Comment 14 for bug 813115

This bug was fixed in the package php5 - 5.2.4-2ubuntu5.18

---------------
php5 (5.2.4-2ubuntu5.18) hardy-security; urgency=low

  [ Angel Abad ]
  * SECURITY UPDATE: File path injection vulnerability in RFC1867 File
    upload filename (LP: #813115)
    - debian/patches/php5-CVE-2011-2202.patch:
    - CVE-2011-2202

  [ Steve Beattie ]
  * SECURITY UPDATE: DoS due to failure to check for memory allocation errors
    - debian/patches/php5-CVE-2011-3182.patch: check the return values
      of the malloc, calloc, and realloc functions
    - CVE-2011-3182
  * SECURITY UPDATE: Information leak via strchr interrupt (LP: #852865)
    - debian/patches/php5-CVE-2010-2484.patch: grab references before
      converting to string
    - CVE-2010-2484
 -- Steve Beattie <email address hidden> Fri, 14 Oct 2011 20:10:17 -0700