[php-maint] new php5 packages for stable-security
sean finney
seanius at debian.org
Mon Jul 2 22:10:59 UTC 2007
guess it's not too late to say "stop the presses"...
i realized earlier today that the php5 package for stable also needed the
patch for CVE-2007-1864 which i provided in the php4 packages, so i've made
yet another update and sent it to the security queue.
sean
On Sunday 01 July 2007 01:53:02 sean finney wrote:
> hey folks,
>
> to follow up on this morning's mail, i've now uploaded a new security
> update for php5 to the pub security upload queue. this update fixes
> CVE-2007-1399/MOPB-16, which managed to slip through the mess of mopb fun
> from earlier updates.
>
> text from CVE-2007-1399:
>
> Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3
> and earlier, as bundled with PHP 5.2.0 and 5.2.1, allows remote attackers
> to execute arbitrary code via a long zip:// URL, as demonstrated by
> actively triggering URL access from a remote PHP interpreter via avatar
> upload or blog pingback.
>
> also in this update is a fix to a regression in single quoting introduced
> by the php team's original fix for one of the previous CVE's. in #422567
> someone was kind enough to dig up a fix, which has been tested and verified
> by a number of submitters. at the time i didn't realize it was a
> regression in the security update and instead thought it was just general
> breakage in php, so i threw an upload with the fix at stable p-u, which was
> accepted, in case you're curious after reading the changelog or wondering
> where the previous version is when you go to debdiff.
>
> anyway, please let me know if you need any more information.
>
>
> sean
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20070703/67b9aca5/attachment.pgp
More information about the pkg-php-maint
mailing list