Change log for php5 package in Ubuntu
1 → 75 of 362 results | First • Previous • Next • Last |
php5 (5.3.10-1ubuntu3.48) precise-security; urgency=medium * SECURITY UPDATE: Possibly forge cookie - debian/patches/CVE-2020-7070.patch: do not decode cookie names anymore in main/php_variables.c, tests/basic/022.phpt, tests/basic/023.phpt, tests/basic/bug79699.phpt. - CVE-2020-7070 -- <email address hidden> (Leonidas S. Barbosa) Tue, 13 Oct 2020 13:09:48 -0300
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.29) trusty-security; urgency=medium * SECURITY UPDATE: Unauthorized users access - debian/patches/CVE-2019-9637.patch: fix in main/streams/plain_wrapper.c. - CVE-2019-9637 * SECURITY UPDATE: Invalid read in exif_process_IFD_MAKERNOTE - debian/patches/CVE-2019-9638-and-CVE-2019-9639-*.patch: fix in ext/exif/exif.c, added tests in ext/exif/tests/bug77563.jpg, ext/exif/tests/bug77563.phpt. - CVE-2019-9638 - CVE-2019-9639 * SECURITY UPDATE: Invalid read - debian/patches/CVE-2019-9640.patch: fix in ext/exif/exif.c, added tests in ext/exif/tests/bug77540.jpg, ext/exif/tests/bug77540.phpt. - CVE-2019-9640 * SECURITY UPDATE: Unitialized read - debian/patches/CVE-2019-9641.patch: fix in ext/exif/exif.c. - CVE-2019-9641 * SECURITY UPDATE: Buffer overflow - debian/patches/CVE-2019-9675.patch: fix in ext/phar/tar.c, added tests, ext/phar/tests/bug77586,phpt, ext/phar/tests/bug77586/files/*. - CVE-2019-9675 * Changed the way MAKERNOTE is handled in case we do not have a matching signature, in order to support tests CVE-2019-9638 and CVE-2019-9639. - debian/patches/Changed-the-way-MAKERNOTE-is-handled-in-case.patch: fix it changing the behavior in order to continue the parse in ext/exif/exif.c * SECURITY UPDATE: buffer over-read in dns_get_record - debian/patches/CVE-2019-9022.patch: check length in ext/standard/dns.c. - CVE-2019-9022 -- <email address hidden> (Leonidas S. Barbosa) Mon, 22 Apr 2019 14:39:52 -0300
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.27) trusty-security; urgency=medium * SECURITY UPDATE: invalid memory access in xmlrpc_decode() - debian/patches/CVE-2019-9020.patch: check length in ext/xmlrpc/libxmlrpc/xml_element.c, added test to ext/xmlrpc/tests/bug77242.phpt. - CVE-2019-9020 * SECURITY UPDATE: buffer over-read in PHAR extension - debian/patches/CVE-2019-9021.patch: properly calculate position in ext/phar/phar.c, added test to ext/phar/tests/bug77247.phpt. - CVE-2019-9021 * SECURITY UPDATE: buffer over-reads in mbstring regex functions - debian/patches/CVE-2019-9023-1.patch: don't read past buffer in ext/mbstring/oniguruma/regparse.c, added test to ext/mbstring/tests/bug77370.phpt. - debian/patches/CVE-2019-9023-2.patch: check bounds in ext/mbstring/oniguruma/regcomp.c, added test to ext/mbstring/tests/bug77371.phpt. - debian/patches/CVE-2019-9023-3.patch: add length checks to ext/mbstring/oniguruma/enc/unicode.c, ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/regparse.h, added test to ext/mbstring/tests/bug77371.phpt, ext/mbstring/tests/bug77381.phpt. - debian/patches/CVE-2019-9023-4.patch: add new bounds checks to ext/mbstring/oniguruma/enc/utf16_be.c, ext/mbstring/oniguruma/enc/utf16_le.c, ext/mbstring/oniguruma/enc/utf32_be.c, ext/mbstring/oniguruma/enc/utf32_le.c, added test to ext/mbstring/tests/bug77418.phpt. - CVE-2019-9023 * SECURITY UPDATE: buffer over-read in xmlrpc_decode() - debian/patches/CVE-2019-9024.patch: fix variable size in ext/xmlrpc/libxmlrpc/base64.c, added test to ext/xmlrpc/tests/bug77380.phpt. - CVE-2019-9024 -- Marc Deslauriers <email address hidden> Tue, 05 Mar 2019 08:12:08 -0500
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.26) trusty-security; urgency=medium * SECURITY UPDATE: denial of service in exif parsing - debian/patches/CVE-2018-14851.patch: check length in ext/exif/exif.c. - CVE-2018-14851 * SECURITY UPDATE: denial of service in exif parsing - debian/patches/CVE-2018-14883.patch: check length in ext/exif/exif.c. - CVE-2018-14883 * SECURITY UPDATE: XSS due to the header Transfer-Encoding: chunked - debian/patches/bug76582.patch: clean up brigade in sapi/apache2handler/sapi_apache2.c. - No CVE number -- Marc Deslauriers <email address hidden> Mon, 17 Sep 2018 03:45:24 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.25) trusty-security; urgency=medium * SECURITY UPDATE: opcache access controls bypass - debian/patches/CVE-2018-10545.patch: do not set PR_SET_DUMPABLE by default in sapi/fpm/fpm/fpm_conf.c, sapi/fpm/fpm/fpm_conf.h, sapi/fpm/fpm/fpm_unix.c, sapi/fpm/php-fpm.conf.in. - CVE-2018-10545 * SECURITY UPDATE: infinite loop in iconv stream filter - debian/patches/CVE-2018-10546-1.patch: fail on invalid sequences in ext/iconv/iconv.c, ext/iconv/tests/bug76249.phpt. - debian/patches/CVE-2018-10546-2.patch: fix tsrm_ls in ext/iconv/iconv.c. - CVE-2018-10546 * SECURITY UPDATE: XSS on PHAR error pages - debian/patches/CVE-2018-10547.patch: remove potential unfiltered outputs in ext/phar/phar_object.c, fix tests in ext/phar/tests/*. - CVE-2018-10547 * SECURITY UPDATE: DoS via ldap_get_dn return value mishandling - debian/patches/CVE-2018-10548.patch: check dn in ext/ldap/ldap.c, add test to ext/ldap/tests/bug76248.phpt. - CVE-2018-10548 -- Marc Deslauriers <email address hidden> Thu, 10 May 2018 08:10:41 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.24) trusty-security; urgency=medium * SECURITY UPDATE: stream_get_meta_data issue - debian/patches/CVE-2016-10712.patch: properly handle metadata in ext/standard/streamsfuncs.c, ext/standard/tests/*, main/streams/memory.c. - debian/patches/CVE-2016-10712-2.patch: fix various tests. - CVE-2016-10712 * SECURITY UPDATE: stack-based under-read in HTTP response parsing - debian/patches/CVE-2018-7584.patch: prevent reading beyond buffer start in ext/standard/http_fopen_wrapper.c, ext/standard/tests/http/bug75981.phpt. - CVE-2018-7584 -- Marc Deslauriers <email address hidden> Thu, 15 Mar 2018 10:11:53 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.23) trusty-security; urgency=medium * SECURITY UPDATE: buffer over-read while unserializing untrusted data - debian/patches/CVE-2017-12933.patch: add check to ext/standard/var_unserializer.*, add test to ext/standard/tests/serialize/bug74111.phpt, adjust test in ext/standard/tests/serialize/bug25378.phpt. - CVE-2017-12933 * SECURITY UPDATE: information leak in php_parse_date function - debian/patches/CVE-2017-16642.patch: fix backof/frontof in ext/date/lib/parse_date.*, fix test in ext/date/tests/bug53437_var3.phpt, added test to ext/wddx/tests/bug75055.*. - CVE-2017-16642 * SECURITY UPDATE: XSS in PHAR error page - debian/patches/CVE-2018-5712.patch: remove file name from output to avoid XSS in ext/phar/shortarc.php, ext/phar/stub.h, fix tests in ext/phar/tests/*. - CVE-2018-5712 * SECURITY REGRESSION: exif_read_data broken (LP: #1633031) - debian/patches/CVE-2016-6291-regression.patch: add DJI signatures to the MAKERNOTE and its supported tags in ext/exif/exif.c. -- Marc Deslauriers <email address hidden> Thu, 08 Feb 2018 08:24:11 -0500
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.22) trusty-security; urgency=medium * SECURITY UPDATE: Zend OpCache shared memory issue - debian/patches/CVE-2015-8994-1.patch: check cached files permissions in ext/opcache/ZendAccelerator.*, ext/opcache/zend_accelerator_hash.c, ext/opcache/zend_accelerator_module.c. - debian/patches/CVE-2015-8994-2.patch: use full path in ext/opcache/ZendAccelerator.c. - debian/patches/CVE-2015-8994-3.patch: handle big inodes in ext/opcache/ZendAccelerator.c. - CVE-2015-8994 * SECURITY UPDATE: URL check bypass - debian/patches/CVE-2016-10397-1.patch: fix logic in ext/standard/url.c, added tests to ext/standard/tests/url/bug73192.phpt, ext/standard/tests/url/parse_url_basic_00*.phpt. - debian/patches/CVE-2016-10397-2.patch: respect length argument in ext/standard/url.c. - CVE-2016-10397 * SECURITY UPDATE: wddx empty boolean tag parsing issue - debian/patches/CVE-2017-11143-1.patch: handle empty tag in ext/wddx/wddx.c, added test to ext/wddx/tests/bug74145.*. - debian/patches/CVE-2017-11143-2.patch: improve fix in ext/wddx/wddx.c. - CVE-2017-11143 * SECURITY UPDATE: DoS in OpenSSL sealing function - debian/patches/CVE-2017-11144.patch: check return code in ext/openssl/openssl.c, added test to ext/openssl/tests/*74651*. - CVE-2017-11144 * SECURITY UPDATE: information leak in the date extension - debian/patches/CVE-2017-11145.patch: fix parsing of strange formats in ext/date/lib/parse_date.*. - CVE-2017-11145 * SECURITY UPDATE: buffer overread in phar_parse_pharfile - debian/patches/CVE-2017-11147.patch: use proper sizes in ext/phar/phar.c. - CVE-2017-11147 * SECURITY UPDATE: DoS via long locale - debian/patches/CVE-2017-11362.patch: check length in ext/intl/msgformat/msgformat_parse.c. - CVE-2017-11362 * SECURITY UPDATE: buffer overflow in the zend_ini_do_op() - debian/patches/CVE-2017-11628.patch: use correct buffer size in Zend/zend_ini_parser.y, added tests to Zend/tests/bug74603.*. - CVE-2017-11628 * SECURITY UPDATE: out-of-bounds read in oniguruma in mbstring - debian/patches/CVE-2017-9224.patch: fix logic in ext/mbstring/oniguruma/regexec.c. - CVE-2017-9224 * SECURITY UPDATE: heap out-of-bounds write in oniguruma in mbstring - debian/patches/CVE-2017-9226.patch: add checks to ext/mbstring/oniguruma/regparse.c. - CVE-2017-9226 * SECURITY UPDATE: stack out-of-bounds read in oniguruma in mbstring - debian/patches/CVE-2017-9227.patch: add bounds check to ext/mbstring/oniguruma/regexec.c. - CVE-2017-9227 * SECURITY UPDATE: heap out-of-bounds write in oniguruma in mbstring - debian/patches/CVE-2017-9228.patch: add check to ext/mbstring/oniguruma/regexec.c. - CVE-2017-9228 * SECURITY UPDATE: invalid pointer dereference in oniguruma in mbstring - debian/patches/CVE-2017-9229.patch: fix logic in ext/mbstring/oniguruma/regexec.c. - CVE-2017-9229 -- Marc Deslauriers <email address hidden> Fri, 04 Aug 2017 10:26:27 -0400
Available diffs
