-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Feb 2016 11:17:00 +0100 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-dev php5-dbg php-pear php5-curl php5-enchant php5-gd php5-gmp php5-imap php5-interbase php5-intl php5-ldap php5-mcrypt php5-mysql php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: source i386 all Version: 5.3.3.1-7+squeeze29 Distribution: squeeze-lts Urgency: high Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org> Changed-By: Thorsten Alteholz <debian@alteholz.de> Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-enchant - Enchant module for php5 php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-imap - IMAP module for php5 php5-interbase - interbase/firebird module for php5 php5-intl - internationalisation module for php5 php5-ldap - LDAP module for php5 php5-mcrypt - MCrypt module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Changes: php5 (5.3.3.1-7+squeeze29) squeeze-lts; urgency=high . * Non-maintainer upload by the Squeeze LTS Team. * CVE-2015-2305 Integer overflow in the regcomp implementation in the Henry Spencer BSD regex library (aka rxspencer) alpha3.8.g5 on 32-bit platforms, as used in NetBSD through 6.1.5 and other products, might allow context-dependent attackers to execute arbitrary code via a large regular expression that leads to a heap-based buffer overflow. * CVE-2015-2348 The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 truncates a pathname upon encountering a \x00 character, which allows remote attackers to bypass intended extension restrictions and create files with unexpected names via a crafted second argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243. * CVE-2016-tmp, Bug #71039 exec functions ignore length but look for NULL termination * CVE-2016-tmp, Bug #71089 No check to duplicate zend_extension * CVE-2016-tmp, Bug #71201 round() segfault on 64-bit builds * CVE-2016-tmp, Bug #71459 Integer overflow in iptcembed() * CVE-2016-tmp, Bug #71354 Heap corruption in tar/zip/phar parser * CVE-2016-tmp, Bug #71391 NULL Pointer Dereference in phar_tar_setupmetadata() * CVE-2016-tmp, Bug #70979 Crash on bad SOAP request Checksums-Sha1: 2c3af6f086533c65aa97f3b997db43a4b3c18cc1 3324 php5_5.3.3.1-7+squeeze29.dsc 8b9b76e7f141eed67907b63d0a8559bb4fd7ba8b 14874880 php5_5.3.3.1-7+squeeze29.tar.gz 1a2b8a0a424ecf52b346d73665b89be24772d16f 560184 php5-common_5.3.3.1-7+squeeze29_i386.deb bad86dad53c228734090475e2412d2edf6eb1f48 2892026 libapache2-mod-php5_5.3.3.1-7+squeeze29_i386.deb 69f4229c00b66eec8d28bc36628a262d78459465 2891170 libapache2-mod-php5filter_5.3.3.1-7+squeeze29_i386.deb 124df9d7ab7be3a811a384aba61ef670ddd2786b 5724088 php5-cgi_5.3.3.1-7+squeeze29_i386.deb 866820a8b9d1448ce052bc5e4346c2dbde82ce9c 2862078 php5-cli_5.3.3.1-7+squeeze29_i386.deb bce4a1936b935715afc88fb8293acb7d3c0198d5 409528 php5-dev_5.3.3.1-7+squeeze29_i386.deb 8ab7588a023b7e4bc25f45884fd5058e17170642 10473312 php5-dbg_5.3.3.1-7+squeeze29_i386.deb c97d09d09a2879248aa88273859c10bccaddb70d 25570 