[Pkg-php-commits] r1073 - in php4/branches/etch/debian: . patches

Sean Finney seanius at alioth.debian.org
Wed May 14 21:17:20 UTC 2008


Author: seanius
Date: 2008-05-14 21:17:20 +0000 (Wed, 14 May 2008)
New Revision: 1073

Added:
   php4/branches/etch/debian/patches/125-CVE-2007-3998.patch
Modified:
   php4/branches/etch/debian/changelog
Log:
fix for CVE-2007-3998

Modified: php4/branches/etch/debian/changelog
===================================================================
--- php4/branches/etch/debian/changelog	2008-05-14 20:10:50 UTC (rev 1072)
+++ php4/branches/etch/debian/changelog	2008-05-14 21:17:20 UTC (rev 1073)
@@ -3,6 +3,7 @@
   * NMU prepared for the security team by the package maintainer.
   * The following security issues are addressed with this update:
     - CVE-2007-3806: glob denial of service
+    - CVE-2007-3998: vulnerability in wordwrap
     - CVE-2008-2051: incomplete multibyte chars inside escapeshellcmd()
 
  -- Sean Finney <seanius at debian.org>  Wed, 14 May 2008 22:10:16 +0200

Added: php4/branches/etch/debian/patches/125-CVE-2007-3998.patch
===================================================================
--- php4/branches/etch/debian/patches/125-CVE-2007-3998.patch	                        (rev 0)
+++ php4/branches/etch/debian/patches/125-CVE-2007-3998.patch	2008-05-14 21:17:20 UTC (rev 1073)
@@ -0,0 +1,14 @@
+--- old/ext/standard/string.c	2007/06/06 21:53:54	1.445.2.14.2.63
++++ new/ext/standard/string.c	2007/07/22 15:55:15	1.445.2.14.2.64
+@@ -651,6 +651,11 @@
+ 
+ 	if (textlen == 0) {
+ 		RETURN_EMPTY_STRING();
++	}
++
++	if (breakcharlen == 0) {
++		php_error_docref(NULL TSRMLS_CC, E_WARNING, "Break string cannot be empty");
++		RETURN_FALSE;
+ 	}
+ 
+ 	if (linelength == 0 && docut) {




More information about the Pkg-php-commits mailing list