26956 php5-curl_5.5.6+dfsg-2_amd64.deb
 7b705c45ff4385f949bcae37e057cfab56f5a487 9066 php5-enchant_5.5.6+dfsg-2_amd64.deb
 755c2f2ae966663813c11eb4ff31f55de341192a 27524 php5-gd_5.5.6+dfsg-2_amd64.deb
 f002e657a2476f67f3c16bdfa2e2b1e180e9d945 14640 php5-gmp_5.5.6+dfsg-2_amd64.deb
 f51c09ec2700225b7c2323d5b2f1c2396529ca70 29986 php5-imap_5.5.6+dfsg-2_amd64.deb
 778138f825a8ef9dfe1afd5cf7f2a67bbc4660ff 41306 php5-interbase_5.5.6+dfsg-2_amd64.deb
 768c1d392cd8874924a619ffaabcb243307b39cc 108330 php5-intl_5.5.6+dfsg-2_amd64.deb
 7749217295a3412a155b0177ce5cbc8764f5fa6e 18950 php5-ldap_5.5.6+dfsg-2_amd64.deb
 be99c2bc64a354237591abfecaca6150afad2e4f 13992 php5-mcrypt_5.5.6+dfsg-2_amd64.deb
 9929f7eaa7364b711514b77357cb98cd252cc3cc 12060 php5-readline_5.5.6+dfsg-2_amd64.deb
 02a182645f190e354f3921e55b377999799781da 62854 php5-mysql_5.5.6+dfsg-2_amd64.deb
 32d6d3c4ef23a83d8bb4e55333e4577a7788dc66 134660 php5-mysqlnd_5.5.6+dfsg-2_amd64.deb
 7e54761a8ba27715f8c98f67470303c0183758c1 30194 php5-odbc_5.5.6+dfsg-2_amd64.deb
 7ac4d2b41ab89ce1d697cd2734d077b1eee3f39d 51382 php5-pgsql_5.5.6+dfsg-2_amd64.deb
 d3dfcb32ae6ba9b1321893fd776bdbfaab8d4d6b 8030 php5-pspell_5.5.6+dfsg-2_amd64.deb
 53d367cfc7a96962270d3ebfe54de9b5937bd992 5376 php5-recode_5.5.6+dfsg-2_amd64.deb
 77899ddfd418d8702b2d65b37ce1a3a93a7cc1c1 19060 php5-snmp_5.5.6+dfsg-2_amd64.deb
 01c70f1c95f5735162848e6d78e7914f36af7822 24032 php5-sqlite_5.5.6+dfsg-2_amd64.deb
 62036aa23902387377ffb2b831296c9e5d6a056b 23826 php5-sybase_5.5.6+dfsg-2_amd64.deb
 089c77fe82164ef791d19901765a873f41fd1df5 16118 php5-tidy_5.5.6+dfsg-2_amd64.deb
 e4aff358b6ede49530474e6cfa9ce188b5299c2d 34916 php5-xmlrpc_5.5.6+dfsg-2_amd64.deb
 a2718385621f42446154ed3684c4a8409d4a9964 13674 php5-xsl_5.5.6+dfsg-2_amd64.deb
Checksums-Sha256: 
 2d9bf8e3ccf8aefaaac605b1bfe423a16fc9795891c0dfbfc49bd60a93a71869 3937 php5_5.5.6+dfsg-2.dsc
 ea6d02a0d5820bd80caf25c7b8161d257d662b9708376da9d2c96d974fe6e1a4 137521 php5_5.5.6+dfsg-2.debian.tar.gz
 a5ca1742b5b7a2f78f6cf104b978b52ea29215972f0a838a87706183679f7fa2 1256 php5_5.5.6+dfsg-2_all.deb
 5868572e4496d120efed3914cc9bc1a106a6cc475e1f1e8fff06bff1007e97ba 266874 php-pear_5.5.6+dfsg-2_all.deb
 5d899e112f021e0db15b22679aed80423de9555642e2ee78d108023f473f4486 352170 php5-common_5.5.6+dfsg-2_amd64.deb
 ca54e398c17c2a6c1b23769b1ec0e16af458b8f9996c4ec1d7cb8fef46c197a4 2131768 libapache2-mod-php5_5.5.6+dfsg-2_amd64.deb
 013786caa3c6aa43a4a6e2289547c77b5579673289bdb5494f93f6ec9cd08200 2137596 libapache2-mod-php5filter_5.5.6+dfsg-2_amd64.deb
 7a7d0d206ee5447572de7bbffadac3bfe0d64e83a062d5407770e4436abeb760 4107548 php5-cgi_5.5.6+dfsg-2_amd64.deb
 39f4d880bf4226c4d819695c00971b241d270e50a1ebe9c056ec8d4a65b99c0f 2090256 php5-cli_5.5.6+dfsg-2_amd64.deb
 8e1a988bf666dd4d4da26069de21558b608d846a6f78df3fe97e0c4d614ca7f7 2107996 php5-fpm_5.5.6+dfsg-2_amd64.deb
 35f8c3af87455e9724aa445b0a3f13e3706276d4b701b934851d321ae14f60ee 2133294 libphp5-embed_5.5.6+dfsg-2_amd64.deb
 173fd5fde363a0165475aeb723868156787d71b90b6b035e692566b8f1866ef4 348648 php5-dev_5.5.6+dfsg-2_amd64.deb
