-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 25 Apr 2020 16:12:02 +0200 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-phpdbg php5-fpm libphp5-embed php5-dev php5-dbg php-pear php5-curl php5-enchant php5-gd php5-gmp php5-imap php5-interbase php5-intl php5-ldap php5-mcrypt php5-readline php5-mysql php5-mysqlnd php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: source amd64 all Version: 5.6.40+dfsg-0+deb8u11 Distribution: jessie-security Urgency: high Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo libphp5-embed - HTML-embedded scripting language (Embedded SAPI library) php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-enchant - Enchant module for php5 php5-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary) php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-imap - IMAP module for php5 php5-interbase - interbase/firebird module for php5 php5-intl - internationalisation module for php5 php5-ldap - LDAP module for php5 php5-mcrypt - MCrypt module for php5 php5-mysql - MySQL module for php5 php5-mysqlnd - MySQL module for php5 (Native Driver) php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-phpdbg - server-side, HTML-embedded scripting language (PHPDBG binary) php5-pspell - pspell module for php5 php5-readline - Readline module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Changes: php5 (5.6.40+dfsg-0+deb8u11) jessie-security; urgency=high . * Non-maintainer upload by the LTS Team. * CVE-2020-7064 A one byte out-of-bounds read, which could potentially lead to information disclosure or crash. * CVE-2020-7066 An URL containing zero (\0) character will be truncated at it, which may cause some software to make incorrect assumptions and possibly send some information to a wrong server. * CVE-2020-7067 Using a malformed url-encoded string an Out-of-Bounds read can occur. Checksums-Sha1: cc4b6c5202917b42454a784bd78fefebfe1704ee 5231 php5_5.6.40+dfsg-0+deb8u11.dsc bc5a146b435bf8abcf4400205a6772b2b956a2eb 19441072 php5_5.6.40+dfsg.orig.tar.gz 92b6df638f12b9d3bd2186fe65dc067324022d4e 261196 php5_5.6.40+dfsg-0+deb8u11.debian.tar.xz 7c508963d03bff42f25ba448f381d7075f6b99ec 748672 php5-common_5.6.40+dfsg-0+deb8u11_amd64.deb feedc7c02a9874005d3689500c12527fb4b2723a 2228654 libapache2-mod-php5_5.6.40+dfsg-0+deb8u11_amd64.deb 5b03199796c45fb3ab1e284054e8d8ede7c60d7b 2226556 libapache2-mod-php5filter_5.6.40+dfsg-0+deb8u11_amd64.deb dfd1bc55b88f3d777c8b849d10c36c05fc17a316 4315044 php5-cgi_5.6.40+dfsg-0+deb8u11_amd64.deb e16ea95c3282ee3388e666d78ec0e68680634bbc 2199982 php5-cli_5.6.40+dfsg-0+deb8u11_amd64.deb ca86cf663071b190d746ae64190ccd6f67236229 2200668 php5-phpdbg_5.6.40+dfsg-0+deb8u11_amd64.deb d5647c96641a9072e13b309b44043bec66956c16 2212646 php5-fpm_5.6.40+dfsg-0+deb8u11_amd64.deb 