-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 30 Sep 2008 20:19:42 +0200 Source: php5 Binary: php5-gd php5-ldap php5 php5-xmlrpc php5-pspell libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-tidy php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mcrypt php5-mysql php5-common php5-imap php5-snmp php5-dev php5-sqlite libapache-mod-php5 php5-interbase Architecture: source amd64 all Version: 5.2.0-8+etch13 Distribution: stable-security Urgency: high Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org> Changed-By: Sean Finney <seanius@debian.org> Description: libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 module) libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2 module) php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (meta-package) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dev - Files for PHP5 module development php5-gd - GD module for php5 php5-imap - IMAP module for php5 php5-interbase - interbase/firebird module for php5 php5-ldap - LDAP module for php5 php5-mcrypt - MCrypt module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Closes: 499987 499988 499989 Changes: php5 (5.2.0-8+etch13) stable-security; urgency=high . * Upload to etch for security issues * The following security issues are addressed with this update: - CVE-2008-3658: Buffer overflow in the imageloadfont function. Patch: 140-CVE-2008-3658.patch (closes: #499989) - CVE-2008-3659: Buffer overflow in the memnstr function. Patch: 139-CVE-2008-3659.patch (closes: #499988) - CVE-2008-3660: Remote DoS in fastcgi module Patch: CVE-2008-3660.patch (closes: #499987) * Revert previous security patch for CVE-2008-2829. A fix for this will not be possible without an updated version of the UW c-client libraries. Files: 8ba966963b8c4b37ea56d0cef80e7039 1978 web optional php5_5.2.0-8+etch13.dsc 10f6d3ac9ecccb7373f40c0d99cdf43f 121493 web optional php5_5.2.0-8+etch13.diff.gz 9e1a1da6055242b0d001f4c9ff0b1f7d 218156 web optional php5-common_5.2.0-8+etch13_amd64.deb 52db652f6553a9d85e20a5f02675a6f5 2510644 web optional libapache-mod-php5_5.2.0-8+etch13_amd64.deb 5590d5644b1cbbcbb1c96c06b387d605 2511216 web optional libapache2-mod-php5_5.2.0-8+etch13_amd64.deb c2d801cdaf7781dc896faf04a5105d3f 4864388 web optional php5-cgi_5.2.0-8+etch13_amd64.deb 67b28d07935c3d1f5360b5e1bbe5a8c1 2452484 web optional php5-cli_5.2.0-8+etch13_amd64.deb 5bc06af75f92bdc8003100ec6d9d3431 345886 devel optional php5-dev_5.2.0-8+etch13_amd64.deb c6636b1548c75a08102f51db0d527c00 24988 web optional php5-curl_5.2.0-8+etch13_amd64.deb 5dd902475c072d734052582c6f7d2e85 37120 web optional php5-gd_5.2.0-8+etch13_amd64.deb eaaf935241a1563d73f81a6821a3167a 36718 web optional php5-imap_5.2.0-8+etch13_amd64.deb d319c606452d700520bc07b24d49a35e 46612 web optional php5-interbase_5.2.0-8+etch13_amd64.deb d9a29cf09beae75e0d3aac598c960ce3 18664 web optional php5-ldap_5.2.0-8+etch13_amd64.deb ef48390d507f03c8fc6d028f77f1c61b 13488 web optional php5-mcrypt_5.2.0-8+etch13_amd64.deb 5b029983cc69277132bc6fb2e08695df 5256 web optional php5-mhash_5.2.0-8+etch13_amd64.deb 5b90295ca27a76a4f92d15cb95595547 71658 web optional php5-mysql_5.2.0-8+etch13_amd64.deb 273edb825157240950c36d0331836787 36404 web optional php5-odbc_5.2.0-8+etch13_amd64.deb d2331ea1c49360119dab7ad436b08105 53946 web optional php5-pgsql_5.2.0-8+etch13_amd64.deb dce351f52fd523687a9cd79e1fac9484 9400 web optional php5-pspell_5.2.0-8+etch13_amd64.deb 82aba5bf571bb3baeadc877428e23c5a 