Accepted php5 5.2.0-11 (source all amd64)

To: debian-devel-changes@lists.debian.org
Subject: Accepted php5 5.2.0-11 (source all amd64)
From: sean finney <seanius@debian.org>
Date: Mon, 23 Apr 2007 22:02:19 +0000
Message-id: <[🔎] E1Hg6bz-0004cS-9p@ries.debian.org>
Mail-followup-to: debian-devel@lists.debian.org
Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 23 Apr 2007 19:02:51 +0200
Source: php5
Binary: php5-gd php5-ldap php5 php5-xmlrpc php5-pspell libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-tidy php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mcrypt php5-mysql php5-common php5-imap php5-snmp php5-dev php5-sqlite libapache-mod-php5 php5-interbase
Architecture: source amd64 all
Version: 5.2.0-11
Distribution: unstable
Urgency: high
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Changed-By: sean finney <seanius@debian.org>
Description: 
 libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 module)
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2 module)
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (meta-package)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language
 php5-common - Common files for packages built from the php5 source
 php5-curl  - CURL module for php5
 php5-dev   - Files for PHP5 module development
 php5-gd    - GD module for php5
 php5-imap  - IMAP module for php5
 php5-interbase - interbase/firebird module for php5
 php5-ldap  - LDAP module for php5
 php5-mcrypt - MCrypt module for php5
 php5-mhash - MHASH module for php5
 php5-mysql - MySQL module for php5
 php5-odbc  - ODBC module for php5
 php5-pgsql - PostgreSQL module for php5
 php5-pspell - pspell module for php5
 php5-recode - recode module for php5
 php5-snmp  - SNMP module for php5
 php5-sqlite - SQLite module for php5
 php5-sybase - Sybase / MS SQL Server module for php5
 php5-tidy  - tidy module for php5
 php5-xmlrpc - XML-RPC module for php5
 php5-xsl   - XSL module for php5
Changes: 
 php5 (5.2.0-11) unstable; urgency=high
 .
   [ sean finney ]
   * The following security issues are addressed with this update:
     - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability
       * note that this is an update to the previous version of the upstream
         fix for CVE-2007-0910, which introduced a seperate exploit path.
     - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow
     - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak
     - CVE-2007-1375/MOPB-14 substr_compare() Information Leak Vulnerability
     - CVE-2007-1376/MOPB-15 shmop Functions Resource Verification Vulnerability
     - CVE-2007-1453/MOPB-18 ext/filter HTML Tag Stripping Bypass Vulnerability
     - CVE-2007-1453/MOPB-19 ext/filter Space Trimming Buffer Underflow Vuln.
     - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability
     - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln.
     - CVE-2007-1700/MOPB-30 _SESSION unset() Vulnerability
     - CVE-2007-1718/MOPB-34 mail() Header Injection
     - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability
     - CVE-2007-1887-1888/MOPB-41 sqlite_udf_decode_binary() Buffer Overflow
     - CVE-2007-1824/MOPB-42 php_stream_filter_create() Off By One Vulnerablity
     - CVE-2007-1889/MOPB-44 Memory Manager Signed Comparision Vulnerability
     - CVE-2007-1900/MOPB-45 ext/filter Email Validation Vulnerability
   * The other security issues resulting from the "Month of PHP bugs" either
     did not affect the version of php5 shipped in unstable, or did not merit
     a security update according to the established security policy for php
     in debian.  You are encouraged to verify that your configuration is not
     affected by any of the other vulnerabilities by visiting:
         http://www.php-security.org/
   * other, less interesting changes:
     - now use quilt for managing local patches.
     - massage all of the patches, eliminating fuzz and offsets.