php5 (5.3.10-1ubuntu3.26) precise-security; urgency=medium * SECURITY UPDATE: overflow in locale_get_display_name - debian/patches/CVE-2014-9912.patch: check locale name length in ext/intl/locale/locale_methods.c, added test to ext/intl/tests/bug67397.phpt. - CVE-2014-9912 * SECURITY UPDATE: infinite loop via crafted serialized data - debian/patches/CVE-2016-7478-pre.patch: don't unset the default value in Zend/zend_exceptions.c, fix tests in ext/standard/tests/serialize/bug69152.phpt, ext/standard/tests/serialize/bug69793.phpt. - debian/patches/CVE-2016-7478-pre2.patch: fix test in ext/standard/tests/serialize/bug69793.phpt. - debian/patches/CVE-2016-7478-pre3.patch: add zend_unset_property() to Zend/zend_API.*. - debian/patches/CVE-2016-7478.patch: fix memcpy in Zend/zend_exceptions.c, ext/bcmath/libbcmath/src/init.c, ext/bcmath/libbcmath/src/outofmem.c. - CVE-2016-7478 * SECURITY UPDATE: arbitrary code execution via crafted serialized data - debian/patches/CVE-2016-7479-pre.patch: fix null pointer dereference in ext/standard/var_unserializer.*, added test to standard/tests/serialize/bug68545.phpt. - debian/patches/CVE-2016-7479.patch: implement delayed __wakeup in ext/standard/var_unserializer.*. - CVE-2016-7479 * SECURITY UPDATE: denial of service via crafted wddxPacket XML document - debian/patches/CVE-2016-9934.patch: check objects in ext/wddx/wddx.c, ext/pdo/pdo_stmt.c, ext/wddx/tests/bug45901.phpt, ext/wddx/tests/bug72790.phpt, ext/wddx/tests/bug73331.phpt. - CVE-2016-9934 * SECURITY UPDATE: denial of service via crafted wddxPacket XML document - debian/patches/CVE-2016-9935-1.patch: fix memory leak in ext/wddx/wddx.c. - debian/patches/CVE-2016-9935-2.patch: fix leak in ext/wddx/wddx.c. - debian/patches/CVE-2016-9935-3.patch: fix leak in ext/wddx/wddx.c. - CVE-2016-9935 * SECURITY UPDATE: exif DoS via FPE - debian/patches/CVE-2016-10158.patch: fix integer size issue in ext/exif/exif.c. - CVE-2016-10158 * SECURITY UPDATE: integer overflow in phar_parse_pharfile - debian/patches/CVE-2016-10159.patch: fix overflows in ext/phar/phar.c. - CVE-2016-10159 * SECURITY UPDATE: off-by-one in phar_parse_pharfile - debian/patches/CVE-2016-10160.patch: handle length in ext/phar/phar.c. - CVE-2016-10160 * SECURITY UPDATE: denial of service via crafted serialized data - debian/patches/CVE-2016-10161.patch: fix out-of-bounds read in ext/standard/var_unserializer.*, added test to ext/standard/tests/serialize/bug73825.phpt. - CVE-2016-10161 * debian/control: Build-Depends on mysql-server-5.5 to work with recent MySQL security updates. -- Marc Deslauriers <email address hidden> Fri, 10 Feb 2017 10:32:09 -0500
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.21) trusty-security; urgency=medium * SECURITY UPDATE: overflow in locale_get_display_name - debian/patches/CVE-2014-9912.patch: check locale name length in ext/intl/locale/locale_methods.c, added test to ext/intl/tests/bug67397.phpt. - debian/patches/CVE-2014-9912-2.patch: fix test in ext/intl/tests/bug62082.phpt. - CVE-2014-9912 * SECURITY UPDATE: infinite loop via crafted serialized data - debian/patches/CVE-2016-7478-pre.patch: don't unset the default value in Zend/zend_exceptions.c, fix tests in ext/standard/tests/serialize/bug69152.phpt, ext/standard/tests/serialize/bug69793.phpt. - debian/patches/CVE-2016-7478-pre2.patch: fix test in ext/standard/tests/serialize/bug69793.phpt. - debian/patches/CVE-2016-7478.patch: fix memcpy in Zend/zend_exceptions.c, ext/bcmath/libbcmath/src/init.c, ext/bcmath/libbcmath/src/outofmem.c. - CVE-2016-7478 * SECURITY UPDATE: arbitrary code execution via crafted serialized data - debian/patches/CVE-2016-7479-pre.patch: fix null pointer dereference in ext/standard/var_unserializer.*, added test to standard/tests/serialize/bug68545.phpt. - debian/patches/CVE-2016-7479.patch: implement delayed __wakeup in ext/standard/var_unserializer.*. - CVE-2016-7479 * SECURITY UPDATE: denial of service via crafted serialized data - debian/patches/CVE-2016-9137.patch: fix use-after-free in Zend/zend_API.*, ext/curl/curl_file.c, added test to ext/curl/tests/bug73147.phpt. - CVE-2016-9137 * SECURITY UPDATE: denial of service via crafted wddxPacket XML document - debian/patches/CVE-2016-9934.patch: check objects in ext/wddx/wddx.c, ext/pdo/pdo_stmt.c, ext/wddx/tests/bug45901.phpt, ext/wddx/tests/bug72790.phpt, ext/wddx/tests/bug73331.phpt. - CVE-2016-9934 * SECURITY UPDATE: denial of service via crafted wddxPacket XML document - debian/patches/CVE-2016-9935-1.patch: fix memory leak in ext/wddx/wddx.c. - debian/patches/CVE-2016-9935-2.patch: fix leak in ext/wddx/wddx.c. - debian/patches/CVE-2016-9935-3.patch: fix leak in ext/wddx/wddx.c. - CVE-2016-9935 * SECURITY UPDATE: exif DoS via FPE - debian/patches/CVE-2016-10158.patch: fix integer size issue in ext/exif/exif.c. - CVE-2016-10158 * SECURITY UPDATE: integer overflow in phar_parse_pharfile - debian/patches/CVE-2016-10159.patch: fix overflows in ext/phar/phar.c. - CVE-2016-10159 * SECURITY UPDATE: off-by-one in phar_parse_pharfile - debian/patches/CVE-2016-10160.patch: handle length in ext/phar/phar.c. - CVE-2016-10160 * SECURITY UPDATE: denial of service via crafted serialized data - debian/patches/CVE-2016-10161.patch: fix out-of-bounds read in ext/standard/var_unserializer.*, added test to ext/standard/tests/serialize/bug73825.phpt. - CVE-2016-10161 -- Marc Deslauriers <email address hidden> Thu, 09 Feb 2017 11:02:44 -0500
Available diffs