 14df06f7b13502451ebd525f83a611389fca134f22085ba8cdab002bec9cd36e 30274104 php5-dbg_5.5.6+dfsg-2_amd64.deb
 22511c2b3224ad64b39a66bda05622bb1ec9511eb81c3390d1a49f54cfed26fc 26956 php5-curl_5.5.6+dfsg-2_amd64.deb
 a1f0168de07fabf46b56ecc5b3b1a69fd8fd7ff001b7a06c3d8f7e9da06b5066 9066 php5-enchant_5.5.6+dfsg-2_amd64.deb
 0c68a4eea11363ca15ad50b2d28839472abffb7b33d3a04d59086f45de0785f5 27524 php5-gd_5.5.6+dfsg-2_amd64.deb
 a83060d6b51d8135626e549bd38c0c14f5979c6ca12b6490d0a10eef1c0cb399 14640 php5-gmp_5.5.6+dfsg-2_amd64.deb
 dc7da85344153141537f9ce93ffc5fca02e4ab58e30fbb74d2e5bc9c8aa9f0f0 29986 php5-imap_5.5.6+dfsg-2_amd64.deb
 ac43974f4451ca1d948ef61057b1f912b922a56a9267f5a426f7fd443134132b 41306 php5-interbase_5.5.6+dfsg-2_amd64.deb
 48b1a308919ee68048fe2d97756ffc925491dcec036cd112e4f4e532b750998f 108330 php5-intl_5.5.6+dfsg-2_amd64.deb
 4fdf1f597510bb8a3a6b36f55fcd0549268ca39faec98e590ce364e1b5fcf032 18950 php5-ldap_5.5.6+dfsg-2_amd64.deb
 72c54a909e3a0c19253481277ace48e2ef63cc796a6453bb09c4a91f29beb3cb 13992 php5-mcrypt_5.5.6+dfsg-2_amd64.deb
 fbb1d38a80637062b54373c9961a842cea1abef5169eaf0feb87faf708c4dbe3 12060 php5-readline_5.5.6+dfsg-2_amd64.deb
 396e6b725cab388c37eb5eec5444ec538ac19dd95613f65c7e10285615c95bae 62854 php5-mysql_5.5.6+dfsg-2_amd64.deb
 611bb771dfe544f67e4aff72c61079b2347e582c49ac7e056c26abee0b0a6c40 134660 php5-mysqlnd_5.5.6+dfsg-2_amd64.deb
 418ebcdfad2d324b94f9fa0728e624ebca89e2255d752387aac9a4e962f4f83a 30194 php5-odbc_5.5.6+dfsg-2_amd64.deb
 59f0625fc46cd6b08d0b665c2e80655cafdd7d117b0fc56297427608e6377892 51382 php5-pgsql_5.5.6+dfsg-2_amd64.deb
 5fe411e81f68d31a55a8cb3a525bcfaf1c7aa11b0cc7f244f44c1f53d27c45ee 8030 php5-pspell_5.5.6+dfsg-2_amd64.deb
 c4728b791dde65934364d5e4e390e5164c287d0ef3a1c2e3a01eef4f35362b33 5376 php5-recode_5.5.6+dfsg-2_amd64.deb
 6b80c54ae48f0cf8d8d762c9d4f5e75468712302b555211501a9e678a9a98c1a 19060 php5-snmp_5.5.6+dfsg-2_amd64.deb
 624ae8542912a070aecec43b3265f72f2c5065c11fbedbdf44237e595acc45f1 24032 php5-sqlite_5.5.6+dfsg-2_amd64.deb
 8eb15c79723bd7ada81477163e15372b3f8423042813ffd3beffe2c2dad746f4 23826 php5-sybase_5.5.6+dfsg-2_amd64.deb
 b39c7ca2b9e8e20fbaf435e8fd5f35646a99f030c764c68846f5b966bd838df4 16118 php5-tidy_5.5.6+dfsg-2_amd64.deb
 9ea8eccac2310081d582265838f589f1afd075e78f797c05f2ca983c17e277cb 34916 php5-xmlrpc_5.5.6+dfsg-2_amd64.deb
 2d355d0912443fb616a9e283cdb1317cb73a5af47f11fd90e82e32ea694aa566 13674 php5-xsl_5.5.6+dfsg-2_amd64.deb
Files: 
 0965b6507ab77f069ad860c9ec4adf7c 3937 php optional php5_5.5.6+dfsg-2.dsc
 88be9a7ef46513de77c3bb9c838e6c28 137521 php optional php5_5.5.6+dfsg-2.debian.tar.gz
 74a2c8ba019d3a22b289e899cdad7fab 1256 php optional php5_5.5.6+dfsg-2_all.deb
 723f142b12eee4fb417da86a701c7c47 266874 php optional php-pear_5.5.6+dfsg-2_all.deb
 75927fbe13afe0d00942981e43f874d1 352170 php optional php5-common_5.5.6+dfsg-2_amd64.deb
 7b895bfe008808f5353edef04b927b36 2131768 httpd optional libapache2-mod-php5_5.5.6+dfsg-2_amd64.deb
 83952c1801f1cbdfb89cc725aa33d5e2 2137596 httpd extra libapache2-mod-php5filter_5.5.6+dfsg-2_amd64.deb
 9c79e61a69c8e089fdff57fcab5871a7 4107548 php optional php5-cgi_5.5.6+dfsg-2_amd64.deb
