Ubuntu
php5 package

Branches for Intrepid

Name Status Last Modified Last Commit
lp:ubuntu/intrepid/php5 1 Development 2009-06-27 22:32:16 UTC
38. debian/patches/fix-pecl-libtool.dpatc...

Author: Chuck Short
Revision Date: 2008-10-14 15:16:36 UTC

debian/patches/fix-pecl-libtool.dpatch: fix libtool brokenness
with pecl. (LP: #262251)
lp:ubuntu/intrepid-security/php5 bug 1 Development 2010-01-06 08:57:19 UTC
43. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2010-01-06 08:57:19 UTC

* SECURITY UPDATE: information disclosure and denial of service via
  zend_restore_ini_entry_cb function.
  - debian/patches/CVE-2009-2626.patch: make sure new_value exists in
    main/main.c, gracefully handle failure in Zend/zend_ini.c.
  - CVE-2009-2626
* SECURITY UPDATE: Cross-site scripting via incomplete htmlspecialchars
  filtering
  - debian/patches/CVE-2009-4142.patch: rewrite handling logic in
    ext/standard/html.c, add ext/standard/tests/strings/bug49785.phpt
    test script, fix ext/standard/tests/strings/htmlentities-utf.phpt
    test script.
  - CVE-2009-4142
* SECURITY UPDATE: restrictions bypass via incorrect session data
  handling
  - debian/patches/CVE-2009-4143.patch: protect from interrupt
    corruption in ext/session/session.c.
  - CVE-2009-4143
lp:ubuntu/intrepid-updates/php5 1 Development 2010-01-06 08:57:19 UTC
43. * SECURITY UPDATE: information disclo...

Author: Marc Deslauriers
Revision Date: 2010-01-06 08:57:19 UTC

* SECURITY UPDATE: information disclosure and denial of service via
  zend_restore_ini_entry_cb function.
  - debian/patches/CVE-2009-2626.patch: make sure new_value exists in
    main/main.c, gracefully handle failure in Zend/zend_ini.c.
  - CVE-2009-2626
* SECURITY UPDATE: Cross-site scripting via incomplete htmlspecialchars
  filtering
  - debian/patches/CVE-2009-4142.patch: rewrite handling logic in
    ext/standard/html.c, add ext/standard/tests/strings/bug49785.phpt
    test script, fix ext/standard/tests/strings/htmlentities-utf.phpt
    test script.
  - CVE-2009-4142
* SECURITY UPDATE: restrictions bypass via incorrect session data
  handling
  - debian/patches/CVE-2009-4143.patch: protect from interrupt
    corruption in ext/session/session.c.
  - CVE-2009-4143
13 of 3 results FirstPreviousNextLast