testing php5 for Wheezy LTS

To: debian-lts@lists.debian.org
Subject: testing php5 for Wheezy LTS
From: Thorsten Alteholz <debian@alteholz.de>
Date: Sat, 25 Jun 2016 15:49:13 +0200 (CEST)
Message-id: <[🔎] alpine.DEB.2.02.1606251546420.2641@jupiter.server.alteholz.net>

Hi,

it is this time of the month again, so I uploaded version5.4.45-0+deb7u4 of php5 to:

 https://people.debian.org/~alteholz/packages/wheezy-lts/php5/amd64/
 https://people.debian.org/~alteholz/packages/wheezy-lts/php5/i386/

Please give it a try and tell me about any problems you met.

Thanks!
 Thorsten



   * CVE-2016-5093.patch
     Absence of null character causes unexpected zend_string length and
     leaks heap memory. The test script uses locale_get_primary_language
     to reach get_icu_value_internal but there are some other functions
     that also trigger this issue:
       locale_canonicalize, locale_filter_matches,
       locale_lookup, locale_parse
   * CVE-2016-5094.patch
     don't create strings with lengths outside int range
   * CVE-2016-5095.patch
     similar to CVE-2016-5094
     don't create strings with lengths outside int range
   * CVE-2016-5096.patch
     int/size_t confusion in fread
   * CVE-TEMP-bug-70661.patch
     bug70661: Use After Free Vulnerability in WDDX Packet Deserialization
   * CVE-TEMP-bug-70728.patch
     bug70728: Type Confusion Vulnerability in PHP_to_XMLRPC_worker()
   * CVE-TEMP-bug-70741.patch
     bug70741: Session WDDX Packet Deserialization Type Confusion
               Vulnerability
   * CVE-TEMP-bug-70480-raw.patch
     bug70480: php_url_parse_ex() buffer overflow read

Reply to:

Follow-Ups:
- Re: testing php5 for Wheezy LTS
  - From: Stefan <bd@bc-bd.org>

Prev by Date: Re: [Pkg-mozext-maintainers] Enigmail in Wheezy-LTS
Next by Date: Re: cacti LTS
Previous by thread: Re: [Pkg-mozext-maintainers] Enigmail in Wheezy-LTS
Next by thread: Re: testing php5 for Wheezy LTS
Index(es):
- Date
- Thread