Files: 
 c8957873f61008afdaa040e5178171f2 1975 web optional php5_5.2.0-11.dsc
 8b65d95de82b27f13504999d96c6b4c9 114942 web optional php5_5.2.0-11.diff.gz
 d920ba669246477f11767fbb90ff75a7 217226 web optional php5-common_5.2.0-11_amd64.deb
 d468e914a8ce8a5f43ac5c16ca35055f 2508136 web optional libapache-mod-php5_5.2.0-11_amd64.deb
 623a415dc31a5357ca1ffff59265d95b 2508808 web optional libapache2-mod-php5_5.2.0-11_amd64.deb
 92b2cfd5f149a5047ac889b133c9010d 4859226 web optional php5-cgi_5.2.0-11_amd64.deb
 3d9bed0a1dbc0b718bb7c71066d90208 2450310 web optional php5-cli_5.2.0-11_amd64.deb
 2b64f4908e6f45dfede777d731c53e2c 342008 devel optional php5-dev_5.2.0-11_amd64.deb
 d8c022abe55a832d52581acb330ff827 24958 web optional php5-curl_5.2.0-11_amd64.deb
 9c2d6a8981f7b5e12e46d753441914b5 37032 web optional php5-gd_5.2.0-11_amd64.deb
 2c035443b40327174219fad413f72eeb 36674 web optional php5-imap_5.2.0-11_amd64.deb
 949a9b01403b6a99c6f58500f8fa4666 46736 web optional php5-interbase_5.2.0-11_amd64.deb
 da7cdf744b29d8c2cc0473eb114af1ea 18648 web optional php5-ldap_5.2.0-11_amd64.deb
 140e5ec1d72f7b9e569c866fe45b42f6 13468 web optional php5-mcrypt_5.2.0-11_amd64.deb
 56dd3f236e00ff8f48c96875097ccd9d 5248 web optional php5-mhash_5.2.0-11_amd64.deb
 a0396ef66681075a8ed5953e1f61205b 71738 web optional php5-mysql_5.2.0-11_amd64.deb
 c2b11c79353f85d1a58422852fbc3c57 36388 web optional php5-odbc_5.2.0-11_amd64.deb
 cf41958cccac4ff7ccc840209a94b199 54136 web optional php5-pgsql_5.2.0-11_amd64.deb
 124a14eea292ea6dd0bdb7d7a5c2c082 9384 web optional php5-pspell_5.2.0-11_amd64.deb
 5d1e54171ab30f6bda1701abe076cfe9 4880 web optional php5-recode_5.2.0-11_amd64.deb
 60fe0d3d8def388be0f4b429c19d1d8e 12042 web optional php5-snmp_5.2.0-11_amd64.deb
 e9760893d9065bab71400ff00a362755 38414 web optional php5-sqlite_5.2.0-11_amd64.deb
 6737782360be96120be52d63f33cca4e 19416 web optional php5-sybase_5.2.0-11_amd64.deb
 7e99077f742025571b474849f2d00cf4 17548 web optional php5-tidy_5.2.0-11_amd64.deb
 707dc49241f874b8d2260b6fec3dea0b 39150 web optional php5-xmlrpc_5.2.0-11_amd64.deb
 2f2b2856dd585346c1be0d04dd87f49d 13004 web optional php5-xsl_5.2.0-11_amd64.deb
 da37c6de443d393aed85cb24633d6141 1040 web optional php5_5.2.0-11_all.deb
 f100ce282560f255eb7a42c91fd5e7ab 306896 web optional php-pear_5.2.0-11_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iD8DBQFGLSpXynjLPm522B0RAo/BAJ41fxQjBQ5lZLnZGlJ3K7P1tCRPFACeMs5L
hOGiYg+hLklQVwPRFy8VuzY=
=quo3
-----END PGP SIGNATURE-----


Accepted:
libapache-mod-php5_5.2.0-11_amd64.deb
  to pool/main/p/php5/libapache-mod-php5_5.2.0-11_amd64.deb
libapache2-mod-php5_5.2.0-11_amd64.deb
  to pool/main/p/php5/libapache2-mod-php5_5.2.0-11_amd64.deb
php-pear_5.2.0-11_all.deb
  to pool/main/p/php5/php-pear_5.2.0-11_all.deb
php5-cgi_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-cgi_5.2.0-11_amd64.deb
php5-cli_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-cli_5.2.0-11_amd64.deb
php5-common_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-common_5.2.0-11_amd64.deb
php5-curl_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-curl_5.2.0-11_amd64.deb
php5-dev_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-dev_5.2.0-11_amd64.deb
php5-gd_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-gd_5.2.0-11_amd64.deb
php5-imap_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-imap_5.2.0-11_amd64.deb
php5-interbase_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-interbase_5.2.0-11_amd64.deb
php5-ldap_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-ldap_5.2.0-11_amd64.deb
php5-mcrypt_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-mcrypt_5.2.0-11_amd64.deb
php5-mhash_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-mhash_5.2.0-11_amd64.deb
php5-mysql_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-mysql_5.2.0-11_amd64.deb
php5-odbc_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-odbc_5.2.0-11_amd64.deb
php5-pgsql_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-pgsql_5.2.0-11_amd64.deb
php5-pspell_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-pspell_5.2.0-11_amd64.deb
php5-recode_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-recode_5.2.0-11_amd64.deb
php5-snmp_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-snmp_5.2.0-11_amd64.deb
php5-sqlite_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-sqlite_5.2.0-11_amd64.deb
php5-sybase_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-sybase_5.2.0-11_amd64.deb
php5-tidy_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-tidy_5.2.0-11_amd64.deb
php5-xmlrpc_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-xmlrpc_5.2.0-11_amd64.deb
php5-xsl_5.2.0-11_amd64.deb
  to pool/main/p/php5/php5-xsl_5.2.0-11_amd64.deb
php5_5.2.0-11.diff.gz
  to pool/main/p/php5/php5_5.2.0-11.diff.gz
php5_5.2.0-11.dsc
  to pool/main/p/php5/php5_5.2.0-11.dsc
php5_5.2.0-11_all.deb
  to pool/main/p/php5/php5_5.2.0-11_all.deb
Reply to:
Prev by Date: Accepted python-networkx 0.34-1 (source all)
Next by Date: Accepted kphotoalbum 3.0.2-1 (source i386)
Previous by thread: Accepted python-networkx 0.34-1 (source all)
Next by thread: Accepted kphotoalbum 3.0.2-1 (source i386)
Index(es):
- Date
- Thread