Debian
php5 package

php5 5.2.6.dfsg.1-1+lenny2 source package in Debian

Changelog

php5 (5.2.6.dfsg.1-1+lenny2) testing-security; urgency=low


  [ Sean Finney ]
  * Do not add -O2 to CFLAGS if DEB_BUILD_OPTIONS contains noopt.
  * Security related fixes:
    - php: inifile handler for the dba functions can be used to truncate a file
      Patch: dba-inifile-truncation.patch (closes: #507101).
    - CVE-2008-5658.patch: ZipArchive::extractTo directory traversal
      Patch: CVE-2008-5658.patch (closes: #507857).
      Thanks to Pierre Joye for help with the patch.

  [ Raphael Geissert ]
  * Picked up some patches from Gentoo (most included in PHP 5.2.7 and later):
    + patches/gentoo/005_stream_context_set_params-crash.patch
    + patches/gentoo/006_PDORow-crash.patch
    + patches/gentoo/007_dom-setAttributeNode-crash.patch
    + patches/gentoo/009_array-function-crashes.patch
    + patches/gentoo/010_ticks-zts-crashes.patch
    + patches/gentoo/015_CVE-2008-2665-wrapper-safemode-bypass.patch
    + patches/gentoo/017_xmlrpc-invalid-callback-crash.patch
    + patches/gentoo/019_new-memory-corruption.patch
    + patches/gentoo/freetds-compat.patch
      - was deprecated_freetds_check.patch

 -- Sean Finney <email address hidden>  Sun, 25 Jan 2009 15:06:34 +0100

Upload details

Uploaded by:
Debian PHP Maintainers
Uploaded to:
Lenny
Original maintainer:
Debian PHP Maintainers
Architectures:
any
Section:
web
Urgency:
Low Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Builds

Downloads

File Size SHA-256 Checksum
php5_5.2.6.dfsg.1-1+lenny2.dsc 2.5 KiB da2f81efce7e7498e6d2ca060772000845300c98b6fc553066a49c2fd5281567
php5_5.2.6.dfsg.1.orig.tar.gz 11.6 MiB 86c5040915321aea53d870c2b1ecb1dc048e60eaf6c7addc1d421f363e642a3a
php5_5.2.6.dfsg.1-1+lenny2.diff.gz 154.8 KiB b78b70cface726d0e0c4a537ccff15f1a5c4093a98811ae19e44c71d1c33fd17

No changes file available.

Binary packages built by this source