[Pkg-php-commits] [php/debian-sid] prepare 5.3.3-4 release
Ondřej Surý
ondrej at sury.org
Wed Nov 17 09:48:09 UTC 2010
---
debian/changelog | 22 ++++++++++++++++++++++
1 files changed, 22 insertions(+), 0 deletions(-)
diff --git a/debian/changelog b/debian/changelog
index 911522d..4a70029 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,25 @@
+php5 (5.3.3-4) unstable; urgency=low
+
+ * Cherry pick patches for (Closes: #603751):
+ + NULL pointer dereference in ZipArchive::getArchiveComment
+ (CVE-2010-3709)
+ + utf8_decode xml_utf8_decode vulnerability (CVE-2010-3870)
+ + mb_strcut() returns garbage with the excessive length parameter
+ (CVE-2010-4156)
+ + possible flaw in open_basedir (CVE-2010-3436)
+ + segfault in SplFileObject::fscanf
+ + memory leak in PDO::FETCH_INTO
+ + crash when storing many SPLFixedArray in an array
+ + possible crash in php_mssql_get_column_content_without_type()
+ + cURL leaks handle and causes assertion error (CURLOPT_STDERR)
+ + segfault when optional parameters are not passed in to mssql_connect
+ + segfault when ssl stream option capture_peer_cert_chain used
+ + crash in GC because of incorrect reference counting
+ + crash when calling enchant_broker_get_dict_path before set_path
+ + crash in pdo_firebird getAttribute()
+
+ -- Ondřej Surý <ondrej at debian.org> Wed, 17 Nov 2010 10:31:58 +0100
+
php5 (5.3.3-3) unstable; urgency=high
* Fix segfault in filter_var with FILTER_VALIDATE_EMAIL with large
--
1.7.1
More information about the Pkg-php-commits
mailing list