Ubuntu
php5 package

Branches for Gutsy

Name Status Last Modified Last Commit
lp:ubuntu/gutsy/php5 1 Development 2009-06-27 22:31:21 UTC
23. Trigger rebuild for hppa

Author: LaMont Jones
Revision Date: 2007-10-04 12:18:16 UTC

Trigger rebuild for hppa
lp:ubuntu/gutsy-proposed/php5 1 Development 2009-06-27 22:31:34 UTC
26. * Use libdb4.4 to fix segfaults with ...

Author: Daniel Hahler
Revision Date: 2007-12-19 11:08:12 UTC

* Use libdb4.4 to fix segfaults with Apache (LP: #165247)
  - added debian/patches/use-specific-libdb-version.patch
lp:ubuntu/gutsy-security/php5 bug 1 Development 2009-06-27 22:33:07 UTC
27. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2009-01-29 08:27:41 UTC

* SECURITY UPDATE: denial of service and possible code execution from
  integer overflow in libgd. Although the system libgd was fixed in USN-557-1,
  php5 would not gracefully handle the error return code, resulting in a
  denial of service.
  - debian/patches/119_SECURITY_CVE-2007-3996.patch: check return codes when
    calling libgd in ext/gd/gd.c.
  - CVE-2007-3996
* SECURITY UPDATE: php_admin_value and php_admin_flag restrictions bypass via
  ini_set. (LP: #228095)
  - debian/patches/120_SECURITY_CVE-2007-5900.patch: add new
    zend_alter_ini_entry_ex() function that extends zend_alter_ini_entry() by
    making sure the entry can be modified in Zend/zend_ini.{c,h},
    Zend/zend_vm_def.h, and Zend/zend_vm_execute.h.
  - CVE-2007-5900
* SECURITY UPDATE: denial of service and possible arbitrary code execution
  via crafted font file. (LP: #286851)
  - debian/patches/121_SECURITY_CVE-2008-3658.patch: make sure font->nchars,
    font->h, and font->w don't cause overflows in ext/gd/gd.c. Also, add
    test script ext/gd/tests/imageloadfont_invalid.phpt.
  - CVE-2008-3658
* SECURITY UPDATE: denial of service and possible arbitrary code execution
  via the delimiter argument to the explode function. (LP: #286851)
  - debian/patches/122_SECURITY_CVE-2008-3659.patch: make sure needle_length
    is sane in ext/standard/tests/strings/explode_bug.phpt. Also, add test
    script ext/standard/tests/strings/explode_bug.phpt.
  - CVE-2008-3659
* SECURITY UPDATE: denial of service via a request with multiple dots
  preceding the extension. (ex: foo..php) (LP: #286851)
  - debian/patches/123_SECURITY_CVE-2008-3660.patch: improve .. cleaning with
    a new is_valid_path() function in sapi/cgi/cgi_main.c.
  - CVE-2008-3660
* SECURITY UPDATE: mbstring extension arbitrary code execution via crafted
  string containing HTML entity. (LP: #317672)
  - debian/patches/124_SECURITY_CVE-2008-5557.patch: improve
    mbfl_filt_conv_html_dec_flush() error handling in
    ext/mbstring/libmbfl/filters/mbfilter_htmlent.c.
  - CVE-2008-5557
* SECURITY UPDATE: safe_mode restriction bypass via unrestricted variable
  settings.
  - debian/patches/125_SECURITY_CVE-2008-5624.patch: make sure the page_uid
    and page_gid get initialized properly in ext/standard/basic_functions.c.
    Also, init server_context before processing config variables in
    sapi/apache/mod_php5.c.
  - CVE-2008-5624
* SECURITY UPDATE: arbitrary file write by placing a "php_value error_log"
  entry in a .htaccess file.
  - debian/patches/126_SECURITY_CVE-2008-5625.patch: enforce restrictions
    when merging in dir entry in sapi/apache/mod_php5.c and
    sapi/apache2handler/apache_config.c.
  - CVE-2008-5625
* SECURITY UPDATE: arbitrary file overwrite from directory traversal via zip
  file with dot-dot filenames.
  - debian/patches/127_SECURITY_CVE-2008-5658.patch: clean up filename paths
    in ext/zip/php_zip.c with new php_zip_realpath_r(),
    php_zip_virtual_file_ex() and php_zip_make_relative_path() functions.
  - CVE-2008-5658
lp:ubuntu/gutsy-updates/php5 1 Development 2009-06-27 22:31:39 UTC
27. * SECURITY UPDATE: denial of service ...