php5 (5.3.10-1ubuntu3.25) precise-security; urgency=medium * SECURITY UPDATE: denial of service or code execution via crafted serialized data - debian/patches/CVE-2016-7124-1.patch: destroy broken object when unserializing in ext/standard/var_unserializer.c*. - debian/patches/CVE-2016-7124-2.patch: improve fix in ext/standard/var_unserializer.c*, added test to ext/standard/tests/strings/bug72663_3.phpt. - CVE-2016-7124 * SECURITY UPDATE: arbitrary-type session data injection - debian/patches/CVE-2016-7125.patch: consume data even if not storing in ext/session/session.c, added test to ext/session/tests/bug72681.phpt. - debian/patches/CVE-2016-7125-2.patch: remove unused label in ext/session/session.c. - CVE-2016-7125 * SECURITY UPDATE: denial of service and possible code execution in imagegammacorrect function - debian/patches/CVE-2016-7127.patch: check gamma values in ext/gd/gd.c, added test to ext/gd/tests/bug72730.phpt. - CVE-2016-7127 * SECURITY UPDATE: information disclosure via exif_process_IFD_in_TIFF - debian/patches/CVE-2016-7128.patch: properly handle thumbnails in ext/exif/exif.c. - CVE-2016-7128 * SECURITY UPDATE: denial of service and possible code execution via invalid ISO 8601 time value - debian/patches/CVE-2016-7129.patch: properly handle strings in ext/wddx/wddx.c, added test to ext/wddx/tests/bug72749.phpt. - CVE-2016-7129 * SECURITY UPDATE: denial of service and possible code execution via invalid base64 binary value - debian/patches/CVE-2016-7130.patch: properly handle string in ext/wddx/wddx.c, added test to ext/wddx/tests/bug72750.phpt. - CVE-2016-7130 * SECURITY UPDATE: denial of service and possible code execution via malformed wddxPacket XML document - debian/patches/CVE-2016-7131.patch: added check to ext/wddx/wddx.c, added tests to ext/wddx/tests/bug72790.phpt, ext/wddx/tests/bug72799.phpt. - CVE-2016-7131 - CVE-2016-7132 * SECURITY UPDATE: denial of service and possible code execution via partially constructed object - debian/patches/CVE-2016-7411.patch: properly handle partial object in ext/standard/var_unserializer.*, added test to ext/standard/tests/serialize/bug73052.phpt. - CVE-2016-7411 * SECURITY UPDATE: denial of service and possible code execution via crafted field metadata in MySQL driver - debian/patches/CVE-2016-7412.patch: validate field length in ext/mysqlnd/mysqlnd_wireprotocol.c. - CVE-2016-7412 * SECURITY UPDATE: denial of service and possible code execution via malformed wddxPacket XML document - debian/patches/CVE-2016-7413.patch: fixed use-after-free in ext/wddx/wddx.c, added test to ext/wddx/tests/bug72860.phpt. - CVE-2016-7413 * SECURITY UPDATE: denial of service and possible code execution via crafted PHAR archive - debian/patches/CVE-2016-7414.patch: validate signatures in ext/phar/util.c, ext/phar/zip.c. - CVE-2016-7414 * SECURITY UPDATE: denial of service and possible code execution via MessageFormatter::formatMessage call with a long first argument - debian/patches/CVE-2016-7416.patch: added locale length check to ext/intl/msgformat/msgformat_format.c. - CVE-2016-7416 * SECURITY UPDATE: denial of service or code execution via crafted serialized data - debian/patches/CVE-2016-7417.patch: added type check to ext/spl/spl_array.c. - CVE-2016-7417 * SECURITY UPDATE: denial of service and possible code execution via malformed wddxPacket XML document - debian/patches/CVE-2016-7418.patch: fix out-of-bounds read in ext/wddx/wddx.c, added test to ext/wddx/tests/bug73065.phpt. - CVE-2016-7418 -- Marc Deslauriers <email address hidden> Mon, 03 Oct 2016 07:39:03 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.20) trusty-security; urgency=medium * SECURITY UPDATE: denial of service or code execution via crafted serialized data - debian/patches/CVE-2016-7124-1.patch: destroy broken object when unserializing in ext/standard/var_unserializer.c*, added tests to ext/standard/tests/strings/bug72663.phpt, ext/standard/tests/strings/bug72663_2.phpt. - debian/patches/CVE-2016-7124-2.patch: improve fix in ext/standard/var_unserializer.c*, added test to ext/standard/tests/strings/bug72663_3.phpt. - CVE-2016-7124 * SECURITY UPDATE: arbitrary-type session data injection - debian/patches/CVE-2016-7125.patch: consume data even if not storing in ext/session/session.c, added test to ext/session/tests/bug72681.phpt. - debian/patches/CVE-2016-7125-2.patch: remove unused label in ext/session/session.c. - CVE-2016-7125 * SECURITY UPDATE: denial of service and possible code execution in imagegammacorrect function - debian/patches/CVE-2016-7127.patch: check gamma values in ext/gd/gd.c, added test to ext/gd/tests/bug72730.phpt. - CVE-2016-7127 * SECURITY UPDATE: information disclosure via exif_process_IFD_in_TIFF - debian/patches/CVE-2016-7128.patch: properly handle thumbnails in ext/exif/exif.c. - CVE-2016-7128 * SECURITY UPDATE: denial of service and possible code execution via invalid ISO 8601 time value - debian/patches/CVE-2016-7129.patch: properly handle strings in ext/wddx/wddx.c, added test to ext/wddx/tests/bug72749.phpt. - CVE-2016-7129 * SECURITY UPDATE: denial of service and possible code execution via invalid base64 binary value - debian/patches/CVE-2016-7130.patch: properly handle string in ext/wddx/wddx.c, added test to ext/wddx/tests/bug72750.phpt. - CVE-2016-7130 * SECURITY UPDATE: denial of service and possible code execution via malformed wddxPacket XML document - debian/patches/CVE-2016-7131.patch: added check to ext/wddx/wddx.c, added tests to ext/wddx/tests/bug72790.phpt, ext/wddx/tests/bug72799.phpt. - CVE-2016-7131 - CVE-2016-7132 * SECURITY UPDATE: denial of service and possible code execution via partially constructed object - debian/patches/CVE-2016-7411.patch: properly handle partial object in ext/standard/var_unserializer.