lp:ubuntu/maverick-updates/php5
- Get this branch:
- bzr branch lp:ubuntu/maverick-updates/php5
Branch merges
Branch information
Recent revisions
- 82. By Steve Beattie
-
debian/
patches/ php5-CVE- 2012-0831- regression. patch: fix
magic_quotes_gpc ini setting regression introduced by patch for
CVE-2012-0831. Thanks to Ondřej Surý for the patch. (LP: #930115) - 81. By Steve Beattie
-
* SECURITY UPDATE: memory allocation failure denial of service
- debian/patches/ php5-CVE- 2011-4153. patch: check result of
zend_strdup() and calloc() for failed allocations
- CVE-2011-4153
* SECURITY UPDATE: predictable hash collision denial of service
(LP: #910296)
- debian/patches/ php5-CVE- 2011-4885. patch: add max_input_vars
directive with default limit of 1000
- ATTENTION: this update changes previous php5 behavior by
limiting the number of external input variables to 1000.
This may be increased by adding a "max_input_vars"
directive to the php.ini configuration file. See
http://www.php. net/manual/ en/info. configuration. php#ini. max-input- vars
for more information.
- CVE-2011-4885
* SECURITY UPDATE: remote code execution vulnerability introduced by
the fix for CVE-2011-4885 (LP: #925772)
- debian/patches/ php5-CVE- 2012-0830. patch: return rather than
continuing if max_input_vars limit is reached
- CVE-2012-0830
* SECURITY UPDATE: XSLT arbitrary file overwrite attack
- debian/patches/ php5-CVE- 2012-0057. patch: add xsl.security_prefs
ini option to define forbidden operations within XSLT stylesheets
- CVE-2012-0057
* SECURITY UPDATE: PDORow session denial of service
- debian/patches/ php5-CVE- 2012-0788. patch: fail gracefully when
attempting to serialize PDORow instances
- CVE-2012-0788
* SECURITY UPDATE: magic_quotes_gpc remote disable vulnerability
- debian/patches/ php5-CVE- 2012-0831. patch: always restore
magic_quote_gpc on request shutdown
- CVE-2012-0831 - 80. By Marc Deslauriers
-
* SECURITY UPDATE: Denial of service and possible information disclosure
via exif integer overflow
- debian/patches/ php5-CVE- 2011-4566. patch: fix count checks in
ext/exif/exif. c.
- CVE-2011-4566 - 79. By Steve Beattie
-
[ Angel Abad ]
* SECURITY UPDATE: File path injection vulnerability in RFC1867 File
upload filename (LP: #813115)
- debian/patches/ php5-CVE- 2011-2202. patch:
- CVE-2011-2202
* SECURITY UPDATE: Fixed stack buffer overflow in socket_connect()
(LP: #813110)
- debian/patches/ php5-CVE- 2011-1938. patch:
- CVE-2011-1938[ Steve Beattie ]
* SECURITY UPDATE: DoS in zip handling due to addGlob() crashing
on invalid flags
- debian/patches/ php5-CVE- 2011-1657. patch: check for valid flags
- CVE-2011-1657
* SECURITY UPDATE: crypt_blowfish doesn't properly handle 8-bit
(non-ascii) passwords leading to a smaller collision space
- debian/patches/ php5-CVE- 2011-2483. patch: update crypt_blowfish
to 1.2 to correct handling of passwords containing 8-bit
(non-ascii) characters.
CVE-2011-2483
* SECURITY UPDATE: DoS due to failure to check for memory allocation errors
- debian/patches/ php5-CVE- 2011-3182. patch: check the return values
of the malloc, calloc, and realloc functions
- CVE-2011-3182
* SECURITY UPDATE: DoS in errorlog() when passed NULL
- debian/patches/ php5-CVE- 2011-3267. patch: fix NULL pointer crash in
errorlog()
- CVE-2011-3267 - 78. By Steve Beattie
-
debian/
patches/ php5-pear- CVE-2011- 1144-regression .patch: fix
mkdir parenthesis issue and PEAR::raiseErro typo (LP: #774452) - 77. By Steve Beattie
-
* SECURITY UPDATE: arbitrary files removal via cronjob
- debian/php5-common. php5.cron. d: take greater care when removing
session files.
- http://git.debian. org/?p= pkg-php% 2Fphp.git; a=commitdiff_ plain;h= d09fd04ed7bfcf7 f008360c6a42025 108925df09
- CVE-2011-0441
* SECURITY UPDATE: symlink tmp races in pear install
- debian/patches/ php5-pear- CVE-2011- 1072.patch: improved
tempfile handling.
- debian/rules: apply patch manually after unpacking PEAR phar
archive.
- CVE-2011-1072
* SECURITY UPDATE: more symlink races in pear install
- debian/patches/ php5-pear- CVE-2011- 1144.patch: add TOCTOU save
file handler.
- debian/rules: apply patch manually after unpacking PEAR phar
archive.
- CVE-2011-1144
* SECURITY UPDATE: pathname restriction bypass vulnerability
- debian/patches/ php5-CVE- 2006-7243. patch: check for passed
filenames containing NULL bytes.
- CVE-2006-7243
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/ php5-CVE- 2010-4697. patch: retain reference to
object until getter/setter are done.