 7a2b2e42ff3f1c540d058e9195dd2502 2090256 php optional php5-cli_5.5.6+dfsg-2_amd64.deb
 a41ac859da93ebe254daa470b07e1fef 2107996 php optional php5-fpm_5.5.6+dfsg-2_amd64.deb
 5c9b086b29cb5a70dd35939813914bf7 2133294 php optional libphp5-embed_5.5.6+dfsg-2_amd64.deb
 144623e2328735455b899f8cf5041205 348648 php optional php5-dev_5.5.6+dfsg-2_amd64.deb
 11a37a100afca75c07e0a3d986376075 30274104 debug extra php5-dbg_5.5.6+dfsg-2_amd64.deb
 03df0cc41d19cf9b29f03de19d72b954 26956 php optional php5-curl_5.5.6+dfsg-2_amd64.deb
 fb1b1d1d21c274c121b6d2ba013fbab8 9066 php optional php5-enchant_5.5.6+dfsg-2_amd64.deb
 3cc346080637dac9b0249b16e24d67ff 27524 php optional php5-gd_5.5.6+dfsg-2_amd64.deb
 7c14d8fa7ac554fcd470c1ff01c9da8b 14640 php optional php5-gmp_5.5.6+dfsg-2_amd64.deb
 1f436abfe0b86d151a4d762840d3833c 29986 php optional php5-imap_5.5.6+dfsg-2_amd64.deb
 12ce31d34dc9568074f92d263eef6444 41306 php optional php5-interbase_5.5.6+dfsg-2_amd64.deb
 ff5d5ab6f98f4775d2ec996cf62d60a8 108330 php optional php5-intl_5.5.6+dfsg-2_amd64.deb
 b6d02bb836a00136d1d9f6f8c71f89bc 18950 php optional php5-ldap_5.5.6+dfsg-2_amd64.deb
 61f2c2a3c4b190734bb001e81fa56c5f 13992 php optional php5-mcrypt_5.5.6+dfsg-2_amd64.deb
 64c099450008ebba9eb48c878d68fe0c 12060 php optional php5-readline_5.5.6+dfsg-2_amd64.deb
 c70af0e1dda9955f6a3192dd0865a82c 62854 php optional php5-mysql_5.5.6+dfsg-2_amd64.deb
 3c96a99354b518a2e8a5181d8eaa51ed 134660 php extra php5-mysqlnd_5.5.6+dfsg-2_amd64.deb
 e9a69f6eb225b6c0b7f6b8779cb8ed4d 30194 php optional php5-odbc_5.5.6+dfsg-2_amd64.deb
 4d37b3c5c75756be5ddffae420288daa 51382 php optional php5-pgsql_5.5.6+dfsg-2_amd64.deb
 0046657d27bb6293327dfdf127870a89 8030 php optional php5-pspell_5.5.6+dfsg-2_amd64.deb
 1f2679b2603dfb88d826971d50596da0 5376 php optional php5-recode_5.5.6+dfsg-2_amd64.deb
 47492379fc3b2f2c37fb3fcbde514c3f 19060 php optional php5-snmp_5.5.6+dfsg-2_amd64.deb
 397627092022b8cc60a1960407355837 24032 php optional php5-sqlite_5.5.6+dfsg-2_amd64.deb
 b1851ec48eb681e90086da2c24105dd7 23826 php optional php5-sybase_5.5.6+dfsg-2_amd64.deb
 a5bf7341b9a5cd6c2fb4d4b43380dec6 16118 php optional php5-tidy_5.5.6+dfsg-2_amd64.deb
 2c8c2bc07bddb5399c01a6e869489f64 34916 php optional php5-xmlrpc_5.5.6+dfsg-2_amd64.deb
 71449c7b24ec555bc02728850cef61af 13674 php optional php5-xsl_5.5.6+dfsg-2_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlKpkL8ACgkQ9OZqfMIN8nOG3wCgh9Mvu+psLeCcvAIo5gHO50zM
SCQAoKZH0uZaWb1vvh01906RfaWk0M/+
=pti8
-----END PGP SIGNATURE-----




Marked as found in versions php5/5.4.4-14+deb7u5. Request was from Ondřej Surý <ondrej@debian.org> to control@bugs.debian.org. (Thu, 12 Dec 2013 23:00:05 GMT) Full text and rfc822 format available.

Marked as fixed in versions php5/5.4.4-14+deb7u7. Request was from Ondřej Surý <ondrej@debian.org> to control@bugs.debian.org. (Thu, 12 Dec 2013 23:00:06 GMT) Full text and rfc822 format available.

Marked as found in versions php5/5.3.3-7+squeeze17. Request was from Ondřej Surý <ondrej@debian.org> to control@bugs.debian.org. (Thu, 12 Dec 2013 23:00:17 GMT) Full text and rfc822 format available.

