This bug was fixed in the package php5 - 5.5.3+dfsg-1ubuntu2.4
--------------- php5 (5.5.3+dfsg-1ubuntu2.4) saucy-security; urgency=medium
* SECURITY UPDATE: incorrect FastCGI socket permissions (LP: #1307027) - debian/patches/CVE-2014-0185.patch: default to 0660 in sapi/fpm/fpm/fpm_unix.c, sapi/fpm/php-fpm.conf.in. - CVE-2014-0185 * SECURITY UPDATE: denial of service in FileInfo cdf_unpack_summary_info - debian/patches/CVE-2014-0237.patch: remove file_printf calls in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0237 * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-0238.patch: fix infinite loop in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0238 * SECURITY UPDATE: code execution via buffer overflow in DNS TXT record parsing - debian/patches/CVE-2014-4049.patch: check length in ext/standard/dns.c. - CVE-2014-4049 -- Marc Deslauriers <email address hidden> Thu, 19 Jun 2014 13:33:33 -0400
This bug was fixed in the package php5 - 5.5.3+dfsg- 1ubuntu2. 4
--------------- dfsg-1ubuntu2. 4) saucy-security; urgency=medium
php5 (5.5.3+
* SECURITY UPDATE: incorrect FastCGI socket permissions (LP: #1307027) patches/ CVE-2014- 0185.patch: default to 0660 in fpm/fpm/ fpm_unix. c, sapi/fpm/ php-fpm. conf.in. summary_ info patches/ CVE-2014- 0237.patch: remove file_printf calls in fileinfo/ libmagic/ cdf.c. property_ info patches/ CVE-2014- 0238.patch: fix infinite loop in fileinfo/ libmagic/ cdf.c. patches/ CVE-2014- 4049.patch: check length in standard/ dns.c.
- debian/
sapi/
- CVE-2014-0185
* SECURITY UPDATE: denial of service in FileInfo cdf_unpack_
- debian/
ext/
- CVE-2014-0237
* SECURITY UPDATE: denial of service in FileInfo cdf_read_
- debian/
ext/
- CVE-2014-0238
* SECURITY UPDATE: code execution via buffer overflow in DNS TXT record
parsing
- debian/
ext/
- CVE-2014-4049
-- Marc Deslauriers <email address hidden> Thu, 19 Jun 2014 13:33:33 -0400