*, added test to ext/standard/tests/serialize/bug73052.phpt. - CVE-2016-7411 * SECURITY UPDATE: denial of service and possible code execution via crafted field metadata in MySQL driver - debian/patches/CVE-2016-7412.patch: validate field length in ext/mysqlnd/mysqlnd_wireprotocol.c. - CVE-2016-7412 * SECURITY UPDATE: denial of service and possible code execution via malformed wddxPacket XML document - debian/patches/CVE-2016-7413.patch: fixed use-after-free in ext/wddx/wddx.c, added test to ext/wddx/tests/bug72860.phpt. - CVE-2016-7413 * SECURITY UPDATE: denial of service and possible code execution via crafted PHAR archive - debian/patches/CVE-2016-7414.patch: validate signatures in ext/phar/util.c, ext/phar/zip.c. - CVE-2016-7414 * SECURITY UPDATE: denial of service and possible code execution via MessageFormatter::formatMessage call with a long first argument - debian/patches/CVE-2016-7416.patch: added locale length check to ext/intl/msgformat/msgformat_format.c. - CVE-2016-7416 * SECURITY UPDATE: denial of service or code execution via crafted serialized data - debian/patches/CVE-2016-7417.patch: added type check to ext/spl/spl_array.c, added test to ext/spl/tests/bug73029.phpt. - debian/patches/CVE-2016-7417-2.patch: fix test in ext/spl/tests/bug70068.phpt. - CVE-2016-7417 * SECURITY UPDATE: denial of service and possible code execution via malformed wddxPacket XML document - debian/patches/CVE-2016-7418.patch: fix out-of-bounds read in ext/wddx/wddx.c, added test to ext/wddx/tests/bug73065.phpt. - CVE-2016-7418 -- Marc Deslauriers <email address hidden> Mon, 03 Oct 2016 07:34:26 -0400
Available diffs
php5 (5.3.10-1ubuntu3.24) precise-security; urgency=medium * SECURITY UPDATE: segfault in SplMinHeap::compare - debian/patches/CVE-2015-4116.patch: properly handle count in ext/spl/spl_heap.c, added test to ext/spl/tests/bug69737.phpt. - CVE-2015-4116 * SECURITY UPDATE: denial of service via recursive method calls - debian/patches/CVE-2015-8873.patch: add limit to Zend/zend_exceptions.c, add tests to ext/standard/tests/serialize/bug69152.phpt, ext/standard/tests/serialize/bug69793.phpt, sapi/cli/tests/005.phpt. - CVE-2015-8873 * SECURITY UPDATE: denial of service or code execution via crafted serialized data - debian/patches/CVE-2015-8876.patch: fix logic in Zend/zend_exceptions.c, added test to Zend/tests/bug70121.phpt. - CVE-2015-8876 * SECURITY UPDATE: XSS in header() with Internet Explorer (LP: #1594041) - debian/patches/CVE-2015-8935.patch: update header handling to RFC 7230 in main/SAPI.c, added tests to ext/standard/tests/general_functions/bug60227_*.phpt. - CVE-2015-8935 * SECURITY UPDATE: get_icu_value_internal out-of-bounds read - debian/patches/CVE-2016-5093.patch: add enough space in ext/intl/locale/locale_methods.c, added test to ext/intl/tests/bug72241.phpt. - CVE-2016-5093 * SECURITY UPDATE: integer overflow in php_html_entities() - debian/patches/CVE-2016-5094.patch: don't create strings with lengths outside int range in ext/standard/html.c. - CVE-2016-5094 * SECURITY UPDATE: string overflows in string add operations - debian/patches/CVE-2016-5095.patch: check for size overflow in Zend/zend_operators.c. - CVE-2016-5095 * SECURITY UPDATE: int/size_t confusion in fread - debian/patches/CVE-2016-5096.patch: check string length in ext/standard/file.c, added test to ext/standard/tests/file/bug72114.phpt. - CVE-2016-5096 * SECURITY UPDATE: memory leak and buffer overflow in FPM - debian/patches/CVE-2016-5114.patch: check buffer length in sapi/fpm/fpm/fpm_log.c. - CVE-2016-5114 * SECURITY UPDATE: proxy request header vulnerability (httpoxy) - debian/patches/CVE-2016-5385.patch: only use HTTP_PROXY from the local environment in ext/standard/basic_functions.c, main/SAPI.c, main/php_variables.c. - CVE-2016-5385 * SECURITY UPDATE: inadequate error handling in bzread() - debian/patches/CVE-2016-5399.patch: do not allow reading past error read in ext/bz2/bz2.c. - CVE-2016-5399 * SECURITY UPDATE: integer overflows in mcrypt - debian/patches/CVE-2016-5769.patch: check for overflow in ext/mcrypt/mcrypt.c. - CVE-2016-5769 * SECURITY UPDATE: double free corruption in wddx_deserialize - debian/patches/CVE-2016-5772.patch: prevent double-free in ext/wddx/wddx.c, added test to ext/wddx/tests/bug72340.phpt. - CVE-2016-5772 * SECURITY UPDATE: buffer overflow in php_url_parse_ex() - debian/patches/CVE-2016-6288.patch: handle length in ext/standard/url.c. - CVE-2016-6288 * SECURITY UPDATE: integer overflow in the virtual_file_ex function - debian/patches/CVE-2016-6289.patch: properly check path_length in Zend/zend_virtual_cwd.c. - CVE-2016-6289 * SECURITY UPDATE: use after free in unserialize() with unexpected session deserialization - debian/patches/CVE-2016-6290.patch: destroy var_hash properly in ext/session/session.c, added test to ext/session/tests/bug72562.phpt. - CVE-2016-6290 * SECURITY UPDATE: out of bounds read in exif_process_IFD_in_MAKERNOTE - debian/patches/CVE-2016-6291.patch: add more bounds checks to ext/exif/exif.c. - CVE-2016-6291 * SECURITY UPDATE: locale_accept_from_http out-of-bounds access - debian/patches/CVE-2016-6294.patch: check length in ext/intl/locale/locale_methods.c, added test to ext/intl/tests/bug72533.phpt. - CVE-2016-6294 * SECURITY UPDATE: heap buffer overflow in simplestring_addn - debian/patches/CVE-2016-6296.patch: prevent overflows in ext/xmlrpc/libxmlrpc/simplestring.