[Bug 227464] [NEW] PHP 5.2.6 fixes important security bugs
spinkham
steve.pinkham at gmail.com
Tue May 6 20:57:58 BST 2008
*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: php5
PHP 5.2.6 fixes important security bugs
>From the release log:
Security Fixes
* Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin)
* Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia, Stefan Esser)
* Fixed security issue detailed in CVE-2008-0599. (Rasmus)
* Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. (Ilia)
* Upgraded PCRE to version 7.6 (Nuno)
** Affects: php5 (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0599
--
PHP 5.2.6 fixes important security bugs
https://bugs.launchpad.net/bugs/227464
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
More information about the Ubuntu-server-bugs
mailing list