Marked as fixed in versions php5/5.3.3-7+squeeze18. Request was from Ondřej Surý <ondrej@debian.org> to control@bugs.debian.org. (Thu, 12 Dec 2013 23:00:18 GMT) Full text and rfc822 format available.

Reply sent to Ondřej Surý <ondrej@debian.org>:
You have taken responsibility. (Sat, 14 Dec 2013 12:51:15 GMT) Full text and rfc822 format available.

Notification sent to Moritz Muehlenhoff <jmm@inutil.org>:
Bug acknowledged by developer. (Sat, 14 Dec 2013 12:51:15 GMT) Full text and rfc822 format available.

Message #23 received at 731112-close@bugs.debian.org (full text, mbox):

From: Ondřej Surý <ondrej@debian.org>
To: 731112-close@bugs.debian.org
Subject: Bug#731112: fixed in php5 5.4.4-14+deb7u7
Date: Sat, 14 Dec 2013 12:47:35 +0000
Source: php5
Source-Version: 5.4.4-14+deb7u7

We believe that the bug you reported is fixed in the latest version of
php5, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 731112@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Ondřej Surý <ondrej@debian.org> (supplier of updated php5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 12 Dec 2013 09:28:14 +0100
Source: php5
Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-fpm libphp5-embed php5-dev php5-dbg php-pear php5-curl php5-enchant php5-gd php5-gmp php5-imap php5-interbase php5-intl php5-ldap php5-mcrypt php5-mysql php5-mysqlnd php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl
Architecture: source all amd64
Version: 5.4.4-14+deb7u7
Distribution: wheezy-security
Urgency: low
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Changed-By: Ondřej Surý <ondrej@debian.org>
Description: 
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module)
 libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo
 libphp5-embed - HTML-embedded scripting language (Embedded SAPI library)
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (metapackage)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language
 php5-common - Common files for packages built from the php5 source
 php5-curl  - CURL module for php5
 php5-dbg   - Debug symbols for PHP5
 php5-dev   - Files for PHP5 module development
 php5-enchant - Enchant module for php5
 php5-fpm   - server-side, HTML-embedded scripting language (FPM-CGI binary)
 php5-gd    - GD module for php5
 php5-gmp   - GMP module for php5
 php5-imap  - IMAP module for php5
 php5-interbase - interbase/firebird module for php5
 php5-intl  - internationalisation module for php5
 php5-ldap  - LDAP module for php5
 php5-mcrypt - MCrypt module for php5
 php5-mysql - MySQL module for php5
 php5-mysqlnd - MySQL module for php5 (Native Driver)
 php5-odbc  - ODBC module for php5
 php5-pgsql - PostgreSQL module for php5
 php5-pspell - pspell module for php5
 php5-recode - recode module for php5
 php5-snmp  - SNMP module for php5
 php5-sqlite - SQLite module for php5
 php5-sybase - Sybase / MS SQL Server module for php5
 php5-tidy  - tidy module for php5
 php5-xmlrpc - XML-RPC module for php5
 php5-xsl   - XSL module for php5
Closes: 731112 731895
Changes: 
 php5 (5.4.4-14+deb7u7) wheezy-security; urgency=low
 .