3f1df06af7fc308ccc8a0c09330af972b7661891 2226608 libphp5-embed_5.6.40+dfsg-0+deb8u11_amd64.deb f2154dad0278e504df7b67f9a4dea7797bad35ea 357844 php5-dev_5.6.40+dfsg-0+deb8u11_amd64.deb a06f4b10e96a24f47bcd4382a58d3482fb8d705e 51059146 php5-dbg_5.6.40+dfsg-0+deb8u11_amd64.deb 3b1d806cf5ee82e074085a463828bbf0f6544ffe 28018 php5-curl_5.6.40+dfsg-0+deb8u11_amd64.deb f0e1f1da4ea2dac25c922c5cd2762b1b02c44e10 9438 php5-enchant_5.6.40+dfsg-0+deb8u11_amd64.deb ce9988857cf255764af3e5c17b3a6f89944723ce 29140 php5-gd_5.6.40+dfsg-0+deb8u11_amd64.deb f4ac811e50c0f67f7aba5b24d125dfb41347f4b2 21644 php5-gmp_5.6.40+dfsg-0+deb8u11_amd64.deb 204b7106b51d6719edaba09a4c1425d39ffd81b1 31774 php5-imap_5.6.40+dfsg-0+deb8u11_amd64.deb 70b36fae88ae404c61f55554583d10129bf7b781 43014 php5-interbase_5.6.40+dfsg-0+deb8u11_amd64.deb 8fa55b8bf7bde516256ec39d1968d1961adc4b0c 112422 php5-intl_5.6.40+dfsg-0+deb8u11_amd64.deb 3a731a68105865b6e2d35743495d6ca3137e42ff 22448 php5-ldap_5.6.40+dfsg-0+deb8u11_amd64.deb fbe0752a23bb6ee789dc8d47ec5e1e96f79b3ded 15590 php5-mcrypt_5.6.40+dfsg-0+deb8u11_amd64.deb 9977d74a54d783484da69db57dfd354ba79997d3 12692 php5-readline_5.6.40+dfsg-0+deb8u11_amd64.deb d284140f0f3d63122ce571a9ba84f651690bcf90 65666 php5-mysql_5.6.40+dfsg-0+deb8u11_amd64.deb d4a06d7fedec78694a4213e554c0acc82cf83866 141956 php5-mysqlnd_5.6.40+dfsg-0+deb8u11_amd64.deb 3ff54b567481b70cc1f52c715e9b429d19b5bc38 32236 php5-odbc_5.6.40+dfsg-0+deb8u11_amd64.deb 3bb699c74c9d6a70fed79ab17a17be3354228698 58940 php5-pgsql_5.6.40+dfsg-0+deb8u11_amd64.deb 94eec0bd068e3b9496d551cd6472c2776915daec 8342 php5-pspell_5.6.40+dfsg-0+deb8u11_amd64.deb 8fc643db6f0d2cd229985b7ab33e30f3e048bd9c 5740 php5-recode_5.6.40+dfsg-0+deb8u11_amd64.deb 834ef481bfe85fef497262989b55f8392c45aac5 19798 php5-snmp_5.6.40+dfsg-0+deb8u11_amd64.deb ff9ad83f71da70d8665760e2d5c82ec8c6e65d68 24756 php5-sqlite_5.6.40+dfsg-0+deb8u11_amd64.deb 4bd910a5e058dd1782ea578db0c23d150a493ed3 24696 php5-sybase_5.6.40+dfsg-0+deb8u11_amd64.deb fa9dae6686274f08dd333225d5366c020d90562e 17006 php5-tidy_5.6.40+dfsg-0+deb8u11_amd64.deb b9dd71fb4b5c5bd4c827b4c2ecba9d3112bc4c0b 35934 php5-xmlrpc_5.6.40+dfsg-0+deb8u11_amd64.deb 0c74161bbbbe249ab91d8a4e4d589c1d5a07bf8d 14170 php5-xsl_5.6.40+dfsg-0+deb8u11_amd64.deb ad2e3f8d77eaa5836c87755615088612d553dee9 1314 php5_5.6.40+dfsg-0+deb8u11_all.deb b5d62c49f17c651b62305fa4e418f33fda426945 268812 php-pear_5.6.40+dfsg-0+deb8u11_all.deb Checksums-Sha256: b0e92119b6dd5f4f056f443c518ce12f352ff56473e3cf9859e1804e4cd919c2 5231 php5_5.6.40+dfsg-0+deb8u11.dsc 1ffdf771591b6afdff5c3b2b22febe6043f92bc67bb6f8e4629183127819345d 19441072 php5_5.6.40+dfsg.orig.tar.gz 7e060c6f51a49f864da1af5357a03310c2485cca1536e27392094bf57dcf30f4 261196 php5_5.6.40+dfsg-0+deb8u11.debian.tar.xz 00480f32a1fba68f01790541b302f5b78144b003970b9f52b46da876c27903b4 748672 php5-common_5.6.40+dfsg-0+deb8u11_amd64.deb d517a3265730bd96325035296e0bcf12e6be095340eb8e1ad412ea91afc75ba3 2228654 libapache2-mod-php5_5.6.40+dfsg-0+deb8u11_amd64.deb 52592b054200e0a60cec5e9ec115a9ac358a410176cba61c241f001fbac68b6e 2226556 libapache2-mod-php5filter_5.6.40+dfsg-0+deb8u11_amd64.deb 6e6c575be5668aed27283856dba95077a977d0683623ba1b07e139b65257837d 4315044 php5-cgi_5.6.40+dfsg-0+deb8u11_amd64.deb 272bf54f31d9ccab54d68d649f6cef24081b7fb797cd145eb5fb4cd95b79e446 2199982 php5-cli_5.6.40+dfsg-0+deb8u11_amd64.deb 37207b6633dbeb424d795c160a978ff4c2afb3ccbb10b12cb09889e12283b311 2200668 php5-phpdbg_5.6.40+dfsg-0+deb8u11_amd64.deb b5617ff2775a7ea19ef6cac008263d33d2d30167a2cbc7814b82c44a1e7c94f8 2212646 php5-fpm_5.6.40+dfsg-0+deb8u11_amd64.deb 59e7abdff59cd3a775bd48d66d2c13d06b1579841c5c89d10279141a9d672700 2226608 libphp5-embed_5.6.40+dfsg-0+deb8u11_amd64.deb 2be3c8a86ba9f75226cf6de1447440221ff3072df221b5108ed234edff8b04ad 357844 php5-dev_5.6.40+dfsg-0+deb8u11_amd64.deb 8425ed2f9cf39a5d5fde33343f835c3bf9f6f2e624eda08606def5ffbca1084c 51059146 php5-dbg_5.6.40+dfsg-0+deb8u11_amd64.deb 000bb8ef497b881f7d24cc138978bdfd85bb51589c2619ddf7179b42bf6c7914 28018 php5-curl_5.6.40+dfsg-0+deb8u11_amd64.deb fc337e58ffe043cb134d795dcf6efda8569607a8c60afa91917df1c0d8ef3864 9438 php5-enchant_5.6.40+dfsg-0+deb8u11_amd64.deb ef2bd097a23697fd019b4d63de8af2702b72cf6a68f3c021af888904039efad3 29140 php5-gd_5.6.40+dfsg-0+deb8u11_amd64.deb 689b30c65e55ae1d3ebcf55320026fde0fc853d0e929ab3f068ee9dd4e8e7541 21644 php5-gmp_5.6.40+dfsg-0+deb8u11_amd64.deb 21f6c220743cd6474108f6ccb0ff6a20c11e2fef745f172331ccbf6e2e346431 31774 php5-imap_5.6.40+dfsg-0+deb8u11_amd64.deb 0f311747478db21f08763be3268e648b4f7f648fcc63709a3e556659be02a3c8 43014 php5-interbase_5.6.40+dfsg-0+deb8u11_amd64.deb fd1bf2966d5a874440029acbd9f05e5cbecec60d044e27a05df8946c84183bad 112422 php5-intl_5.6.40+dfsg-0+deb8u11_amd64.deb 24ff8d996d5afa17bf06b37aba79f31632f9c126ba64f627cb8d10441c202b01 22448 php5-ldap_5.6.40+dfsg-0+deb8u11_amd64.deb 550de0276ba727440ccf0c235407403d2a896d763a5f02c2129af07467a30da7 15590 php5-mcrypt_5.6.40+dfsg-0+deb8u11_amd64.deb 421ed9aeb8983a87d50958995a1398a6d12efb1a717aee1e20a3d81bca2f24b0 12692 php5-readline_5.6.40+dfsg-0+deb8u11_amd64.deb d5cf01ae6db428e1bb8b433cdddd5e9505cad919d046d11a8810d1972f091a28 65666 php5-mysql_5.6.40+dfsg-0+deb8u11_amd64.deb 6303e5b8defdae15bdc624f023b2b364e5543b9bae3c4e5aa4334e48c0831976 141956 php5-mysqlnd_5.6.40+dfsg-0+deb8u11_amd64.deb 1d33f8f9bbed3bf7ee3a82869fc0a6942d982d1961bdac3eeeccaaadebd68574 32236 php5-odbc_5.6.40+dfsg-0+deb8u11_amd64.deb 7a3eb833167d170712e0db8a89f598578cf35650dca9307220d85482ca2dd1a7 58940 php5-pgsql_5.6.40+dfsg-0+deb8u11_amd64.deb 5e8f9f05bf21c07cabebbdd1415924cd732f8ca19e45f7562c614e587827b351 8342 php5-pspell_5.6.40+dfsg-0+deb8u11_amd64.deb 7a3e014f7353ecf46572a8a678e7aca0d9733b128dcaf76ea1eacbf294d6303c 5740 php5-recode_5.6.40+dfsg-0+deb8u11_amd64.deb d5ee12d9194bf45688e21791039fcccd357644d3ca543d6086bf833373dc7612 19798 php5-snmp_5.6.40+dfsg-0+deb8u11_amd64.deb 0eb43148facc8871f04d40c0c2cae5fa8cecd297fb7cd4ea70e6be5d41469d20 24756 php5-sqlite_5.6.40+dfsg-0+deb8u11_amd64.deb 75946da9918fce45ffd7d12b3b5e7c1440c34b7c8e90b76bd3cbf6bbc1e01562 24696 php5-sybase_5.6.40+dfsg-0+deb8u11_amd64.deb 64483a63017eb74a3f6c919905b5fb4305726966ffd961afb42fdc06521f7453 17006 php5-tidy_5.6.40+dfsg-0+deb8u11_amd64.deb 123520a2920f54aedb01ff8e72ef4429680af5e584b00bf858ae47ab51a995f5 35934 php5-xmlrpc_5.6.40+dfsg-0+deb8u11_amd64.deb 82442629bd5c0ef184bf7a7b8f161dfbfc890936e051066b904a7a4a455a2ef4 14170 php5-xsl_5.6.40+dfsg-0+deb8u11_amd64.deb a452b2e0d262f8adf382fce6fdf09ce02731d35c3780353f9871f1ce083fc96a 1314 php5_5.6.40+dfsg-0+deb8u11_all.deb 17492e0be65b5d4b556b1e9f8929b739292d26c9510fbfc3df52f78c697221f3 268812 php-pear_5.6.40+dfsg-0+deb8u11_all.deb Files: 1158ae99aa95c08ad248bb34c1b8b541 5231 php optional php5_5.6.40+dfsg-0+deb8u11.dsc 974e3edb2ada23b8f4fa17d236f7e630 19441072 php optional php5_5.6.40+dfsg.orig.tar.gz c1e5cfa189d7c326179d65132167ddf8 261196 php optional php5_5.6.40+dfsg-0+deb8u11.debian.tar.xz 21e15cde4b8dc3007134adcd6c4e2612 748672 php optional php5-common_5.6.40+dfsg-0+deb8u11_amd64.deb ec7d1fd4b9c021ef6cfbc11ace4b5034 2228654 httpd optional libapache2-mod-php5_5.6.40+dfsg-0+deb8u11_amd64.deb 112d519fead3de029ab1ecb4a9698936 2226556 httpd extra libapache2-mod-php5filter_5.6.40+dfsg-0+deb8u11_amd64.deb 1386ecc808bcb72d703480ced08a3915 4315044 php optional php5-cgi_5.6.40+dfsg-0+deb8u11_amd64.deb d9f3ca67ee8da64b82a84dd1e1114f19 2199982 php optional php5-cli_5.6.40+dfsg-0+deb8u11_amd64.deb e1cf305a9f96764d840a1ffb087f3ed3 2200668 php optional php5-phpdbg_5.6.40+dfsg-0+deb8u11_amd64.deb 211fd2bfda85a553cd3c13ba14635b21 2212646 php optional php5-fpm_5.6.40+dfsg-0+deb8u11_amd64.deb e048fa7e86c8735f98c62d7ee980b380 2226608 php optional libphp5-embed_5.6.40+dfsg-0+deb8u11_amd64.deb 7b3458b42d00bcf1ffa03c4a337707cc 357844 php optional php5-dev_5.6.40+dfsg-0+deb8u11_amd64.deb c75aced9ea16773652b78959a3c95823 51059146 debug extra php5-dbg_5.6.40+dfsg-0+deb8u11_amd64.deb 5295da96d61d9e9eb2b60eee5d67d8ab 28018 php optional php5-curl_5.6.40+dfsg-0+deb8u11_amd64.deb c6cd115a1cd615a79881f905af18b46d 9438 php optional php5-enchant_5.6.40+dfsg-0+deb8u11_amd64.deb d141f622122b4e3f41f57b59778d55d1 29140 php optional php5-gd_5.6.40+dfsg-0+deb8u11_amd64.deb 15732cbe3e0a1c6d486d520bb242d048 21644 php optional php5-gmp_5.6.40+dfsg-0+deb8u11_amd64.deb 0ad7ef85c722d65dbcca55624fbdfcce 31774 php optional