-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thu, 21 Feb 2008 07:09:01 +0100 Source: php5 Binary: php5-gd php5-ldap php5 php5-xmlrpc php5-pspell libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-tidy php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mcrypt php5-mysql php5-common php5-imap php5-snmp php5-dev php5-sqlite libapache-mod-php5 php5-interbase Architecture: source i386 all Version: 5.2.0-8+etch11 Distribution: stable-security Urgency: high Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org> Changed-By: sean finney <seanius@debian.org> Description: libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 module) libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2 module) php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (meta-package) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dev - Files for PHP5 module development php5-gd - GD module for php5 php5-imap - IMAP module for php5 php5-interbase - interbase/firebird module for php5 php5-ldap - LDAP module for php5 php5-mcrypt - MCrypt module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Closes: 459020 479723 Changes: php5 (5.2.0-8+etch11) stable-security; urgency=high . * Upload to etch for security issues. * The following security issues are addressed with this update: - CVE-2007-3806: glob denial of service - CVE-2008-1384: integer overflow in printf() - CVE-2008-2050: possible stack buffer overflow in the FastCGI SAPI - CVE-2008-2051: incomplete multibyte chars inside escapeshellcmd() closes: #479723 . php5 (5.2.0-8+etch11~p1) stable; urgency=high . * zend_parse_parameters does not handle size_t's, causing issues with 043-recode_size_t.patch and segmentation faults for recode-using pages. changed problematic parameters back to "int" and added an overflow check. thanks to Thomas Stegbauer, Tim Dijkstra, Bart Cortooms, Sebastian Göbel, and Vincent Tondellier for their reports. closes: #459020. Files: 3e8ad8ca8cc172c304768666383ebbc9 2270 web optional php5_5.2.0-8+etch11.dsc ea2e45b0854e3837d66e570f0330592a 916209 web optional php5_5.2.0-8+etch11.diff.gz 67165436c7332cad7e617a1c7ba23a6a 216436 web optional php5-common_5.2.0-8+etch11_i386.deb cd24e72308c9a3522dc3d9b249118b90 2412826 web optional libapache-mod-php5_5.2.0-8+etch11_i386.deb bf9a64884732f6613852671f05d53f7e 2413316 web optional libapache2-mod-php5_5.2.0-8+etch11_i386.deb cbcd560954179345119dafeef18d711b 4757388 web optional php5-cgi_5.2.0-8+etch11_i386.deb 81caf9afe0c288a75615d667be22e305 2397708 web optional php5-cli_5.2.0-8+etch11_i386.deb efa56ef4145fa46d8ca2545cdd4c064f 349070 devel optional php5-dev_5.2.0-8+etch11_i386.deb 363b5b4a86b351471af72045d35ecaf9 24470 web optional php5-curl_5.2.0-8+etch11_i386.deb 2a4a581d79640faff08a527203ce5ec3 33410 web optional php5-gd_5.2.0-8+etch11_i386.deb 3d2aa86d92bb0f863e2ff2a89d3db0b1 34492 web optional php5-imap_5.2.0-8+etch11_i386.deb 77c5c8fb872edc3c6be892e27ef6d922 44382 web optional php5-interbase_5.2.0-8+etch11_i386.deb 6f369ddd9d72999ad020c610cd20097a 17244 web optional php5-ldap_5.2.0-8+etch11_i386.deb fa42ab2e0e6deb4548ab9e798d02e6cf 12832 web optional php5-mcrypt_5.2.0-8+etch11_i386.deb d894cd54608dd355a3ab70f3abfde3fd 5048 web optional php5-mhash_5.2.0-8+etch11_i386.deb 64e9d20b6474561c3aa97d7e6fb4e45d 64684 web optional php5-mysql_5.2.0-8+etch11_i386.deb f12363b920702c9d0263c4ac173dfef3 33432 web optional php5-odbc_5.2.0-8+etch11_i386.deb 7285f424f23121b0a421f0d0336e17ac 50482 web optional php5-pgsql_5.2.0-8+etch11_i386.deb 88c4c31a65fc2cecedeaa051f89d2ce6 8626 web optional php5-pspell_5.2.0-8+etch11_i386.deb 93001e931fcd48c5c4d4344fbed3c959 4772 web optional php5-recode_5.2.0-8+etch11_i386.deb 1351bb06e1543a6a6fd41cde73a13d95 