lp:debian/squeeze/php5

Related source package recipes

No recipes using this branch. (?)

Create packaging recipe

Related snap packages

Related bugs

Related blueprints

23. By Ondřej Surý on 2012-08-06

* CVE-2012-2688: potential overflow in _php_stream_scandir
* CVE-2012-3450: parsing bug in PDO can lead to access violations

22. By Ondřej Surý on 2012-02-10

* Deprecated error should use E_DEPRECATED and not E_WARNING
  (Closes: #632838)
* CVE-2012-0781: Fix for Tidy::diagnose() NULL pointer dereference
* CVE-2011-4153: Fix PHP 5 does not always check the return value of
  the zend_strndup function
* CVE-2010-4697: use-after-free vulnerability
* CVE-2011-1092: denial of service and possible data disclosure
  through integer overflow
* CVE-2011-1148: improve reference counting
* CVE-2011-1464: limit amount of precision to ensure fitting within
  MAX_BUF_SIZE
* CVE-2011-1467: check for invalid attribute symbols in
  NumberFormatter::setSymbol()
* CVE-2011-1468: fix memory leak of openssl contexts
* CVE-2011-1469: improve pointer handling to fix denial of service
  through application crash when using HTTP proxy with the FTP wrapper
* CVE-2011-1470: denial of service through application crash when
  handling ziparchive streams
* CVE-2011-1657: DoS in zip handling due to addGlob() crashing on
  invalid flags
* CVE-2011-3182: DoS due to failure to check for memory allocation
  errors
* CVE-2011-3267: DoS in errorlog() when passed NULL
* CVE-2012-0788: PDORow session denial of service
* CVE-2012-0831: magic_quotes_gpc remote disable vulnerability
  (NOTE: magic_quotes_gpc is DEPRECATED and will be removed from
  PHP 5.4, e.g. you should not use them in any case!)
* CVE-2011-1072,CVE-2011-1144: symlink tmp races in pear install

21. By Ondřej Surý on 2011-06-28

* Fix CVE-2011-2202: File path injection vulnerability in RFC1867 File
  upload filename
* Refresh CVE-2011-2202 patch
* Update gbp.conf for debian-squeeze branch

20. By Raphael Geissert on 2011-03-17

Fix CVE-2011-0441: arbitrary files removal via cronjob (Closes #618489)

19. By Ondřej Surý on 2011-01-05

* Cherry pick patches for:
  + double free vulnerability in the imap_do_open function in the IMAP
    extension (CVE-2010-4150)
  + infinite loop with x87 CPU
  + extract() to not overwrite $GLOBALS and $this when using
    EXTR_OVERWRITE
  + crash if aa steps are invalid in GD extension
  + crash with entitity declaration in simplexml.c
  + NULL dereference in Zend language scanner
  + integer overflow in SdnToJulian
  + memory leaks and possible crash introduced by NULL poisoning patch
  + leaks and crash when passing the callback as a variable
  + leak in highlight_string
  + segmentation fault in pgsql_stmt_execute when postgres is down
  + segmentation fault when extending SplFixedArray
  + segmentation fault when node is NULL in simplexml.c
  + segmentation fault when using several cloned intl objects
  + segmentation fault when using bad column_number in sqlite3 columnName
* Add comment about cherry picked patches (and last revision) from
  upstream SVN to README.source

18. By Ondřej Surý on 2010-12-07

* Cherry-pick fix for crashes on invalid parameters in intl extension.
  (CVE-2010-4409).
* Cherry pick fix for crash in zip extract method (possible CWE-170)
* Cherry pick fix for unaligned memory access in ext/hash/hash_tiger.c
* Update CVE-2010-3870 to include test case
* Cherry pick complete fix to reject filenames with NULL (CVE requested)

17. By Ondřej Surý on 2010-11-30

* Add firebird support for armhf (Closes: #604526)
* More updates to open_basedir (Closes: #605391)

16. By Ondřej Surý on 2010-11-17

* Cherry pick patches for (Closes: #603751):
  + NULL pointer dereference in ZipArchive::getArchiveComment
    (CVE-2010-3709)
  + utf8_decode xml_utf8_decode vulnerability (CVE-2010-3870)
  + mb_strcut() returns garbage with the excessive length parameter
  (CVE-2010-4156)
  + possible flaw in open_basedir (CVE-2010-3436)
  + segfault in SplFileObject::fscanf
  + memory leak in PDO::FETCH_INTO
  + crash when storing many SPLFixedArray in an array
  + possible crash in php_mssql_get_column_content_without_type()
  + cURL leaks handle and causes assertion error (CURLOPT_STDERR)
  + segfault when optional parameters are not passed in to mssql_connect
  + segfault when ssl stream option capture_peer_cert_chain used
  + crash in GC because of incorrect reference counting
  + crash when calling enchant_broker_get_dict_path before set_path
  + crash in pdo_firebird getAttribute()

15. By Ondřej Surý on 2010-10-27

Fix segfault in filter_var with FILTER_VALIDATE_EMAIL with large
amount of data (CVE-2010-3710, Closes: #601619)

14. By Ondřej Surý on 2010-10-21

* Upload 5.3.3 to unstable
  + Fixes CVE-2010-2225, CVE-2010-2094, CVE-2010-1917, CVE-2010-1866,
    CVE-2010-2531, CVE-2010-3065.
* Don't build FPM SAPI now
* Bump standards version to 3.9.1
* Synchronize system crypt patch
* Cherry pick upstream fix for format vulnerability in phar/stream.c
  + Fixes CVE-2010-2950.
* Set explicit error level to hide warnings on systems with modified
  php.ini (Closes: #590485)
* Apply patch to fix loading of extensions without [PHP] section
  (Closes: #595761)
* Set session.gc_probability back to 0 (Closes: #595706)
* Update PHP5 description to not include references to C, Java and
  Perl (Closes: #351032)