php5-imap_5.6.40+dfsg-0+deb8u11_amd64.deb 1a011b9db191ac0cf491c145083ea03d 43014 php optional php5-interbase_5.6.40+dfsg-0+deb8u11_amd64.deb 72fd827b5b6234f46076e41a0edbb075 112422 php optional php5-intl_5.6.40+dfsg-0+deb8u11_amd64.deb 320540da16d4a878f706e7bfd93c8d76 22448 php optional php5-ldap_5.6.40+dfsg-0+deb8u11_amd64.deb bedbebe908306eea9e44b05d52750623 15590 php optional php5-mcrypt_5.6.40+dfsg-0+deb8u11_amd64.deb ae8b8fbfdf4d42e1425be8b1491f9498 12692 php optional php5-readline_5.6.40+dfsg-0+deb8u11_amd64.deb 318520b663e615a221e461187db4579e 65666 php optional php5-mysql_5.6.40+dfsg-0+deb8u11_amd64.deb f2ab2aeba3a7d7d3c0bb8bcf1967042c 141956 php extra php5-mysqlnd_5.6.40+dfsg-0+deb8u11_amd64.deb f4b1ed8fe50e4821af83b2aa12a9ebc4 32236 php optional php5-odbc_5.6.40+dfsg-0+deb8u11_amd64.deb b6453ce3a12fd35dc3f6b71a243e28dc 58940 php optional php5-pgsql_5.6.40+dfsg-0+deb8u11_amd64.deb ccd0550df2be40b11fa47b2789693713 8342 php optional php5-pspell_5.6.40+dfsg-0+deb8u11_amd64.deb 0607754e2af1dc39de2254b2c74296af 5740 php optional php5-recode_5.6.40+dfsg-0+deb8u11_amd64.deb ecd81069de549586e51c1abf949be526 19798 php optional php5-snmp_5.6.40+dfsg-0+deb8u11_amd64.deb 12f5b98efa26c775fa8e9883ea3af2c5 24756 php optional php5-sqlite_5.6.40+dfsg-0+deb8u11_amd64.deb 53e516ba8a69f873dd55a571a8104a91 24696 php optional php5-sybase_5.6.40+dfsg-0+deb8u11_amd64.deb 4d790d78fd955a2d545cab133e657775 17006 php optional php5-tidy_5.6.40+dfsg-0+deb8u11_amd64.deb 96ecdb46ae105933f650581ed778ed91 35934 php optional php5-xmlrpc_5.6.40+dfsg-0+deb8u11_amd64.deb 7640797cbc0ef79818301e7b40f68d1f 14170 php optional php5-xsl_5.6.40+dfsg-0+deb8u11_amd64.deb ee2bd57fd97d7aa3ace81b526ccbb756 1314 php optional php5_5.6.40+dfsg-0+deb8u11_all.deb 5f939709762acfb77a659cc3a8693eb8 268812 php optional php-pear_5.6.40+dfsg-0+deb8u11_all.deb -----BEGIN PGP SIGNATURE----- iQKnBAEBCgCRFiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl6lXIJfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcTHGRlYmlhbkBh bHRlaG9sei5kZQAKCRCW/KwNOHtYR7dvD/4zO5o4WQ5syxFoSfzoDAcb0kqsqBv/ cNQSrA7c2NPm+ezOysQCcQ7lOte3tCJDjjbMDmewGfAiYqboRG8KDj8J4itiaKyL POQChr5z9IH/TgUbYqmHcZtya93Fanr+OJ+VScL/Jab3PHyK35VcbAulzgBZKqvN 7it2bqYd9wo5GpNQY4oIv/oZ+WJdxj+ju5rRmdPWVfiuU7gtCqheVMaRQ4hDkcfc 4Oz1m29mv2xmlvPGCxgu4q98XCWjdXlSRUvVXarmI3xuE0xSH2EPiRtH5kd4sFKU OBExQLcZnuvxb7ysTzN9w2BJ9xs/+aQg3GzdYQmA9BlArG9E0hRfzh5ekL4VHWN4 M160L4Lrt1H4X8sjUQ5PaWjx+jOjYjwk5QvEKFbuqHnMqRkgJmMQfWQlaXcVNzzg OlxRzThGd0gE4wNk0YPJAUFo+oB0kbPzbbwp9opsGhN7h6uoXw2f/t4JyGZqBT0L PBTheqWfaMhXD3+cG4KaKvTa0vAtY7OStkmmSACfVOSWts4SIoU3zg+yYjWtyr+R GNi730Me9iZqKuvs6vugQQ9x3nAyE8TG6sLg4aCxavuOWnjVuWDHkUqL+pBzktBR /rGhuNt81ZLvmT9i4iZby9GkGhVAC6k4o4HhR3h92l7XGU9EAoRVpAvvHKJRSleL wdFT/fPLWbNJIA== =ekmR -----END PGP SIGNATURE-----