[Bug 191251] Re: [needs-packaging] php5-embed

Tue Oct 9 17:57:19 UTC 2012

According to this changelog excerpt from the current package in Quantal
(as part of 5.4.6-1ubuntu1), the embed SAPI was enabled in that update:

php5 (5.4.1-1) unstable; urgency=low

  * Imported Upstream version 5.4.1
    + Fixed insufficient validating of upload name leading to corrupted
      $_FILES indices). (CVE-2012-1172).
    + Add open_basedir checks to readline_write_history and
      readline_read_history.
    + Add Apache 2.4 support (.deb package in experimental comming soon)
    + Added debug info handler to DOM objects.
  * Remove Breaks: on php applications on maintainer requests:
    + simplesamlphp
    + php-horde-auth
  * Add better configuration snippet for CGI (Closes: #571795)
  * Update a description of PHP language based on the text from upstream
    web page (http://www.php.net/manual/en/intro-whatis.php)
  * Enable embed SAPI (Closes: #380731)
  * Add lintian override for libphp5-embed: embedded-library
    usr/lib/libphp5.so: file
  * Add ldconfig to libphp5-embed.{postinst,postrm}
  * Fix #EXTRA# processing for SAPIs (extra ; at the end of sed cmd)

 -- Ondrej Surý <ondrej at debian.org>  Thu, 03 May 2012 13:29:07 +0200

I'm going to mark this one as "Fix Released" now that this was fixed in
Quantal, as it is part of 5.4.6-1ubuntu1.

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1172

** Changed in: php5 (Ubuntu)
       Status: Confirmed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/191251

Title:
  [needs-packaging] php5-embed

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/191251/+subscriptions