[Bug 317672] [NEW] CVE-2008-5557: heap overflows in the mbstring extension

Mark Lee launchpad-net at lazymalevolence.com
Thu Jan 15 22:57:17 GMT 2009

*** This bug is a security vulnerability ***

Public security bug reported:

Binary package hint: php5

See: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-5557

The patch in question has been applied in Debian as of 5.2.6.dfsg.1-1,
and I have also applied the patch in the php5 source package I maintain
in my PPA: <https://launchpad.net/~malept/+archive>

** Affects: php5 (Ubuntu)
     Importance: Undecided
         Status: New

** CVE added: http://www.cve.mitre.org/cgi-

** Visibility changed to: Public

CVE-2008-5557: heap overflows in the mbstring extension
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.

More information about the Ubuntu-server-bugs mailing list