php5-curl_5.3.3.1-7+squeeze29_i386.deb fd42903c26a30247bc9dcc879bcdde0ef28b0855 7808 php5-enchant_5.3.3.1-7+squeeze29_i386.deb 782db22d39d25f65931be7f76144b914fe882d80 34806 php5-gd_5.3.3.1-7+squeeze29_i386.deb 21b6f7570498cb3c761297d6cf15e40dba18267d 14164 php5-gmp_5.3.3.1-7+squeeze29_i386.deb 3770cf7a572310788ed5507f1ea3174d875fb467 31776 php5-imap_5.3.3.1-7+squeeze29_i386.deb ddb439173da714d514a0d09753b9927daf494cd6 46502 php5-interbase_5.3.3.1-7+squeeze29_i386.deb e4241dabcbb7ce21a0d299b04d5cf82da2e2e720 54022 php5-intl_5.3.3.1-7+squeeze29_i386.deb 145b1baea1159cca8907d4ed5143be38f4831ea2 17534 php5-ldap_5.3.3.1-7+squeeze29_i386.deb 0a6cdf4a0e80400e968e2c5e33787407fec3d8be 13528 php5-mcrypt_5.3.3.1-7+squeeze29_i386.deb a98fb2c5f958f457a8db3300894c027141bdcbb7 66410 php5-mysql_5.3.3.1-7+squeeze29_i386.deb 4259c23252af8b9da33d399a4de41d54e741fc86 31340 php5-odbc_5.3.3.1-7+squeeze29_i386.deb c29bfde0b054b9fc1086f98ad492cfbe0c762e6c 54938 php5-pgsql_5.3.3.1-7+squeeze29_i386.deb 4813ba2e0e352a21dd336de2aef3978feec3a02b 7314 php5-pspell_5.3.3.1-7+squeeze29_i386.deb 3de4a9004f01abe6b521401f1132d71e1ac7f637 4084 php5-recode_5.3.3.1-7+squeeze29_i386.deb 234b493dfb6b99b09d78ab5c4c50171f7a525666 10208 php5-snmp_5.3.3.1-7+squeeze29_i386.deb 4b8e62c34ee98ddf6b2ae498bc62413324861d73 48080 php5-sqlite_5.3.3.1-7+squeeze29_i386.deb c3be71a0bf123d3c3bd89896a7793f1038121c83 23246 php5-sybase_5.3.3.1-7+squeeze29_i386.deb 77dc09317fd6bf5d2cd933904dcf37751882a3b0 16398 php5-tidy_5.3.3.1-7+squeeze29_i386.deb 3b08cda66b6fe674aa80149227774b3377684b21 31894 php5-xmlrpc_5.3.3.1-7+squeeze29_i386.deb c2066976bc5757f509c42a85338a476b219b06a5 12980 php5-xsl_5.3.3.1-7+squeeze29_i386.deb 2e72db14d3e9201886354a9b01843ec8b98c7144 1062 php5_5.3.3.1-7+squeeze29_all.deb 681ae0d725a70fd01075fecfb96bc3c8e3a6bc03 360322 php-pear_5.3.3.1-7+squeeze29_all.deb Checksums-Sha256: 1369a9f37445fc0a89e52553d05a4d37595df5936bf0e5e1706f7c2abd85ae45 3324 php5_5.3.3.1-7+squeeze29.dsc b7fdb557e05ebb8510950bafe736401b4cdd48703f9f5010b0f0ee7d7aec116b 14874880 php5_5.3.3.1-7+squeeze29.tar.gz aa926d2f580eba0d4d3862d3f3632b8e57d6b60822d5364b74121b7df99ae442 560184 php5-common_5.3.3.1-7+squeeze29_i386.deb a665bda8a37cdbe8641f68c90f568f8aa9566376847592071eaf263360cbe7e6 2892026 libapache2-mod-php5_5.3.3.1-7+squeeze29_i386.deb 07f75278da437d73f3724e939d53dd082b408f2dd42182e5bd5ff9101dfccd29 2891170 libapache2-mod-php5filter_5.3.3.1-7+squeeze29_i386.deb fab7a79aef4ce5c20f22df9d0aab398989ae405f9cde7d5bbc3281ddca959d26 5724088 php5-cgi_5.3.3.1-7+squeeze29_i386.deb 477baf25d2784ee5a789eaea7156db0177e10961cd96e01e025a5a0a02f8e893 2862078 php5-cli_5.3.3.1-7+squeeze29_i386.deb c071ab24bee787ef59a9437a8504f0e31713102bef2ae7feb77fd294b151db0f 409528 php5-dev_5.3.3.1-7+squeeze29_i386.deb 37fca222b766e7290313d67f2a6f0d47a44c7b04f0cd11952aeda603b6325fc8 10473312 php5-dbg_5.3.3.1-7+squeeze29_i386.deb fed4f3d94cabd9533a4fe2f0fc4fc8ded3164ed6c2594780be7f6e1f27bc2e88 25570 php5-curl_5.3.3.1-7+squeeze29_i386.deb 10200e3f46ac31b5089495f7d60fd5d36af94d7da542373b5b0308947cef98c3 