*. - CVE-2016-6296 * SECURITY UPDATE: integer overflow in php_stream_zip_opener - debian/patches/CVE-2016-6297.patch: use size_t in ext/zip/zip_stream.c. - CVE-2016-6297 * debian/patches/fix_exif_tests.patch: fix exif test results after security changes. -- Marc Deslauriers <email address hidden> Mon, 01 Aug 2016 13:27:52 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.19) trusty-security; urgency=medium * SECURITY UPDATE: segfault in SplMinHeap::compare - debian/patches/CVE-2015-4116.patch: properly handle count in ext/spl/spl_heap.c, added test to ext/spl/tests/bug69737.phpt. - CVE-2015-4116 * SECURITY UPDATE: denial of service via recursive method calls - debian/patches/CVE-2015-8873.patch: add limit to Zend/zend_exceptions.c, add tests to ext/standard/tests/serialize/bug69152.phpt, ext/standard/tests/serialize/bug69793.phpt, sapi/cli/tests/005.phpt. - CVE-2015-8873 * SECURITY UPDATE: denial of service or code execution via crafted serialized data - debian/patches/CVE-2015-8876.patch: fix logic in Zend/zend_exceptions.c, added test to Zend/tests/bug70121.phpt. - CVE-2015-8876 * SECURITY UPDATE: XSS in header() with Internet Explorer (LP: #1594041) - debian/patches/CVE-2015-8935.patch: update header handling to RFC 7230 in main/SAPI.c, added tests to ext/standard/tests/general_functions/bug60227_*.phpt. - CVE-2015-8935 * SECURITY UPDATE: get_icu_value_internal out-of-bounds read - debian/patches/CVE-2016-5093.patch: add enough space in ext/intl/locale/locale_methods.c, added test to ext/intl/tests/bug72241.phpt. - CVE-2016-5093 * SECURITY UPDATE: integer overflow in php_html_entities() - debian/patches/CVE-2016-5094.patch: don't create strings with lengths outside int range in ext/standard/html.c. - CVE-2016-5094 * SECURITY UPDATE: string overflows in string add operations - debian/patches/CVE-2016-5095.patch: check for size overflow in Zend/zend_operators.c. - CVE-2016-5095 * SECURITY UPDATE: int/size_t confusion in fread - debian/patches/CVE-2016-5096.patch: check string length in ext/standard/file.c, added test to ext/standard/tests/file/bug72114.phpt. - CVE-2016-5096 * SECURITY UPDATE: memory leak and buffer overflow in FPM - debian/patches/CVE-2016-5114.patch: check buffer length in sapi/fpm/fpm/fpm_log.c. - CVE-2016-5114 * SECURITY UPDATE: proxy request header vulnerability (httpoxy) - debian/patches/CVE-2016-5385.patch: only use HTTP_PROXY from the local environment in ext/standard/basic_functions.c, main/SAPI.c, main/php_variables.c. - CVE-2016-5385 * SECURITY UPDATE: inadequate error handling in bzread() - debian/patches/CVE-2016-5399.patch: do not allow reading past error read in ext/bz2/bz2.c. - CVE-2016-5399 * SECURITY UPDATE: double free in _php_mb_regex_ereg_replace_exec - debian/patches/CVE-2016-5768.patch: check pointer in ext/mbstring/php_mbregex.c, added test to ext/mbstring/tests/bug72402.phpt. - CVE-2016-5768 * SECURITY UPDATE: integer overflows in mcrypt - debian/patches/CVE-2016-5769.patch: check for overflow in ext/mcrypt/mcrypt.c. - CVE-2016-5769 * SECURITY UPDATE: ese after free GC algorithm and unserialize - debian/patches/CVE-2016-5771.patch: added new handler in ext/spl/spl_array.c, added test to Zend/tests/gc_024.phpt, ext/standard/tests/strings/bug72433.phpt. - CVE-2016-5771 * SECURITY UPDATE: double free corruption in wddx_deserialize - debian/patches/CVE-2016-5772.patch: prevent double-free in ext/wddx/wddx.c, added test to ext/wddx/tests/bug72340.phpt. - CVE-2016-5772 * SECURITY UPDATE: use after free in ZipArchive class - debian/patches/CVE-2016-5773.patch: add new handler in ext/zip/php_zip.c, added test to ext/standard/tests/strings/bug72434.phpt. - CVE-2016-5773 * SECURITY UPDATE: buffer overflow in php_url_parse_ex() - debian/patches/CVE-2016-6288.patch: handle length in ext/standard/url.c. - CVE-2016-6288 * SECURITY UPDATE: integer overflow in the virtual_file_ex function - debian/patches/CVE-2016-6289.patch: properly check path_length in Zend/zend_virtual_cwd.c. - CVE-2016-6289 * SECURITY UPDATE: use after free in unserialize() with unexpected session deserialization - debian/patches/CVE-2016-6290.patch: destroy var_hash properly in ext/session/session.c, added test to ext/session/tests/bug72562.phpt. - CVE-2016-6290 * SECURITY UPDATE: out of bounds read in exif_process_IFD_in_MAKERNOTE - debian/patches/CVE-2016-6291.patch: add more bounds checks to ext/exif/exif.c. - CVE-2016-6291 * SECURITY UPDATE: NULL pointer dereference in exif_process_user_comment - debian/patches/CVE-2016-6292.patch: properly handle encoding in ext/exif/exif.c. - CVE-2016-6292 * SECURITY UPDATE: locale_accept_from_http out-of-bounds access - debian/patches/CVE-2016-6294.patch: check length in ext/intl/locale/locale_methods.c, added test to ext/intl/tests/bug72533.phpt. - CVE-2016-6294 * SECURITY UPDATE: use after free vulnerability in SNMP with GC and unserialize() - debian/patches/CVE-2016-6295.patch: add new handler to ext/snmp/snmp.c, add test to ext/snmp/tests/bug72479.phpt. - CVE-2016-6295 * SECURITY UPDATE: heap buffer overflow in simplestring_addn - debian/patches/CVE-2016-6296.patch: prevent overflows in ext/xmlrpc/libxmlrpc/simplestring.*. - CVE-2016-6296 * SECURITY UPDATE: integer overflow in php_stream_zip_opener - debian/patches/CVE-2016-6297.patch: use size_t in ext/zip/zip_stream.c. - CVE-2016-6297 * debian/patches/fix_exif_tests.patch: fix exif test results after security changes. -- Marc Deslauriers <email address hidden> Thu, 28 Jul 2016 08:57:10 -0400
Deleted in trusty-proposed (Reason: moved to -updates) |