   * [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes: #731895)
   * [CVE-2013-6712] Fix heap buffer over-read in DateInterval (Closes: #731112)
Checksums-Sha1: 
 db945bf5566c133e9a5a8ad8d957477558db1217 3774 php5_5.4.4-14+deb7u7.dsc
 2d5770884b9d82f96845e6f6f264207b204d781e 224674 php5_5.4.4-14+deb7u7.diff.gz
 adac7fb7e845d983957cf4f68b841a6d3bb4bf81 1026 php5_5.4.4-14+deb7u7_all.deb
 f8cb4713a7f6fbeac634351d648784c8b550c346 369272 php-pear_5.4.4-14+deb7u7_all.deb
 7b8f7fee147a6adfc5859ec8a394d740546af1f5 588224 php5-common_5.4.4-14+deb7u7_amd64.deb
 1f19a48535eb3dbdcf1054ea722db264c09825a5 2665644 libapache2-mod-php5_5.4.4-14+deb7u7_amd64.deb
 90c505afee61d55c8ccb5675efd5bda9f10db6a0 2664020 libapache2-mod-php5filter_5.4.4-14+deb7u7_amd64.deb
 33b57b7f454e81225e85c36368f371eae621109c 5100870 php5-cgi_5.4.4-14+deb7u7_amd64.deb
 1a9a04d0a2a2922ed3bdfbbe59eb25595e7ff1cd 2557440 php5-cli_5.4.4-14+deb7u7_amd64.deb
 b1f14068506342c40676e80216d9bd945564dcaa 2590524 php5-fpm_5.4.4-14+deb7u7_amd64.deb
 bf2dc7d66197e8dd4299f156a4bde1a547aadd74 2662062 libphp5-embed_5.4.4-14+deb7u7_amd64.deb
 2fa9c2c45c388052e86de83bc9ee7412aa80b8c9 497438 php5-dev_5.4.4-14+deb7u7_amd64.deb
 1d73dea79699ce71d72dfb1e45e9b690996a897b 15959722 php5-dbg_5.4.4-14+deb7u7_amd64.deb
 aaa2b5540479703de21c4dcfea147a8db43d12d4 29180 php5-curl_5.4.4-14+deb7u7_amd64.deb
 81335f1d8a068ecde1fdedcca93855e95ed5a4a6 9946 php5-enchant_5.4.4-14+deb7u7_amd64.deb
 0bdf85e6fddc81aaf8903b2af6644d2d16d2a75f 35720 php5-gd_5.4.4-14+deb7u7_amd64.deb
 feb35e6db8ef93beebb92ec1f1125ed06cedf5d3 17176 php5-gmp_5.4.4-14+deb7u7_amd64.deb
 16adc4bab5866032694d304cabf008bdafd687db 35614 php5-imap_5.4.4-14+deb7u7_amd64.deb
 bfee5375d0ef1cdc0cfa4f1c71e8fc198b785bb8 49612 php5-interbase_5.4.4-14+deb7u7_amd64.deb
 ec82ca53a7d5d13aace572ce61cf6504f85d608b 71974 php5-intl_5.4.4-14+deb7u7_amd64.deb
 c39ca89875af3f07152fb16cac5963becdd9a330 21774 php5-ldap_5.4.4-14+deb7u7_amd64.deb
 8ac4ea5ea32efd3f085bdb513a14d96708f6b695 16096 php5-mcrypt_5.4.4-14+deb7u7_amd64.deb
 361119a73f99cd21a78986afff7bcd23ad8b88aa 80866 php5-mysql_5.4.4-14+deb7u7_amd64.deb
 ff285289281b7826910243610de159ff3756a612 162732 php5-mysqlnd_5.4.4-14+deb7u7_amd64.deb
 7ad381925371da2b3a428e0ed5cb4f65587e3219 36416 php5-odbc_5.4.4-14+deb7u7_amd64.deb
 68000f4b9410f79129e6653156f9a5eba3e58ae8 61074 php5-pgsql_5.4.4-14+deb7u7_amd64.deb
 94c12382f26554f7d0bbabdc285ef9d59750a8d0 8918 php5-pspell_5.4.4-14+deb7u7_amd64.deb
 6d48c26b45194284a277b998461dc5f0dd539fdd 5214 php5-recode_5.4.4-14+deb7u7_amd64.deb
