Here's a debdiff with the 5 stripped down security patches:
php5 (5.2.4-2ubuntu5.2) hardy-proposed; urgency=low . * Backport security fixes from 5.2.6: (LP: #227464) - debian/patches/security526-fastcgi.patch: + Fixed possible stack buffer overflow in FastCGI SAPI + Fixed sending of uninitialized paddings which may contain some information - debian/patches/security526-exec.patch: + Properly address incomplete multibyte chars inside escapeshellcmd() - debian/patches/security526-cgi_main.patch: + Fixed security issue detailed in CVE-2008-0599 - debian/patches/security526-interface.patch: + Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz - debian/patches/security526-pcre_compile.patch: + avoid stack overflow (fix from pcre 7.6)
Here's a debdiff with the 5 stripped down security patches:
php5 (5.2.4-2ubuntu5.2) hardy-proposed; urgency=low patches/ security526- fastcgi. patch:
information patches/ security526- exec.patch: patches/ security526- cgi_main. patch: patches/ security526- interface. patch:
Arciemowicz patches/ security526- pcre_compile. patch:
.
* Backport security fixes from 5.2.6: (LP: #227464)
- debian/
+ Fixed possible stack buffer overflow in FastCGI SAPI
+ Fixed sending of uninitialized paddings which may contain some
- debian/
+ Properly address incomplete multibyte chars inside escapeshellcmd()
- debian/
+ Fixed security issue detailed in CVE-2008-0599
- debian/
+ Fixed a safe_mode bypass in cURL identified by Maksymilian
- debian/
+ avoid stack overflow (fix from pcre 7.6)