This bug was fixed in the package php5 - 5.2.4-2ubuntu5.3
--------------- php5 (5.2.4-2ubuntu5.3) hardy-security; urgency=low
[ Tormod Volden ] * Backport security fixes from 5.2.6: (LP: #227464) - debian/patches/SECURITY_CVE-2008-2050.patch + Fixed possible stack buffer overflow in FastCGI SAPI + Fixed sending of uninitialized paddings which may contain some information - debian/patches/SECURITY_CVE-2008-0599.patch + Fixed security issue detailed in CVE-2008-0599 - debian/patches/SECURITY_CVE-2007-4850.patch + Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz - debian/patches/security526-pcre_compile.patch: + avoid stack overflow (fix from pcre 7.6)
[ Jamie Strandboge ] * debian/patches/SECURITY_CVE-2008-2051.patch: properly address incomplete multibyte chars inside escapeshellcmd() (thanks Tormod Volden) * Add debian/patches/SECURITY_CVE-2007-5898.patch: don't accept partial utf8 sequences. Backported upstream fixes. * Add debian/patches/SECURITY_CVE-2007-5899.patch: don't send session id to remote forms. Backported upstream fixes. * Add debian/patches/SECURITY_CVE-2008-2829.patch: unsafe usage of deprecated imap functions (patch from Debian) * Add debian/patches/SECURITY_CVE-2008-1384.patch: integer overflow in printf() (patch from Debian) * Add debian/patches/SECURITY_CVE-2008-2107+2108.patch: weak random number seed. Backported upstream patches. * Add debian/patches/SECURITY_CVE-2007-4782.patch: DoS via long string in the fnmatch functions * Add debian/patches/SECURITY_CVE-2008-2371.patch: buffer overflow. Backported upstream patches. * References CVE-2008-2050 CVE-2008-2051 CVE-2008-0599 CVE-2007-4850 CVE-2007-5898 CVE-2007-5899 CVE-2008-2829 CVE-2008-1384 CVE-2008-2107 CVE-2008-2108 CVE-2007-4782 CVE-2008-2371
-- Jamie Strandboge <email address hidden> Fri, 18 Jul 2008 11:50:38 -0400
This bug was fixed in the package php5 - 5.2.4-2ubuntu5.3
---------------
php5 (5.2.4-2ubuntu5.3) hardy-security; urgency=low
[ Tormod Volden ] patches/ SECURITY_ CVE-2008- 2050.patch patches/ SECURITY_ CVE-2008- 0599.patch patches/ SECURITY_ CVE-2007- 4850.patch patches/ security526- pcre_compile. patch:
* Backport security fixes from 5.2.6: (LP: #227464)
- debian/
+ Fixed possible stack buffer overflow in FastCGI SAPI
+ Fixed sending of uninitialized paddings which may contain some
information
- debian/
+ Fixed security issue detailed in CVE-2008-0599
- debian/
+ Fixed a safe_mode bypass in cURL identified by Maksymilian
Arciemowicz
- debian/
+ avoid stack overflow (fix from pcre 7.6)
[ Jamie Strandboge ] patches/ SECURITY_ CVE-2008- 2051.patch: properly address incomplete patches/ SECURITY_ CVE-2007- 5898.patch: don't accept partial utf8 patches/ SECURITY_ CVE-2007- 5899.patch: don't send session id to patches/ SECURITY_ CVE-2008- 2829.patch: unsafe usage of patches/ SECURITY_ CVE-2008- 1384.patch: integer overflow in patches/ SECURITY_ CVE-2008- 2107+2108. patch: weak random number patches/ SECURITY_ CVE-2007- 4782.patch: DoS via long string in patches/ SECURITY_ CVE-2008- 2371.patch: buffer overflow.
* debian/
multibyte chars inside escapeshellcmd() (thanks Tormod Volden)
* Add debian/
sequences. Backported upstream fixes.
* Add debian/
remote forms. Backported upstream fixes.
* Add debian/
deprecated imap functions (patch from Debian)
* Add debian/
printf() (patch from Debian)
* Add debian/
seed. Backported upstream patches.
* Add debian/
the fnmatch functions
* Add debian/
Backported upstream patches.
* References
CVE-2008-2050
CVE-2008-2051
CVE-2008-0599
CVE-2007-4850
CVE-2007-5898
CVE-2007-5899
CVE-2008-2829
CVE-2008-1384
CVE-2008-2107
CVE-2008-2108
CVE-2007-4782
CVE-2008-2371
-- Jamie Strandboge <email address hidden> Fri, 18 Jul 2008 11:50:38 -0400