[php-maint] Fixed in NMU of php5 5.1.4-0.1

Steinar H. Gunderson sesse at debian.org
Tue Jun 13 22:02:44 UTC 2006 

tag 359907 + fixed
tag 361914 + fixed
tag 361915 + fixed
tag 361916 + fixed
tag 361917 + fixed
tag 365312 + fixed
tag 366109 + fixed
tag 368595 + fixed

quit

This message was generated automatically in response to a
non-maintainer upload.  The .changes file follows.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 13 Jun 2006 22:38:33 +0200
Source: php5
Binary: php5-gd php5-ldap php5 php5-xmlrpc libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mysql php5-common php5-snmp php5-dev php5-sqlite libapache-mod-php5
Architecture: source i386 all
Version: 5.1.4-0.1
Distribution: unstable
Urgency: high
Maintainer: Debian PHP Maintainers <pkg-php-maint at lists.alioth.debian.org>
Changed-By: Steinar H. Gunderson <sesse at debian.org>
Description: 
 libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 module)
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2.0 module)
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (meta-package)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language
 php5-common - Common files for packages built from the php5 source
 php5-curl  - CURL module for php5
 php5-dev   - Files for PHP5 module development
 php5-gd    - GD module for php5
 php5-ldap  - LDAP module for php5
 php5-mhash - MHASH module for php5
 php5-mysql - MySQL module for php5
 php5-odbc  - ODBC module for php5
 php5-pgsql - PostgreSQL module for php5
 php5-recode - recode module for php5
 php5-snmp  - SNMP module for php5
 php5-sqlite - SQLite module for php5
 php5-sybase - Sybase / MS SQL Server module for php5
 php5-xmlrpc - XML-RPC module for php5
 php5-xsl   - XSL module for php5
Closes: 359907 361914 361915 361916 361917 365312 366109 368595
Changes: 
 php5 (5.1.4-0.1) unstable; urgency=high
 .
   * Non-maintainer upload.
   * New upstream release. (Closes: #366109)
     * Fixes information leak in html_entity_decode() (CVE-2006-1490).
       (Closes: #359907)
     * Fixes phpinfo() XSS (CVE-2006-0996). (Closes: #361914)
     * Fixes copy() safe mode bypass (CVE-2006-1608). (Closes: #361915)
     * Fixes tempnam() open_basedir bypass (CVE-2006-1494). (Closes: #361916)
     * Fixes wordwrap() buffer overflow (CVE-2006-1990). (Closes: #365312)
     * Fixes substr_compare() DoS condition (CVE-2006-1991).
     * Fixes crash during too deep recursion (CVE-2006-1549). (Closes: #361917)
     * Fixes injection in mb_send_mail() (CVE-2006-1014, CVE-2006-1015); not
       mentioned in upstream changelog. (Closes: #368595)
   * 044-strtod_arm_fix.patch: Adapted for new upstream; pulled in from
     Piotr Roszatycki's packages.
   * 108-64bit_datetime.patch: Patch to fix possible segfault on systems where
     sizeof(void*) > sizeof(int); patch from David Mosberger-Tang.
Files: 
 002571051b2788dfdec06f056e583c01 1782 web optional php5_5.1.4-0.1.dsc
 7c846aa09ec1fe0f54a57c8ba030d9f8 8109575 web optional php5_5.1.4.orig.tar.gz
 69f8231f694a7bc3bc154a7754d1e533 97614 web optional php5_5.1.4-0.1.diff.gz
 1d1d6a1c9e3b6499328807fd1e2bdcef 136752 web optional php5-common_5.1.4-0.1_i386.deb
 dcb1a604e594b5f3047445abe5e547b5 2332420 web optional libapache-mod-php5_5.1.4-0.1_i386.deb
 dc231b36eb6011ff37d5ea0379ef28c1 2333106 web optional libapache2-mod-php5_5.1.4-0.1_i386.deb
 af702291473aac9932922ef3a7232dfd 4601226 web optional php5-cgi_5.1.4-0.1_i386.deb
 a4fa322908d4503798d8024e3bb4b576 2321406 web optional php5-cli_5.1.4-0.1_i386.deb
 e787702b5237c4351615421732cd7874 307914 devel optional php5-dev_5.1.4-0.1_i386.deb
 f436773564e7573756ef42fd30034799 24510 web optional php5-curl_5.1.4-0.1_i386.deb
 578814e7b269d9c49e0b97fb10704ad5 34586 web optional php5-gd_5.1.4-0.1_i386.deb
 5cdb0fc6f5bfce68b78e8ec27bd2389d 20618 web optional php5-ldap_5.1.4-0.1_i386.deb
 9c22d41f76480f33a6e7e95f1070c8ad 8462 web optional php5-mhash_5.1.4-0.1_i386.deb
 670e570bafebe1da05bae94c7072df31 23068 web optional php5-mysql_5.1.4-0.1_i386.deb
 48a3f1f972be3cc75f1df8b8f22edaf3 28490 web optional php5-odbc_5.1.4-0.1_i386.deb
 f76d8920e48962edfa9944432b4911be 42264 web optional php5-pgsql_5.1.4-0.1_i386.deb
 39a8ae86a369c0353fb30fdf9b4e69ea 8154 web optional php5-recode_5.1.4-0.1_i386.deb
 2125a70314bb4770931e821747631ee4 14422 web optional php5-snmp_5.1.4-0.1_i386.deb
 1776c4b4ce68fcb882c9da6a6dccd29b 26904 web optional php5-sqlite_5.1.4-0.1_i386.deb
 79d577af1393b548717f6bd6c3bbb95e 21728 web optional php5-sybase_5.1.4-0.1_i386.deb
 6ea58da19cbe98155e41440fe06b9c8d 39796 web optional php5-xmlrpc_5.1.4-0.1_i386.deb
 da73b3902fb2eeb7c0c2cb08e16d8841 15544 web optional php5-xsl_5.1.4-0.1_i386.deb
 d7a05b9f5418cafd5f11061cae2a8c09 1038 web optional php5_5.1.4-0.1_all.deb
 e2c419907818b3502c4a7ffac6b0ff03 305612 web optional php-pear_5.1.4-0.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEjzP8XKRQ3lK3SH4RAgqJAKDIDkfy3NfOmxiNIJVgVjge9UOGOQCfSJCY
6nXpmhYMxGQgERvrBz+m4RE=
=Qfi7
-----END PGP SIGNATURE-----

More information about the pkg-php-maint mailing list