 ba957e743ef6c2998e67d7b3d82f4714033bda8b 21820 php5-snmp_5.4.4-14+deb7u7_amd64.deb
 bc4f7f65d3913d6de4572bb00fdd323470ae8801 30352 php5-sqlite_5.4.4-14+deb7u7_amd64.deb
 90d3304b845d2008207d84086c46d55c058ad283 28456 php5-sybase_5.4.4-14+deb7u7_amd64.deb
 fc6244cd23ca9fcbec1ffeb06e1812dea951b426 19610 php5-tidy_5.4.4-14+deb7u7_amd64.deb
 8bd5ffd03cd69dcfa1fa12015f2870789f6aec61 36306 php5-xmlrpc_5.4.4-14+deb7u7_amd64.deb
 9192145a1d1278f12e73ef5eeaaa4444595d2684 15430 php5-xsl_5.4.4-14+deb7u7_amd64.deb
Checksums-Sha256: 
 a7dfa75913c9e9ec1bd3d4351f8f9f58372b5c23db7d4303b4875e490a4410b2 3774 php5_5.4.4-14+deb7u7.dsc
 266efe3362810b8d01cc7535e6cc2bc3907dc277c4af8824eb5990b168f55c26 224674 php5_5.4.4-14+deb7u7.diff.gz
 431cf54e891b5cc1fefc4aa08abfeef7c5277dd1959445e61ee3ed4ee3f01f49 1026 php5_5.4.4-14+deb7u7_all.deb
 9f54403a488bce95f0e41b6496c2f88f62b67f31ab99b1526847ee83bc348e9a 369272 php-pear_5.4.4-14+deb7u7_all.deb
 c7f4610ae9f48652ef450e1753e46021610a26bc4d84e2c28400ac48dcb7bc2a 588224 php5-common_5.4.4-14+deb7u7_amd64.deb
 a0731b0aa2b7732931d7c479e567ffdf2cf8a70a440ad0a209b76ca0c35f5a3b 2665644 libapache2-mod-php5_5.4.4-14+deb7u7_amd64.deb
 52bec75ebcd31bd137cdaaf8f705b17d25825ef8d2e8c183f4a41ea0dae516e2 2664020 libapache2-mod-php5filter_5.4.4-14+deb7u7_amd64.deb
 92543ccdb66bb240dcb7c6edf6b8d1f094ecda47035965ae774dcbdc25c39ff6 5100870 php5-cgi_5.4.4-14+deb7u7_amd64.deb
 c72e018bbd3baf04de6e7ef8f850cfc9a4c4a5b308da7fedf1f09b5547359271 2557440 php5-cli_5.4.4-14+deb7u7_amd64.deb
 8c791c0b417715e3b81eea73866f50bddcee65f49b8e01ebd3080cb7210a6603 2590524 php5-fpm_5.4.4-14+deb7u7_amd64.deb
 1ae86ad6e9b13aa2cf0c20878ef933634c25073cb52e51456284dd443c6db048 2662062 libphp5-embed_5.4.4-14+deb7u7_amd64.deb
 f5e9d7d575a94e24d08dad1c78b8d18c35eb648fa73f7a53b13d28f6b15cd00e 497438 php5-dev_5.4.4-14+deb7u7_amd64.deb
 87396d4e276dc3f7fd7934bf339c6ef14785e366d106e2532f5432ae18d99e28 15959722 php5-dbg_5.4.4-14+deb7u7_amd64.deb
 20d5fb56a5fdeda5c86f32833ce5b29b4d983742ee52e115ffc2348df1a9f648 29180 php5-curl_5.4.4-14+deb7u7_amd64.deb
 879ed3d02207f67ae846fc9dfb79d282ebd47bc86fbe5407e966f20e6b8b20b6 9946 php5-enchant_5.4.4-14+deb7u7_amd64.deb
 2d62819500676a910ca11f1aa27595b5210f36b7a49a6931bf88e07445ed407d 35720 php5-gd_5.4.4-14+deb7u7_amd64.deb
 cffeb5ef13c7953289c3a7dbee4dcd797ed68ea5557b4c80764ba06c4b5cff9f 17176 php5-gmp_5.4.4-14+deb7u7_amd64.deb
 5cad951dc61f8b032159724d2abc82c0533592cfdc279cd1c1c3798612a49bdb 35614 php5-imap_5.4.4-14+deb7u7_amd64.deb
 f9eda4004de4eee6b6b0637aac087e99e4f8140327de9f6dbc82a6f4300b9cf1 49612 php5-interbase_5.4.4-14+deb7u7_amd64.deb
 6616bb60365037165eb9c4b17a45dfcf47d25bd9e20842ae6ce4bce8a4ea5a03 71974 php5-intl_5.4.4-14+deb7u7_amd64.deb
 9cc2fbe8d7f23bf5dd83b1303b22900c290dd14f92c9f2f6e00d00905e30ac67 21774 php5-ldap_5.4.4-14+deb7u7_amd64.deb
 9cf8fd016a4f69443c3f45f7661067fc2d8b37ace351e4b4d9a60a9801af6b27 16096 php5-mcrypt_5.4.4-14+deb7u7_amd64.deb
 dd3425a26dc14911d1babc2fa49fc42540f5f9555ebeb18c3338cff37f976764 80866 php5-mysql_5.4.4-14+deb7u7_amd64.deb
 85dece646079668001a02713e91abb8e5783f9f982a2c229ec539961e579fc69 162732 php5-mysqlnd_5.4.4-14+deb7u7_amd64.deb
 2f45221c74b97479d7e735e5afca8166b6f496c28f8bd64e777047ead3407e7f 36416 php5-odbc_5.4.4-14+deb7u7_amd64.deb
 aba57579122f5e09c84df01f7a633e8334f441b7446a4ab2ebb75e14022d0773 61074 php5-pgsql_5.4.4-14+deb7u7_amd64.deb
 3362b94c57579119b3a2aea8d5df423e72cad489d1d1ca461ab8cd9d742be100 8918 php5-pspell_5.4.4-14+deb7u7_amd64.deb
 92a7cdbdf8fd6fd058c535072de43a1a37ae95ca78bc3fb825f75e0be0a5169a 5214 php5-recode_5.4.4-14+deb7u7_amd64.deb
 bebf10aa3c679e2b666beca06d76b283825e01dfb732fa19750e3db8c88276ee 21820 php5-snmp_5.4.4-14+deb7u7_amd64.deb
 b896960703fdd86effe6d1ea9c8f893b96d8d0144bc40f898b732be0825094a8 30352 php5-sqlite_5.4.4-14+deb7u7_amd64.deb
 0c3bc4b1fe3f6f33cd32f54e467c6d400c2424062b95656b39bd0dad97c09538 28456 php5-sybase_5.4.4-14+deb7u7_amd64.deb
 28e21aa5191fc3547b80d7c66d2e4e6c1b5ccf93bc554bac0883b081afb52e24 19610 php5-tidy_5.4.4-14+deb7u7_amd64.deb
 da60cefeb26d84cd5a089d567603d468b0454d4e4ba4c32ea586f9ddec71a36b 36306 php5-xmlrpc_5.4.4-14+deb7u7_amd64.deb
 3d0cd9124f0a7784d5d0989cf33131b73d0006bf336e282f5ea9bef90c95d9ad 15430 php5-xsl_5.4.4-14+deb7u7_amd64.deb
Files: 
 6bb319a9e0c78fd09df025b19e919704 3774 php optional php5_5.4.4-14+deb7u7.dsc
 a5448fd9b9142dfd132274dbddb08559 224674 php optional php5_5.4.4-14+deb7u7.diff.gz
 dbecdb6ad4a5fec5371fec22a55b6bcc 1026 php optional php5_5.4.4-14+deb7u7_all.deb
 431ce762368a7f3f80b55a3fd63dc0e5 369272 php optional php-pear_5.4.4-14+deb7u7_all.deb
 90a3b5aa93ca20c8bb6b10a013c3543e 588224 php optional php5-common_5.4.4-14+deb7u7_amd64.deb
 e4d39fc9d3dea4e30681a5b4ad3b5fb2 2665644 httpd optional libapache2-mod-php5_5.4.4-14+deb7u7_amd64.deb
 8762b560adb4643f78ef119914173a1a 2664020 httpd extra libapache2-mod-php5filter_5.4.4-14+deb7u7_amd64.deb
 5a31d15029c8ab82c35f029e08cdbecb 5100870 php optional php5-cgi_5.4.4-14+deb7u7_amd64.deb
 12dfecbdb8f369e5a4a5e9d3f1fbe6c2 2557440 php optional php5-cli_5.4.4-14+deb7u7_amd64.deb
