-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 22 Apr 2007 21:45:12 +0200 Source: php4 Binary: php4-sybase php4-recode php4-pspell php4-cgi libapache-mod-php4 php4-interbase php4-mcrypt php4-cli php4-dev php4-snmp libapache2-mod-php4 php4-odbc php4-xslt php4-mysql php4-domxml php4-gd php4-ldap php4-imap php4-common php4 php4-curl php4-pear php4-mcal php4-pgsql php4-mhash Architecture: source i386 all Version: 6:4.4.4-8+etch2 Distribution: stable-security Urgency: high Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org> Changed-By: Moritz Muehlenhoff <jmm@debian.org> Description: libapache-mod-php4 - server-side, HTML-embedded scripting language (apache 1.3 module) libapache2-mod-php4 - server-side, HTML-embedded scripting language (apache 2 module) php4 - server-side, HTML-embedded scripting language (meta-package) php4-cgi - server-side, HTML-embedded scripting language (CGI binary) php4-cli - command-line interpreter for the php4 scripting language php4-common - Common files for packages built from the php4 source php4-curl - CURL module for php4 php4-dev - Files for PHP4 module development php4-domxml - XMLv2 module for php4 php4-gd - GD module for php4 php4-imap - IMAP module for php4 php4-interbase - interbase/firebird module for php4 php4-ldap - LDAP module for php4 php4-mcal - MCAL calendar module for php4 php4-mcrypt - MCrypt module for php4 php4-mhash - MHASH module for php4 php4-mysql - MySQL module for php4 php4-odbc - ODBC module for php4 php4-pear - PHP Extension and Application Repository (transitional package) php4-pgsql - PostgreSQL module for php4 php4-pspell - pspell module for php4 php4-recode - Character recoding module for php4 php4-snmp - SNMP module for php4 php4-sybase - Sybase / MS SQL Server module for php4 php4-xslt - XSLT module for php4 Changes: php4 (6:4.4.4-8+etch2) stable-security; urgency=high . * Non-maintainer upload by the Security Team (with the usual excellent help of Sean Finney). Fixes for several vulnerabilities discovered during the Month of PHP Bugs: - MOPB 04/CVE-2007-1286: ZVAL reference counter overflow - MOPB 10/CVE-2007-1380: Session extention heap information leak - MOPB 22/CVE-2007-1521: Session identifier double free - MOPB 32/CVE-2007-0910: Updated patch, fixes double free regression - MOPB 34/CVE-2007-1718: mail() header injection - MOPB 35/CVE-2007-1777: zip parsing integer overflow Files: ca94b91d80126bdc3c33590e0d1731dd 2002 web optional php4_4.4.4-8+etch2.dsc e884b9b7c2e936310553c946bc2f67c2 5555168 web optional php4_4.4.4.orig.tar.gz 569f1889825be999cf57e1c5bd554753 200183 web optional php4_4.4.4-8+etch2.diff.gz 743f2b0a08fffcfa7ab612e6bbd7cc37 206676 web optional php4-common_4.4.4-8+etch2_i386.deb f6b3ab3222f83cbf75f577248aee1087 1595272 web optional libapache-mod-php4_4.4.4-8+etch2_i386.deb cec7ac4cbab8d7565d699acbe9e68998 1596798 web optional libapache2-mod-php4_4.4.4-8+etch2_i386.deb 455c915590b032e75f0f90c68c39f7a9 3175408 web optional php4-cgi_4.4.4-8+etch2_i386.deb 6a930288e4655d2439f6974d307dd770 1596654 web optional php4-cli_4.4.4-8+etch2_i386.deb 3620aafdf8b8079d99958fa940239bf6 201168 devel optional php4-dev_4.4.4-8+etch2_i386.deb 34cb3155e53f1d4055c0831a5e9bc38c 15920 web optional php4-curl_4.4.4-8+etch2_i386.deb 07ee9f476bda386d11f5f8d8c3ddcbe8 35032 web optional php4-domxml_4.4.4-8+etch2_i386.deb 8c47e08d7cbeedeae8b2522487054b5a 29638 web optional php4-gd_4.4.4-8+etch2_i386.deb 4ebacc751c2a446eb578bef9a56ead7b 33232 web optional php4-imap_4.4.4-8+etch2_i386.deb f7e325286fbe7d75febf8ade72d03ec3 23148 web optional php4-interbase_4.4.4-8+etch2_i386.deb 8b0ea78a6d8f547826019450246db02f 17050 web optional php4-ldap_4.4.4-8+etch2_i386.deb 8041a27b06f19df4a6c8fa3f56382505 14058 