php5 5.2.4 and lower vulnerable to several CVEs

Bug #228095 reported by Mathias Menzer on 2008-05-08
254
Affects Status Importance Assigned to Milestone
php5 (Ubuntu)
Undecided
Unassigned
Dapper
Undecided
Unassigned
Feisty
Undecided
Unassigned
Gutsy
Undecided
Unassigned
Hardy
Undecided
Jamie Strandboge

Bug Description

Binary package hint: php5

Please provide php5.2.5 for Versions older that Intrepid Ibex.

In php 5.2.5, several Security Issues have been fixed:
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-4887
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5898
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-5900

Jamie Strandboge (jdstrand) wrote :

CVE-2007-5898 fixed in dapper, edgy, feisty, gutsy, but still needed on hardy

Changed in php5:
status: New → Fix Released
Jamie Strandboge (jdstrand) wrote :

5.2.5-3ubuntu1 is now in Intrepid.

Jamie Strandboge (jdstrand) wrote :
Changed in php5:
status: New → Invalid
status: New → Fix Released
status: Invalid → Fix Released
status: New → Fix Released
assignee: nobody → jdstrand
status: New → Triaged
Jamie Strandboge (jdstrand) wrote :
Changed in php5:
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers