Please roll out security fixes from PHP 5.2.6
Bug #227464 reported by
spinkham
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Hardy Backports |
Invalid
|
Undecided
|
Unassigned | ||
php5 (Debian) |
Fix Released
|
Unknown
|
|||
php5 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Feisty |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Gutsy |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Hardy |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
Binary package hint: php5
PHP 5.2.6 fixes important security bugs
From the release log:
Security Fixes
* Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin)
* Properly address incomplete multibyte chars inside escapeshellcmd() (Ilia, Stefan Esser)
* Fixed security issue detailed in CVE-2008-0599. (Rasmus)
* Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. (Ilia)
* Upgraded PCRE to version 7.6 (Nuno)
Changed in php5: | |
status: | Unknown → Fix Committed |
Changed in php5: | |
status: | Fix Committed → Fix Released |
Changed in php5: | |
assignee: | nobody → jdstrand |
status: | New → In Progress |
assignee: | nobody → jdstrand |
status: | New → In Progress |
assignee: | nobody → jdstrand |
status: | New → In Progress |
assignee: | nobody → jdstrand |
status: | New → In Progress |
Changed in php5: | |
status: | In Progress → Fix Committed |
status: | In Progress → Fix Committed |
status: | In Progress → Fix Committed |
status: | In Progress → Fix Committed |
To post a comment you must log in.
This has been out for a while, is there a reason this hasn't been acted on?