[php-maint] Bug#410995: new upstream version 5.2.1 available
Kees Cook
kees at outflux.net
Thu Feb 15 01:28:47 UTC 2007
Package: php5
Version: 5.2.0-8
Severity: important
Tags: security
Several CVE have been fixed in 5.2.1:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0905
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
However, 5.2.1 contains a fix that creates a new problem, covered in
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0911
The corrected patch for CVE-2007-0911 is available here:
http://marc.theaimsgroup.com/?l=php-dev&m=117106751715609&w=2
--
Kees Cook @outflux.net
More information about the pkg-php-maint
mailing list