Bug#609007: unblock: php5/5.3.3-7
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package php5
New upload fixes one CVE, one remote DoS (infinite loop which will
probably get a CVE as well) and several fixes for segfauls and memory
leaks cherry picked from upstream SVN.
The diffstat looks quite small with exception of
memory-leak-inside-highlight_string because the patched file is
autogenerated and contains lots of:
-#line 1014 "Zend/zend_language_scanner.c"
+#line 1024 "Zend/zend_language_scanner.c"
changes.
Here's the diffstat for php5_5.3.3-6 php5_5.3.3-7
debian/patches/CVE-2010-4150.patch | 15
debian/patches/do-not-overwrite-GLOBALS-and-this.patch | 43
debian/patches/fix-crash-if-aa-steps-are-invalid.patch | 14
debian/patches/fix-crash-with-entity-declarations-in-simplexml.patch | 41
debian/patches/fix-for-NULL-deref-in-zend_language_scanner.patch | 13
debian/patches/fix-infinite-loop-with-x87-cpu.patch | 24
debian/patches/fix-integer-overflow-in-SdnToJulian.patch | 90
debian/patches/fix-leak-and-possible-crash-introduced-by-the-null-poisoning-patch.patch | 61
debian/patches/fix-leaks-and-crash-bug-when-passing-the-callback-as-variable.patch | 11
debian/patches/fix-memory-leak-inside-highlight_string.patch | 2571 ++++++++++
debian/patches/fix-segfault-in-pgsql_stmt_execute-when-postgres-is-down.patch | 11
debian/patches/fix-segfault-when-extending-SplFixedArray.patch | 40
debian/patches/fix-segfault-when-node-is-NULL-in-simplexml.patch | 11
debian/patches/fix-segfault-when-using-several-cloned-intl-objects.patch | 130
debian/patches/fix-sqlite3-columnName-segfaults-on-bad-column_number.patch | 57
php5-5.3.3/debian/README.source | 6
php5-5.3.3/debian/changelog | 25
php5-5.3.3/debian/patches/series | 15
18 files changed, 3178 insertions(+)
unblock php5/5.3.3-7
-- System Information:
Debian Release: squeeze/sid
APT prefers maverick-updates
APT policy: (500, 'maverick-updates'), (500, 'maverick-security'), (500, 'maverick-proposed'), (500, 'maverick-backports'), (500, 'maverick')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.35-24-generic (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=cs_CZ.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Reply to: