[php-maint] php5/5.3.3-6 ready
Ondřej Surý
ondrej at sury.org
Tue Dec 7 15:02:12 UTC 2010
Hi,
I have php5/5.3.3-5 built with following changes:
php5 (5.3.3-6) unstable; urgency=medium
.
* Cherry-pick fix for crashes on invalid parameters in intl extension.
(CVE-2010-4409).
* Cherry pick fix for crash in zip extract method (possible CWE-170)
* Cherry pick fix for unaligned memory access in ext/hash/hash_tiger.c
* Update CVE-2010-3870 to include test case
* Cherry pick complete fix to reject filenames with NULL (CVE requested)
5.3.3-5 is already in the testing (the open_basedir regression), so I
can upload it any moment.
So you probably have few hours to speak up before I'll upload it.
Ondrej
--
Ondřej Surý <ondrej at sury.org>
More information about the pkg-php-maint
mailing list