 5364dc33928c74e1671e197ec5489e83 2590524 php optional php5-fpm_5.4.4-14+deb7u7_amd64.deb
 72de23f43a23a051ed5ab90b58252159 2662062 php optional libphp5-embed_5.4.4-14+deb7u7_amd64.deb
 8bbd0f91a963664e276ea01a204dc0a9 497438 php optional php5-dev_5.4.4-14+deb7u7_amd64.deb
 c50c99ae343779ed6c5fd85c38b5b3ab 15959722 debug extra php5-dbg_5.4.4-14+deb7u7_amd64.deb
 c88a37daa354eb53781cda83d2487cec 29180 php optional php5-curl_5.4.4-14+deb7u7_amd64.deb
 fbf88c769dcd85a376a9e361c7d235dc 9946 php optional php5-enchant_5.4.4-14+deb7u7_amd64.deb
 36462177a83483a15fe663f8275fbcc0 35720 php optional php5-gd_5.4.4-14+deb7u7_amd64.deb
 bc6aee606af394fde0352e6d59f8e2ea 17176 php optional php5-gmp_5.4.4-14+deb7u7_amd64.deb
 810d0a3a0faa01d7a994b35b203e9a07 35614 php optional php5-imap_5.4.4-14+deb7u7_amd64.deb
 77728d4cbccca6d9467b5eb79c6fd530 49612 php optional php5-interbase_5.4.4-14+deb7u7_amd64.deb
 7dab9e9e189f106352c31a9c49474881 71974 php optional php5-intl_5.4.4-14+deb7u7_amd64.deb
 e2cdab293fe921f38d01fcf9a29556d5 21774 php optional php5-ldap_5.4.4-14+deb7u7_amd64.deb
 0547f91fb82ead781e457fcfa78236d9 16096 php optional php5-mcrypt_5.4.4-14+deb7u7_amd64.deb
 cc1119a171ff912f941a7b0d24cc4f23 80866 php optional php5-mysql_5.4.4-14+deb7u7_amd64.deb
 44bcb46bee4189c0bc655481c5388174 162732 php extra php5-mysqlnd_5.4.4-14+deb7u7_amd64.deb
 b6a935f3bd2e91204fac0c80b7456f30 36416 php optional php5-odbc_5.4.4-14+deb7u7_amd64.deb
 c09de25160e50283978215df17a0e9a5 61074 php optional php5-pgsql_5.4.4-14+deb7u7_amd64.deb
 4592acf8d5fc245b6e67d64589e4638f 8918 php optional php5-pspell_5.4.4-14+deb7u7_amd64.deb
 acb2a611c1ae821772b26f4f3b9db891 5214 php optional php5-recode_5.4.4-14+deb7u7_amd64.deb
 3b4b2d1098fac93a6433bfe5e3887268 21820 php optional php5-snmp_5.4.4-14+deb7u7_amd64.deb
 be7dac2ad18d5c63f09d4b4331ed3500 30352 php optional php5-sqlite_5.4.4-14+deb7u7_amd64.deb
 5240b7b1793ea2b85861e5e8cc3b0c88 28456 php optional php5-sybase_5.4.4-14+deb7u7_amd64.deb
 b58a51560ec05ea81d216606f7e789af 19610 php optional php5-tidy_5.4.4-14+deb7u7_amd64.deb
 c2e46f8730c54d72bff03e50079aa405 36306 php optional php5-xmlrpc_5.4.4-14+deb7u7_amd64.deb
 318006868a749ce6105722e6daefd63b 15430 php optional php5-xsl_5.4.4-14+deb7u7_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlKpkXQACgkQ9OZqfMIN8nMqbgCgkPWbtQZJtF7DpCQz8kjD9BkR
Cz0An27zCfuxGluFb876xz5DEy6x7JGk
=OX+G
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 12 Jan 2014 07:26:56 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Apr 21 06:57:50 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.