[Bug 910296] Re: Please backport the upstream patch to prevent attacks based on hash collisions

Steve Beattie sbeattie at ubuntu.com
Fri Feb 10 18:00:34 UTC 2012


Yes, this has been fixed in hardy (8.04  LTS); however, I forgot to
incorporate the bug number in the changelog entry for the hardy version.
You are correct that this issue has not been addressed in precise, yet.

As for CVE-2012-0830, there is no separate bug report; the security team
doesn't track all security issues via bug reports due to some
inadequacies in launchpad. Issues are tracked publicly in the Ubuntu CVE
tracker at http://people.canonical.com/~ubuntu-security/cve/ .

Thanks!


** Changed in: php5 (Ubuntu Hardy)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/910296

Title:
  Please backport the upstream patch to prevent attacks based on hash
  collisions

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296/+subscriptions



More information about the Ubuntu-server-bugs mailing list