Author: Marc Deslauriers
Revision Date: 2009-01-29 08:27:41 UTC

* SECURITY UPDATE: denial of service and possible code execution from
  integer overflow in libgd. Although the system libgd was fixed in USN-557-1,
  php5 would not gracefully handle the error return code, resulting in a
  denial of service.
  - debian/patches/119_SECURITY_CVE-2007-3996.patch: check return codes when
    calling libgd in ext/gd/gd.c.
  - CVE-2007-3996
* SECURITY UPDATE: php_admin_value and php_admin_flag restrictions bypass via
  ini_set. (LP: #228095)
  - debian/patches/120_SECURITY_CVE-2007-5900.patch: add new
    zend_alter_ini_entry_ex() function that extends zend_alter_ini_entry() by
    making sure the entry can be modified in Zend/zend_ini.{c,h},
    Zend/zend_vm_def.h, and Zend/zend_vm_execute.h.
  - CVE-2007-5900
* SECURITY UPDATE: denial of service and possible arbitrary code execution
  via crafted font file. (LP: #286851)
  - debian/patches/121_SECURITY_CVE-2008-3658.patch: make sure font->nchars,
    font->h, and font->w don't cause overflows in ext/gd/gd.c. Also, add
    test script ext/gd/tests/imageloadfont_invalid.phpt.
  - CVE-2008-3658
* SECURITY UPDATE: denial of service and possible arbitrary code execution
  via the delimiter argument to the explode function. (LP: #286851)
  - debian/patches/122_SECURITY_CVE-2008-3659.patch: make sure needle_length
    is sane in ext/standard/tests/strings/explode_bug.phpt. Also, add test
    script ext/standard/tests/strings/explode_bug.phpt.
  - CVE-2008-3659
* SECURITY UPDATE: denial of service via a request with multiple dots
  preceding the extension. (ex: foo..php) (LP: #286851)
  - debian/patches/123_SECURITY_CVE-2008-3660.patch: improve .. cleaning with
    a new is_valid_path() function in sapi/cgi/cgi_main.c.
  - CVE-2008-3660
* SECURITY UPDATE: mbstring extension arbitrary code execution via crafted
  string containing HTML entity. (LP: #317672)
  - debian/patches/124_SECURITY_CVE-2008-5557.patch: improve
    mbfl_filt_conv_html_dec_flush() error handling in
    ext/mbstring/libmbfl/filters/mbfilter_htmlent.c.
  - CVE-2008-5557
* SECURITY UPDATE: safe_mode restriction bypass via unrestricted variable
  settings.
  - debian/patches/125_SECURITY_CVE-2008-5624.patch: make sure the page_uid
    and page_gid get initialized properly in ext/standard/basic_functions.c.
    Also, init server_context before processing config variables in
    sapi/apache/mod_php5.c.
  - CVE-2008-5624
* SECURITY UPDATE: arbitrary file write by placing a "php_value error_log"
  entry in a .htaccess file.
  - debian/patches/126_SECURITY_CVE-2008-5625.patch: enforce restrictions
    when merging in dir entry in sapi/apache/mod_php5.c and
    sapi/apache2handler/apache_config.c.
  - CVE-2008-5625
* SECURITY UPDATE: arbitrary file overwrite from directory traversal via zip
  file with dot-dot filenames.
  - debian/patches/127_SECURITY_CVE-2008-5658.patch: clean up filename paths
    in ext/zip/php_zip.c with new php_zip_realpath_r(),
    php_zip_virtual_file_ex() and php_zip_make_relative_path() functions.
  - CVE-2008-5658
14 of 4 results FirstPreviousNextLast