Accepted php5 5.1.2-1ubuntu3.5 (source)

Ubuntu Installer archive at
Wed Feb 21 13:55:41 GMT 2007

 OK: php5_5.1.2-1ubuntu3.5.dsc
     -> Component: main Section: web
 OK: php5_5.1.2-1ubuntu3.5.diff.gz

Hash: SHA1

Format: 1.7
Date: Wed, 21 Feb 2007 09:25:41 +0100
Source: php5
Binary: php5-mysqli php5-gd php5-ldap php5 php5-xmlrpc libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mysql php5-common php5-dev php5-snmp php5-sqlite
Architecture: source
Version: 5.1.2-1ubuntu3.5
Distribution: dapper-security
Urgency: low
Maintainer: Debian PHP Maintainers <pkg-php-maint at>
Changed-By: Martin Pitt <martin.pitt at>
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2.0 module)
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (meta-package)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language
 php5-common - Common files for packages built from the php5 source
 php5-curl  - CURL module for php5
 php5-dev   - Files for PHP5 module development
 php5-gd    - GD module for php5
 php5-ldap  - LDAP module for php5
 php5-mhash - MHASH module for php5
 php5-mysql - MySQL module for php5
 php5-mysqli - MySQL Improved module for php5
 php5-odbc  - ODBC module for php5
 php5-pgsql - PostgreSQL module for php5
 php5-recode - recode module for php5
 php5-snmp  - SNMP module for php5
 php5-sqlite - SQLite module for php5
 php5-sybase - Sybase / MS SQL Server module for php5
 php5-xmlrpc - XML-RPC module for php5
 php5-xsl   - XSL module for php5
 php5 (5.1.2-1ubuntu3.5) dapper-security; urgency=low
   * SECURITY UPDATE: Remote code execution.
   * Add debian/patches/CVE-2007-0906_imap.patch:
     - Buffer overflows in the imap extension.
   * Add debian/patches/CVE-2007-0906_session.patch:
     - Buffer overflow in the session extension.
   * Add debian/patches/CVE-2007-0906_streams.patch:
     - Buffer overflows in the stream filters functions.
   * Add debian/patches/CVE-2007-0906_string.patch:
     - Buffer overflow in the string extension.
   * Add debian/patches/CVE-2007-0907.patch:
     - Buffer underflow in sapi_header_op() that can be exploited to crash the
       PHP interpreter.
   * Add debian/patches/CVE-2007-0908.patch:
     - Fix forgotten initialization of key_length and buffer overflow in the
       wddx extension that could be exploited to reveal memory that is not
       supposed to be accessible (potential information disclosure).
   * Add debian/patches/CVE-2007-0909_print.patch:
     - Fix format string vulnerability on 64 bit systems in the *print()
   * Add debian/patches/CVE-2007-0909_odbc.patch:
     - Fix format string vulnerability on 64 bit systems in odbc_result_all().
   * Add debian/patches/CVE-2007-0910.patch:
     - Fix clobbering of superglobal variables during session variable
   * Add debian/patches/CVE-2007-0988.patch:
     - Fix infinite loop in zend_hash_init() when unserializing untrusted data
       on 64 bit systems.
 c9d31713f64cd9b9508674b54a1aa39a 1768 web optional php5_5.1.2-1ubuntu3.5.dsc
 2d8d7cd177d1c220bf6a7deccb03520a 113123 web optional php5_5.1.2-1ubuntu3.5.diff.gz

Version: GnuPG v1.4.2.2 (GNU/Linux)


More information about the dapper-changes mailing list