php5 (5.5.9+dfsg-1ubuntu4.18) trusty; urgency=medium * Fix zlib function naming with LFS (LP: #1315888). -- Nishanth Aravamudan <email address hidden> Tue, 31 May 2016 08:58:02 -0400
Available diffs
php5 (5.3.10-1ubuntu3.23) precise-security; urgency=medium * SECURITY UPDATE: heap corruption in tar/zip/phar parser - debian/patches/CVE-2016-4342.patch: remove UMR when size is 0 in ext/phar/phar_object.c. - CVE-2016-4342 * SECURITY UPDATE: uninitialized pointer in phar_make_dirstream() - debian/patches/CVE-2016-4343.patch: check lengths in ext/phar/dirstream.c, ext/phar/tar.c. - CVE-2016-4343 * SECURITY UPDATE: bcpowmod accepts negative scale and corrupts _one_ definition - debian/patches/CVE-2016-4537.patch: properly detect scale in ext/bcmath/bcmath.c, add test to ext/bcmath/tests/bug72093.phpt. - CVE-2016-4537 - CVE-2016-4538 * SECURITY UPDATE: xml_parse_into_struct segmentation fault - debian/patches/CVE-2016-4539.patch: check parser->level in ext/xml/xml.c, added test to ext/xml/tests/bug72099.phpt. - CVE-2016-4539 * SECURITY UPDATE: out-of-bounds reads in zif_grapheme_stripos and zif_grapheme_strpos with negative offset - debian/patches/CVE-2016-4540.patch: check bounds in ext/intl/grapheme/grapheme_string.c, added test to ext/intl/tests/bug72061.phpt. - CVE-2016-4540 - CVE-2016-4541 * SECURITY UPDATE: out of bounds heap read access in exif header processing - debian/patches/CVE-2016-4542.patch: check sizes and length in ext/exif/exif.c. - CVE-2016-4542 - CVE-2016-4543 - CVE-2016-4544 -- Marc Deslauriers <email address hidden> Thu, 19 May 2016 12:54:58 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.17) trusty-security; urgency=medium * SECURITY UPDATE: heap corruption in tar/zip/phar parser - debian/patches/CVE-2016-4342.patch: remove UMR when size is 0 in ext/phar/phar_object.c. - CVE-2016-4342 * SECURITY UPDATE: uninitialized pointer in phar_make_dirstream() - debian/patches/CVE-2016-4343.patch: check lengths in ext/phar/dirstream.c, ext/phar/tar.c. - CVE-2016-4343 * SECURITY UPDATE: bcpowmod accepts negative scale and corrupts _one_ definition - debian/patches/CVE-2016-4537.patch: properly detect scale in ext/bcmath/bcmath.c, add test to ext/bcmath/tests/bug72093.phpt. - CVE-2016-4537 - CVE-2016-4538 * SECURITY UPDATE: xml_parse_into_struct segmentation fault - debian/patches/CVE-2016-4539.patch: check parser->level in ext/xml/xml.c, added test to ext/xml/tests/bug72099.phpt. - CVE-2016-4539 * SECURITY UPDATE: out-of-bounds reads in zif_grapheme_stripos and zif_grapheme_strpos with negative offset - debian/patches/CVE-2016-4540.patch: check bounds in ext/intl/grapheme/grapheme_string.c, added test to ext/intl/tests/bug72061.phpt. - CVE-2016-4540 - CVE-2016-4541 * SECURITY UPDATE: out of bounds heap read access in exif header processing - debian/patches/CVE-2016-4542.patch: check sizes and length in ext/exif/exif.c. - CVE-2016-4542 - CVE-2016-4543 - CVE-2016-4544 -- Marc Deslauriers <email address hidden> Thu, 19 May 2016 12:45:01 -0400
Available diffs
php5 (5.6.11+dfsg-1ubuntu3.4) wily-security; urgency=medium * SECURITY UPDATE: heap corruption in tar/zip/phar parser - debian/patches/CVE-2016-4342.patch: remove UMR when size is 0 in ext/phar/phar_object.c. - CVE-2016-4342 * SECURITY UPDATE: uninitialized pointer in phar_make_dirstream() - debian/patches/CVE-2016-4343.patch: check lengths in ext/phar/dirstream.c, ext/phar/tar.c. - CVE-2016-4343 * SECURITY UPDATE: bcpowmod accepts negative scale and corrupts _one_ definition - debian/patches/CVE-2016-4537.patch: properly detect scale in ext/bcmath/bcmath.c, add test to ext/bcmath/tests/bug72093.phpt. - CVE-2016-4537 - CVE-2016-4538 * SECURITY UPDATE: xml_parse_into_struct segmentation fault - debian/patches/CVE-2016-4539.patch: check parser->level in ext/xml/xml.c, added test to ext/xml/tests/bug72099.phpt. - CVE-2016-4539 * SECURITY UPDATE: out-of-bounds reads in zif_grapheme_stripos and zif_grapheme_strpos with negative offset - debian/patches/CVE-2016-4540.patch: check bounds in ext/intl/grapheme/grapheme_string.c, added test to ext/intl/tests/bug72061.phpt. - CVE-2016-4540 - CVE-2016-4541 * SECURITY UPDATE: out of bounds heap read access in exif header processing - debian/patches/CVE-2016-4542.patch: check sizes and length in ext/exif/exif.c. - CVE-2016-4542 - CVE-2016-4543 - CVE-2016-4544 -- Marc Deslauriers <email address hidden> Thu, 19 May 2016 12:03:33 -0400
Available diffs
php5 (5.6.11+dfsg-1ubuntu3.3) wily-security; urgency=medium * SECURITY REGRESSION: out of memory in SOAP (LP: #1575298) - debian/patches/CVE-2015-8835.patch: updated to fix bad patch backport. -- Marc Deslauriers <email address hidden> Tue, 26 Apr 2016 14:57:54 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.16) trusty-security; urgency=medium * SECURITY UPDATE: directory traversal in ZipArchive::extractTo - debian/patches/CVE-2014-9767.patch: use proper path in ext/zip/php_zip.c, added test to ext/zip/tests/bug70350.phpt. - CVE-2014-9767 * SECURITY UPDATE: type confusion issue in SoapClient - debian/patches/CVE-2015-8835.patch: check types in ext/soap/php_http.c. - CVE-2015-8835 - CVE-2016-3185 * SECURITY UPDATE: mysqlnd is vulnerable to BACKRONYM - debian/patches/CVE-2015-8838.patch: fix ssl handling in ext/mysqlnd/mysqlnd.c. - CVE-2015-8838 * SECURITY UPDATE: denial of service or memory disclosure in gd via large bgd_color argument to imagerotate - debian/patches/CVE-2016-1903.patch: check bgcolor in