Comment 4 for bug 1411811

This bug was fixed in the package php5 - 5.6.4+dfsg-4ubuntu1

---------------
php5 (5.6.4+dfsg-4ubuntu1) vivid; urgency=medium

  * Merge from Debian testing (LP: #1411811). Remaining changes:
    - d/control: drop Build-Depends that are in universe: firebird-dev,
      libc-client-dev, libmcrypt-dev, libonig-dev, libqdbm-dev.
    - d/rules: drop configuration of packages that are in universe: qdgm, onig.
    - d/rules: drop CONFIGURE_APACHE_ARGS settings since now we don't build
      interbase or firebird.
    - d/control: drop binary packages php5-imap, php5-interbase and php5-mcrypt
      since we have separate versions in universe.
    - d/modulelist: drop imap, interbase and mcrypt since we have separate
      versions in universe.
    - d/rules: drop configuration of imap and mcrypt since we have separate
      versions in universe.
    - d/source_php5.py, d/rules: add apport hook.
    - d/control: switch Build-Depends of netcat-traditional to netcat-openbsd
      as only the latter is in main.
  * Drop changes:
    - Reported fixed in upstream release of 5.6.0: quilt patches for
      CVE-2014-0237, CVE-2014-0238, CVE-2014-4049, CVE-2014-0207,
      CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487,
      CVE-2014-3515, CVE-2014-4670, CVE-2014-4698, CVE-2014-4721,
      CVE-2014-3587 and CVE-2014-3597, and d/p/fix_systemd_ftbfs.patch.
    - Reported fixed in upstream release of 5.6.2: quilt patches for
      CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670, and
      d/p/curl_embedded_null.patch.
    - Reported fixed in upstream release of 5.6.3: quilt patch for
      CVE-2014-3710.
    - Applied in Debian:
      + d/rules: stop mysql instance on clean just in case we failed in
        tests.
      + d/tests/{cgi,cli,mod-php}: dep8 tests for common use cases.
      + d/rules: export DEB_HOST_MULTIARCH properly.
      + d/rules: load dpkg-buildflags earlier, so that CFLAGS changes are not
        overridden.
 -- Robie Basak <email address hidden> Tue, 27 Jan 2015 12:09:42 +0000