- CVE-2010-4697
* SECURITY UPDATE: denial of service through application crash with
invalid images
- debian/patches/ php5-CVE- 2010-4698. patch: verify anti-aliasing
steps are either 4 or 16.
- CVE-2010-4698
* SECURITY UPDATE: denial of service through application crash
- debian/patches/ php5-CVE- 2011-0420. patch: improve grapheme_extract()
argument validation.
- CVE-2011-0420
* SECURITY UPDATE: denial of service through application crash
- debian/patches/ php5-CVE- 2011-0421. patch: fail operation gracefully
when handling zero sized zipfile with the FL_UNCHANGED argument
- CVE-2011-0421
* SECURITY UPDATE: denial of service through application crash when
handling images with invalid exif tags
- debian/patches/ php5-CVE- 2011-0708. patch: stricter exif checking
- CVE-2011-0708
* SECURITY UPDATE: denial of service and possible data disclosure
through integer overflow
- debian/patches/ php5-CVE- 2011-1092. patch: better boundary
condition checks in shmop_read()
- CVE-2011-1092
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/ php5-CVE- 2011-1148. patch: improve reference
counting
- CVE-2011-1148
* SECURITY UPDATE: format string vulnerability
- debian/patches/ php5-CVE- 2011-1153. patch: correctly quote format
strings
- CVE-2011-1153
* SECURITY UPDATE: denial of service through buffer overflow crash
(code execution mitigated by compilation with Fortify Source)
- debian/patches/ php5-CVE- 2011-1464. patch: limit amount of precision
to ensure fitting within MAX_BUF_SIZE
- CVE-2011-1464
* SECURITY UPDATE: denial of service through application crash via
integer overflow.
- debian/patches/ php5-CVE- 2011-1466. patch: improve boundary
condition checking in SdnToJulian()
- CVE-2011-1466
* SECURITY UPDATE: denial of service through application crash
- debian/patches/ php5-CVE- 2011-1467. patch: check for invalid
attribute symbols in NumberFormatter::setSymbol( )
- CVE-2011-1467
* SECURITY UPDATE: denial of service through memory leak
- debian/patches/ php5-CVE- 2011-1468. patch: fix memory leak of
openssl contexts
- CVE-2011-1468
* SECURITY UPDATE: denial of service through application crash
when using HTTP proxy with the FTP wrapper
- debian/patches/ php5-CVE- 2011-1469. patch: improve pointer handling
- CVE-2011-1469
* SECURITY UPDATE: denial of service through application crash when
handling ziparchive streams
- debian/patches/ php5-CVE- 2011-1470. patch: set necessary elements of
the meta data structure
- CVE-2011-1470
* SECURITY UPDATE: denial of service through application crash when
handling malformed zip files
- debian/patches/ php5-CVE- 2011-1471. patch: correct integer
signedness error when handling zip_fread() return value.
- CVE-2011-1471
* debian/control: replace build-depends on mysql-server with
mysql-server- core-5. 1 and mysql-client-5.1 to avoid upstart and
mysql-server-5.1 postinst confusion with starting up multiple
mysqlds listening on the same port. - 76. By Steve Beattie
-
debian/
patches/ php5-CVE- 2010-3436- regression. patch: update
main/fopen_wrappers. c to include fix for open_basedir restriction
regression (LP: #701896) - 75. By Steve Beattie
-
* SECURITY UPDATE: open_basedir bypass
- debian/patches/ php5-CVE- 2010-3436. patch: more strict checking in
php_check_specific_ open_basedir( )
- CVE-2010-3436
* SECURITY UPDATE: NULL pointer dereference crash
- debian/patches/ php5-CVE- 2010-3709. patch: check for NULL when
getting zip comment
- CVE-2010-3709
* SECURITY UPDATE: memory consumption denial of service
- debian/patches/ php5-CVE- 2010-3710. patch: check for email address
longer than RFC 2821 allows
- CVE-2010-3710
* SECURITY UPDATE: xml decode bypass
- debian/patches/ php5-CVE- 2010-3870. patch: improve utf8 decoding
- CVE-2010-3870
* SECURITY UPDATE: memory disclosure
- debian/patches/ php5-CVE- 2010-4156. patch: check for excessive
length in mb_strcut()
- CVE-2010-4156
* SECURITY UPDATE: integer overflow can cause an application crash
- debian/patches/ php5-CVE- 2010-4409. patch: fix invalid args in
NumberFormatter::getSymbol ()
- CVE-2010-4409
* SECURITY UPDATE: infinite loop/denial of service when dealing with
certain textual forms of MAX_FLOAT (LP: #697181)
- debian/patches/ php5-CVE- 2010-4645. patch: treat local doubles
as volatile to avoid x87 registers in zend_strtod()
- CVE-2010-4645 - 74. By Marc Deslauriers
-
* SECURITY UPDATE: arbitrary memory disclosure and possible code
execution via phar extension
- debian/patches/ CVE-2010- 2950.patch: use correct format string in
ext/phar/stream. c.
- CVE-2010-2094
- CVE-2010-2950 - 73. By Matthias Klose
-
Build-depend on netcat-openbsd | netcat, instead of just netcat (only
in universe).
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/natty/php5