11304 web optional php5-snmp_5.2.0-8+etch11_i386.deb 3f9daacd91e8e7282056c7d8b74194ff 34494 web optional php5-sqlite_5.2.0-8+etch11_i386.deb 5e910225267b4bc620eb47ce81aa89dc 18406 web optional php5-sybase_5.2.0-8+etch11_i386.deb 1a2e4817f422d4560e00df78e0935fc6 16470 web optional php5-tidy_5.2.0-8+etch11_i386.deb 108db9ef7d31dfe1bacc3c14dd7fc97b 36446 web optional php5-xmlrpc_5.2.0-8+etch11_i386.deb 35d3142ebd5d51b244a004c5ac83725d 12250 web optional php5-xsl_5.2.0-8+etch11_i386.deb 586e42f3362ca1542baf751f588c8113 1046 web optional php5_5.2.0-8+etch11_all.deb 43475d1d330358729d695d2ef35b30dc 311398 web optional php-pear_5.2.0-8+etch11_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iQEVAwUBSCVv62z0hbPcukPfAQI8VggApeXN+zcPAG12/PfG00xumzYRK0SujZye Zb5eLPzB5CTYKfFjmf99ND4uILvhJ86+45XoHwikmNEI4xH1UwakEYd1+ihzAqnz Dn/rZ9Hvy/5u5ZAcphfUT9+dFgjsFbBs+ALPmgBeg56i1quPtGVvzfqozaJbMPoN EWkyXpYx9knzagSNSFfvc2f+gK0e6F9XQcqOiO0u9XJqJWeBiArXaZ8AUHQATgEw Pfwycu8EKmONOlLKiccpc9AsbPJ1KxJOMB9wb1PtyFnvCeyq54oo3/gY47rah6Yc n9VZh/KlTZgAgW0w8g6Qk9+N9iFu+/stSiVQrZVgbqC143zQEhAsOA== =hCwe -----END PGP SIGNATURE----- Accepted: libapache-mod-php5_5.2.0-8+etch11_i386.deb to pool/main/p/php5/libapache-mod-php5_5.2.0-8+etch11_i386.deb libapache2-mod-php5_5.2.0-8+etch11_i386.deb to pool/main/p/php5/libapache2-mod-php5_5.2.0-8+etch11_i386.deb php-pear_5.2.0-8+etch11_all.deb to pool/main/p/php5/php-pear_5.2.0-8+etch11_all.deb php5-cgi_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-cgi_5.2.0-8+etch11_i386.deb php5-cli_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-cli_5.2.0-8+etch11_i386.deb php5-common_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-common_5.2.0-8+etch11_i386.deb php5-curl_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-curl_5.2.0-8+etch11_i386.deb php5-dev_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-dev_5.2.0-8+etch11_i386.deb php5-gd_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-gd_5.2.0-8+etch11_i386.deb php5-imap_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-imap_5.2.0-8+etch11_i386.deb php5-interbase_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-interbase_5.2.0-8+etch11_i386.deb php5-ldap_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-ldap_5.2.0-8+etch11_i386.deb php5-mcrypt_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-mcrypt_5.2.0-8+etch11_i386.deb php5-mhash_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-mhash_5.2.0-8+etch11_i386.deb php5-mysql_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-mysql_5.2.0-8+etch11_i386.deb php5-odbc_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-odbc_5.2.0-8+etch11_i386.deb php5-pgsql_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-pgsql_5.2.0-8+etch11_i386.deb php5-pspell_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-pspell_5.2.0-8+etch11_i386.deb php5-recode_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-recode_5.2.0-8+etch11_i386.deb php5-snmp_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-snmp_5.2.0-8+etch11_i386.deb php5-sqlite_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-sqlite_5.2.0-8+etch11_i386.deb php5-sybase_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-sybase_5.2.0-8+etch11_i386.deb php5-tidy_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-tidy_5.2.0-8+etch11_i386.deb php5-xmlrpc_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-xmlrpc_5.2.0-8+etch11_i386.deb php5-xsl_5.2.0-8+etch11_i386.deb to pool/main/p/php5/php5-xsl_5.2.0-8+etch11_i386.deb php5_5.2.0-8+etch11.diff.gz to pool/main/p/php5/php5_5.2.0-8+etch11.diff.gz php5_5.2.0-8+etch11.dsc to pool/main/p/php5/php5_5.2.0-8+etch11.dsc php5_5.2.0-8+etch11_all.deb to pool/main/p/php5/php5_5.2.0-8+etch11_all.deb