[Pkg-php-commits] r1225 - php5/trunk/debian
Thijs Kinkhorst
thijs at alioth.debian.org
Tue Jan 20 09:33:44 UTC 2009
Author: thijs
Date: 2009-01-20 09:33:36 +0000 (Tue, 20 Jan 2009)
New Revision: 1225
Modified:
php5/trunk/debian/changelog
Log:
add CVE id to the fixed version
Modified: php5/trunk/debian/changelog
===================================================================
--- php5/trunk/debian/changelog 2009-01-19 22:34:54 UTC (rev 1224)
+++ php5/trunk/debian/changelog 2009-01-20 09:33:36 UTC (rev 1225)
@@ -3,8 +3,6 @@
* NOT RELEASED YET
[ Sean Finney ]
- * Just for posterity, 5.2.6.dfsg.1-1 included a fix for CVE-2008-5624, but
- the CVE id was not known at the time (BG-initializing-fix.patch).
* Security related fixes:
- php: inifile handler for the dba functions can be used to truncate a file
Patch: dba-inifile-truncation.patch (closes: #507101).
@@ -56,8 +54,8 @@
- Upstream bug #46308 (Invalid write in zend object handler / getter)
Patch: zend_object_handlers-invalid-write.patch
* Security related fixes:
- - Incorporate fix from 5.3 for proper initialization of uid/gid for
- apache2 sapi.
+ - CVE-2008-5624: Incorporate fix from 5.3 for proper initialization of
+ uid/gid for apache2 sapi.
Patch: BG-initializing-fix.patch
- CVE-2008-5557: heap overflows in the mbstring extension.
Patch: CVE-2008-5557.patch (closes: #511493).
More information about the Pkg-php-commits
mailing list