7808 php5-enchant_5.3.3.1-7+squeeze29_i386.deb 3c08655a92279f1763b386c7ed73ff5d68dd3c5fb109c56c5ab8ce1dc31a1c5f 34806 php5-gd_5.3.3.1-7+squeeze29_i386.deb f32707e1653436030582c14a5eac8713b0fdaeff479a9f39bf86126b4ca2ebb8 14164 php5-gmp_5.3.3.1-7+squeeze29_i386.deb 72def800f2d398701738064a1a73523d4a3d18574db33b59778fa0a94a2d33fc 31776 php5-imap_5.3.3.1-7+squeeze29_i386.deb 2043698012ec53155f86350a6f00b67b8f4b91022001c7fcd42fb9b2e34cc6fc 46502 php5-interbase_5.3.3.1-7+squeeze29_i386.deb a2bc75411983bc10f10a620f9c7aa275c6219b15d3517578b59be750dae7113a 54022 php5-intl_5.3.3.1-7+squeeze29_i386.deb 5ede622504503bb76296a2f3a9cf9a7da0863fb7229f4ba091bd2de2d8cf5d2a 17534 php5-ldap_5.3.3.1-7+squeeze29_i386.deb 85aa03513d3dd9f2ea5979c6b137cdba6f771b295537d93b43a49697768b55f1 13528 php5-mcrypt_5.3.3.1-7+squeeze29_i386.deb d486575ee35fcc56de03df6a8b95206706017fd03df2b4c599aed1cb2ba14112 66410 php5-mysql_5.3.3.1-7+squeeze29_i386.deb 428cfa4807d1e5787b60c207958ed28e9c84c1bc2bc0010c7021ae5437743876 31340 php5-odbc_5.3.3.1-7+squeeze29_i386.deb 2c3a0df85b80d334a7ddf696bdf45b66fed94dd5c7cbe17c30a1f2e749e5c1f7 54938 php5-pgsql_5.3.3.1-7+squeeze29_i386.deb 57bb29364d48d3aca3d06935f9e8e6dcc789787f32acce96e3ca0b862f10a9e3 7314 php5-pspell_5.3.3.1-7+squeeze29_i386.deb cba5275d3a0c4530d3a9dddb71e650b79e16f1f2d4bf54667901aed99bef721a 4084 php5-recode_5.3.3.1-7+squeeze29_i386.deb 1c8400000aed26cfd8128ce5d6ae782035a461a8f1fa1faf8212831356eae7d0 10208 php5-snmp_5.3.3.1-7+squeeze29_i386.deb ff73d49300439ee91391c475187c40f7d952bab224465c1a2337a97d8f6e7430 48080 php5-sqlite_5.3.3.1-7+squeeze29_i386.deb eef78abf5af9efd72cbb5dc971520a61e351b44e592a564d7431247089b8cb35 23246 php5-sybase_5.3.3.1-7+squeeze29_i386.deb a5d9351e6abb2b529ba618dd39c113c2caba17764eb50eb511e7a0eabe713f8b 16398 php5-tidy_5.3.3.1-7+squeeze29_i386.deb 133dd4bdd2ed1e3334dfb3914b38ee2071161f558662797ea67c7e66b1c62fd3 31894 php5-xmlrpc_5.3.3.1-7+squeeze29_i386.deb c4b16dd9da500e0ec358e2ad45a1552f97c8adb880813a62873995aaeeea458e 12980 php5-xsl_5.3.3.1-7+squeeze29_i386.deb 9c2578fbcb61adaffefaa420ec910399bb8cfce455e8c41c59644749c3de60a3 1062 php5_5.3.3.1-7+squeeze29_all.deb 8a3ee017539a2f802e21163e030944fe79b8996422f1244e009dc21d87f6af73 360322 php-pear_5.3.3.1-7+squeeze29_all.deb Files: 49fc29298bb4c39b43801ec36721d9cf 3324 php optional php5_5.3.3.1-7+squeeze29.dsc 4c1e904521505c9e6fa13eed65d23339 14874880 php optional php5_5.3.3.1-7+squeeze29.tar.gz d345cd495e0a06bb10c9add7bd047b4f 560184 php optional php5-common_5.3.3.1-7+squeeze29_i386.deb 75453da2d34419c39f01d679f0839e11 2892026 httpd optional libapache2-mod-php5_5.3.3.1-7+squeeze29_i386.deb ea0886572a0d16fed3a8f5464be637a3 2891170 httpd optional libapache2-mod-php5filter_5.3.3.1-7+squeeze29_i386.deb bd7c8aea628f9c93c6f1e305ae2fd913 5724088 php optional php5-cgi_5.3.3.1-7+squeeze29_i386.deb 1a4cc3eb5d6ae25aa814c1c5c3a8e011 2862078 php optional php5-cli_5.3.3.1-7+squeeze29_i386.deb ee6b3b6a1dd2cbc7f669427df9f7dd84 409528 php optional php5-dev_5.3.3.1-7+squeeze29_i386.deb 5b89105a58b4eb17ab2f9f5f20f0c236 10473312 debug extra php5-dbg_5.3.3.1-7+squeeze29_i386.deb 39c30766acfaf51320d73efe164d4dc5 25570 php optional php5-curl_5.3.3.1-7+squeeze29_i386.deb 55e1cf6770850acacce920a90389c09a 7808 php optional php5-enchant_5.3.3.1-7+squeeze29_i386.deb dfc784f079b6457d50e61f9570ed9844 34806 php optional php5-gd_5.3.3.1-7+squeeze29_i386.deb baeecaf4f6d8fe93784e56ccf2dc1264 14164 php optional php5-gmp_5.3.3.1-7+squeeze29_i386.deb a90bb6ec81eb9e7691eaf34e0c764adf 31776 php optional php5-imap_5.3.3.1-7+squeeze29_i386.deb 9ad213dfcf0bf9f081bb1ce91ec91157 46502 php optional php5-interbase_5.3.3.1-7+squeeze29_i386.deb 52d5b6e7877e43502b3d5864f24f2a54 54022 php optional php5-intl_5.3.3.1-7+squeeze29_i386.deb e31b9de9d4ae11034cea0f523412c517 17534 php optional php5-ldap_5.3.3.1-7+squeeze29_i386.deb 142ffabc10854187af568760067cf406 13528 php optional php5-mcrypt_5.3.3.1-7+squeeze29_i386.deb 18993ebacd11df55b4925ba7a625db19 66410 php optional php5-mysql_5.3.3.1-7+squeeze29_i386.deb 78edcc3440840faa5459031c38b01039 31340 php optional php5-odbc_5.3.3.1-7+squeeze29_i386.deb 53b377b05c2ce33a8a6d15cf493e5a4a 54938 php optional php5-pgsql_5.3.3.1-7+squeeze29_i386.deb d85fb1ee444df89008f9fec465fb7d75 7314 php optional php5-pspell_5.3.3.1-7+squeeze29_i386.deb 807df2877fcccb7bc02044bc604e095b 4084 php optional php5-recode_5.3.3.1-7+squeeze29_i386.deb 6aa06a312a6d740cd4519cce64c12414 10208 php optional php5-snmp_5.3.3.1-7+squeeze29_i386.deb 0e16a7ab3a3026a3f3137a738d154d0d 48080 php optional php5-sqlite_5.3.3.1-7+squeeze29_i386.deb 87afb37b26722ba1fd806a02515331ae 23246 php optional php5-sybase_5.3.3.1-7+squeeze29_i386.deb dab676139cf282ffbcb252c3a53ba17d 16398 php optional php5-tidy_5.3.3.1-7+squeeze29_i386.deb 8e1e0d0f765e2d73a9a7b9300afa6ec0 31894 php optional php5-xmlrpc_5.3.3.1-7+squeeze29_i386.deb 9399db659843c8a7aa455fefae4bebf3 12980 php optional php5-xsl_5.3.3.1-7+squeeze29_i386.deb 9683a4bec7042117d9c0303c6c289493 1062 php optional php5_5.3.3.1-7+squeeze29_all.deb 802304ffb5c32227479bf046f5931af0 360322 php optional php-pear_5.3.3.1-7+squeeze29_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQJ8BAEBCgBmBQJW1Iw4XxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5 NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHHtkP/1OWrcmp4sRlMVhT94RLJjhJ HZsictEUzXWQ5GvIP52a0PB/5B+7/XpHTn+lE1d8mw+nUmgzL1UUzl8z9hVgZcQp ZOEKw3hz91q7F1N3RdCdiEowv2Sdw90AvsZXHhwVBQ8oYo5axsTv4rzVFRkX3X7t xc7IUCee62+sjoE9uMWdpRxjAjZHalepBBd/F+wp6VY/4Mv3ZP/EmckLzVNuud60 xDtWEVT4PyPss0/rIbn3d9p7uQLsyupkZaCXd9XDpa8nU39vjwM3kKutkApcWwHS WGiCe/C+dJsmXOUOwEnR96DaXN+exq2tvG5954Hj+oV7Cb8DZ8OL0uubdvIEEXfq APSzlup3LeQTPhqhMU4OQmN8eI1hMaeU/gQ/Rv6UBkbCthPY6MM2tOI8/8Te5piK k60Kd4A5QGcFZwAQIpWJ7/rcG15fUo5QyWtwZAlAl4H7cnx/V5sgtf421iCS1UkS KZaiTOkuhypL9JDkaAHEp6rzOZu/s67IygVvwFnl9wd/JzGw2Q1fB4aHcpWLOP0T LdZPyqp4xlSN75nmXG2Bbag12ZYLuVyTgEJjS/VxmsmaJ4omWmcmXJ2OdINl7Tf+ DUkVWAKAHujQ1bXsnp7phRYf63zhDlolMa64cKmPL+QYJ0dR5SYyh2j9ch9buX8q DUPqOgtMJUgM38ie/rJ4 =Q04G -----END PGP SIGNATURE-----