4900 web optional php5-recode_5.2.0-8+etch13_amd64.deb 497ad75dcae62d70eca61838b58674aa 12062 web optional php5-snmp_5.2.0-8+etch13_amd64.deb 863ce9407e2bb11139a21a367e4dd9e3 38568 web optional php5-sqlite_5.2.0-8+etch13_amd64.deb f628b370883ff7550045487c310b8bf9 19436 web optional php5-sybase_5.2.0-8+etch13_amd64.deb 586e2d9a90258e2748178c32e59bbd72 17568 web optional php5-tidy_5.2.0-8+etch13_amd64.deb 594d974c37abc09838b2ae6aad029a40 39158 web optional php5-xmlrpc_5.2.0-8+etch13_amd64.deb 72d9b79013abf3ce74a3c56fd90c1dc0 13030 web optional php5-xsl_5.2.0-8+etch13_amd64.deb f2233a4fe8d7bf941738e152a9f59871 1048 web optional php5_5.2.0-8+etch13_all.deb 0073d8cd1e953316e18a1ebdf4131c13 312520 web optional php-pear_5.2.0-8+etch13_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFI5Hz5ynjLPm522B0RAq7yAJ0QQmquH5ILBRWDjIG51fRpyic+/QCZAW5O Ja88pg1UGvwxloh9Jg6RZLM= =nwbW -----END PGP SIGNATURE----- Accepted: libapache-mod-php5_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_amd64.deb libapache2-mod-php5_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_amd64.deb php-pear_5.2.0-8+etch13_all.deb to pool/main/p/php5/php-pear_5.2.0-8+etch13_all.deb php5-cgi_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-cgi_5.2.0-8+etch13_amd64.deb php5-cli_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-cli_5.2.0-8+etch13_amd64.deb php5-common_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-common_5.2.0-8+etch13_amd64.deb php5-curl_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-curl_5.2.0-8+etch13_amd64.deb php5-dev_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-dev_5.2.0-8+etch13_amd64.deb php5-gd_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-gd_5.2.0-8+etch13_amd64.deb php5-imap_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-imap_5.2.0-8+etch13_amd64.deb php5-interbase_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-interbase_5.2.0-8+etch13_amd64.deb php5-ldap_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-ldap_5.2.0-8+etch13_amd64.deb php5-mcrypt_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-mcrypt_5.2.0-8+etch13_amd64.deb php5-mhash_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-mhash_5.2.0-8+etch13_amd64.deb php5-mysql_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-mysql_5.2.0-8+etch13_amd64.deb php5-odbc_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-odbc_5.2.0-8+etch13_amd64.deb php5-pgsql_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-pgsql_5.2.0-8+etch13_amd64.deb php5-pspell_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-pspell_5.2.0-8+etch13_amd64.deb php5-recode_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-recode_5.2.0-8+etch13_amd64.deb php5-snmp_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-snmp_5.2.0-8+etch13_amd64.deb php5-sqlite_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-sqlite_5.2.0-8+etch13_amd64.deb php5-sybase_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-sybase_5.2.0-8+etch13_amd64.deb php5-tidy_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-tidy_5.2.0-8+etch13_amd64.deb php5-xmlrpc_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_amd64.deb php5-xsl_5.2.0-8+etch13_amd64.deb to pool/main/p/php5/php5-xsl_5.2.0-8+etch13_amd64.deb php5_5.2.0-8+etch13.diff.gz to pool/main/p/php5/php5_5.2.0-8+etch13.diff.gz php5_5.2.0-8+etch13.dsc to pool/main/p/php5/php5_5.2.0-8+etch13.dsc php5_5.2.0-8+etch13_all.deb to pool/main/p/php5/php5_5.2.0-8+etch13_all.deb