web optional php4-mcal_4.4.4-8+etch2_i386.deb a747fd85802631daa9a83c818b6ce2d0 13156 web optional php4-mcrypt_4.4.4-8+etch2_i386.deb 3e141df6e0c1dd20b51fb7783aac2291 5036 web optional php4-mhash_4.4.4-8+etch2_i386.deb 5c790509e5c074fdbe07bc614f9cfb04 18544 web optional php4-mysql_4.4.4-8+etch2_i386.deb b6cda3e759e0e881aec3eeb1bfe7a9ae 24546 web optional php4-odbc_4.4.4-8+etch2_i386.deb df9b0ca3554ed3c2be8cf746284773a0 33832 web optional php4-pgsql_4.4.4-8+etch2_i386.deb 74387be9eb05087703bdb9e75b44f898 8430 web optional php4-pspell_4.4.4-8+etch2_i386.deb f0239f514b158e2418543f3e0f9bf4e6 4754 web optional php4-recode_4.4.4-8+etch2_i386.deb e7a53228b63aec8df41e1bce1c8ffc47 10256 web optional php4-snmp_4.4.4-8+etch2_i386.deb f14a8e5a66e602dabf593d2715b093bd 18056 web optional php4-sybase_4.4.4-8+etch2_i386.deb 5b8312c1e70d3e87484da144acd0003f 13192 web optional php4-xslt_4.4.4-8+etch2_i386.deb 5655499d24b45300b60402032344620f 1164 web optional php4_4.4.4-8+etch2_all.deb 0f7d6a3667c882abdef300ccd39203bf 1176 web optional php4-pear_4.4.4-8+etch2_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFGK9USXm3vHE4uyloRAp+VAKCDJ9L5sHo4cgaZeqRVuRjtcyA+CQCdFeLT Cp/LJYdJDDMWjGO3YOJ1bkI= =zMaf -----END PGP SIGNATURE----- Accepted: libapache-mod-php4_4.4.4-8+etch2_i386.deb to pool/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_i386.deb libapache2-mod-php4_4.4.4-8+etch2_i386.deb to pool/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_i386.deb php4-cgi_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-cgi_4.4.4-8+etch2_i386.deb php4-cli_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-cli_4.4.4-8+etch2_i386.deb php4-common_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-common_4.4.4-8+etch2_i386.deb php4-curl_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-curl_4.4.4-8+etch2_i386.deb php4-dev_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-dev_4.4.4-8+etch2_i386.deb php4-domxml_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-domxml_4.4.4-8+etch2_i386.deb php4-gd_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-gd_4.4.4-8+etch2_i386.deb php4-imap_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-imap_4.4.4-8+etch2_i386.deb php4-interbase_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-interbase_4.4.4-8+etch2_i386.deb php4-ldap_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-ldap_4.4.4-8+etch2_i386.deb php4-mcal_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-mcal_4.4.4-8+etch2_i386.deb php4-mcrypt_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-mcrypt_4.4.4-8+etch2_i386.deb php4-mhash_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-mhash_4.4.4-8+etch2_i386.deb php4-mysql_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-mysql_4.4.4-8+etch2_i386.deb php4-odbc_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-odbc_4.4.4-8+etch2_i386.deb php4-pear_4.4.4-8+etch2_all.deb to pool/main/p/php4/php4-pear_4.4.4-8+etch2_all.deb php4-pgsql_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-pgsql_4.4.4-8+etch2_i386.deb php4-pspell_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-pspell_4.4.4-8+etch2_i386.deb php4-recode_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-recode_4.4.4-8+etch2_i386.deb php4-snmp_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-snmp_4.4.4-8+etch2_i386.deb php4-sybase_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-sybase_4.4.4-8+etch2_i386.deb php4-xslt_4.4.4-8+etch2_i386.deb to pool/main/p/php4/php4-xslt_4.4.4-8+etch2_i386.deb php4_4.4.4-8+etch2.diff.gz to pool/main/p/php4/php4_4.4.4-8+etch2.diff.gz php4_4.4.4-8+etch2.dsc to pool/main/p/php4/php4_4.4.4-8+etch2.dsc php4_4.4.4-8+etch2_all.deb to pool/main/p/php4/php4_4.4.4-8+etch2_all.deb