ext/gd/libgd/gd_interpolation.c, added test to ext/gd/tests/bug70976.phpt. - CVE-2016-1903 * SECURITY UPDATE: stack overflow when decompressing tar archives - debian/patches/CVE-2016-2554.patch: handle non-terminated linknames in ext/phar/tar.c. - CVE-2016-2554 * SECURITY UPDATE: use-after-free in WDDX - debian/patches/CVE-2016-3141.patch: fix stack in ext/wddx/wddx.c, added test to ext/wddx/tests/bug71587.phpt. - CVE-2016-3141 * SECURITY UPDATE: out-of-Bound Read in phar_parse_zipfile() - debian/patches/CVE-2016-3142.patch: check bounds in ext/phar/zip.c. - CVE-2016-3142 * SECURITY UPDATE: libxml_disable_entity_loader setting is shared between threads - debian/patches/bug64938.patch: enable entity loader in ext/libxml/libxml.c. - No CVE number * SECURITY UPDATE: openssl_random_pseudo_bytes() is not cryptographically secure - debian/patches/bug70014.patch: use RAND_bytes instead of deprecated RAND_pseudo_bytes in ext/openssl/openssl.c. - No CVE number * SECURITY UPDATE: buffer over-write in finfo_open with malformed magic file - debian/patches/bug71527.patch: properly calculate length in ext/fileinfo/libmagic/funcs.c, added test to ext/fileinfo/tests/bug71527.magic. - CVE number pending * SECURITY UPDATE: php_snmp_error() format string Vulnerability - debian/patches/bug71704.patch: use format string in ext/snmp/snmp.c. - CVE number pending * SECURITY UPDATE: integer overflow in php_raw_url_encode - debian/patches/bug71798.patch: use size_t in ext/standard/url.c. - CVE number pending * SECURITY UPDATE: invalid memory write in phar on filename containing NULL - debian/patches/bug71860.patch: require valid paths in ext/phar/phar.c, ext/phar/phar_object.c, fix tests in ext/phar/tests/badparameters.phpt, ext/phar/tests/create_path_error.phpt, ext/phar/tests/phar_extract.phpt, ext/phar/tests/phar_isvalidpharfilename.phpt, ext/phar/tests/phar_unlinkarchive.phpt, ext/phar/tests/pharfileinfo_construct.phpt. - CVE number pending * SECURITY UPDATE: invalid negative size in mbfl_strcut - debian/patches/bug71906.patch: fix length checks in ext/mbstring/libmbfl/mbfl/mbfilter.c. - CVE number pending * This package does _NOT_ contain the changes from php5 (5.5.9+dfsg-1ubuntu4.15) in trusty-proposed. -- Marc Deslauriers <email address hidden> Wed, 20 Apr 2016 09:52:09 -0400
Available diffs
php5 (5.3.10-1ubuntu3.22) precise-security; urgency=medium * SECURITY UPDATE: directory traversal in ZipArchive::extractTo - debian/patches/CVE-2014-9767.patch: use proper path in ext/zip/php_zip.c, added test to ext/zip/tests/bug70350.phpt. - CVE-2014-9767 * SECURITY UPDATE: type confusion issue in SoapClient - debian/patches/CVE-2015-8835.patch: check types in ext/soap/php_http.c. - CVE-2015-8835 - CVE-2016-3185 * SECURITY UPDATE: mysqlnd is vulnerable to BACKRONYM - debian/patches/CVE-2015-8838.patch: fix ssl handling in ext/mysqlnd/mysqlnd.c. - CVE-2015-8838 * SECURITY UPDATE: stack overflow when decompressing tar archives - debian/patches/CVE-2016-2554.patch: handle non-terminated linknames in ext/phar/tar.c. - CVE-2016-2554 * SECURITY UPDATE: use-after-free in WDDX - debian/patches/CVE-2016-3141.patch: fix stack in ext/wddx/wddx.c, added test to ext/wddx/tests/bug71587.phpt. - CVE-2016-3141 * SECURITY UPDATE: out-of-Bound Read in phar_parse_zipfile() - debian/patches/CVE-2016-3142.patch: check bounds in ext/phar/zip.c. - CVE-2016-3142 * SECURITY UPDATE: libxml_disable_entity_loader setting is shared between threads - debian/patches/bug64938.patch: enable entity loader in ext/libxml/libxml.c. - No CVE number * SECURITY UPDATE: openssl_random_pseudo_bytes() is not cryptographically secure - debian/patches/bug70014.patch: use RAND_bytes instead of deprecated RAND_pseudo_bytes in ext/openssl/openssl.c. - No CVE number * SECURITY UPDATE: buffer over-write in finfo_open with malformed magic file - debian/patches/bug71527.patch: properly calculate length in ext/fileinfo/libmagic/funcs.c, added test to ext/fileinfo/tests/bug71527.magic. - CVE number pending * SECURITY UPDATE: integer overflow in php_raw_url_encode - debian/patches/bug71798.patch: use size_t in ext/standard/url.c. - CVE number pending * SECURITY UPDATE: invalid memory write in phar on filename containing NULL - debian/patches/bug71860.patch: require valid paths in ext/phar/phar.c, ext/phar/phar_object.c. - CVE number pending * SECURITY UPDATE: invalid negative size in mbfl_strcut - debian/patches/bug71906.patch: fix length checks in ext/mbstring/libmbfl/mbfl/mbfilter.c. - CVE number pending -- Marc Deslauriers <email address hidden> Tue, 19 Apr 2016 16:55:56 -0400
Available diffs
php5 (5.6.11+dfsg-1ubuntu3.2) wily-security; urgency=medium * SECURITY UPDATE: directory traversal in ZipArchive::extractTo - debian/patches/CVE-2014-9767.patch: use proper path in ext/zip/php_zip.c, added test to ext/zip/tests/bug70350.phpt. - CVE-2014-9767 * SECURITY UPDATE: type confusion issue in SoapClient - debian/patches/CVE-2015-8835.patch: check types in ext/soap/php_http.c. - CVE-2015-8835 - CVE-2016-3185 * SECURITY UPDATE: denial of service or memory disclosure in gd via large bgd_color argument to imagerotate - debian/patches/CVE-2016-1903.patch: check bgcolor in ext/gd/libgd/gd_interpolation.c, added test to ext/gd/tests/bug70976.phpt. - CVE-2016-1903 * SECURITY UPDATE: stack overflow when decompressing tar archives - debian/patches/CVE-2016-2554.patch: handle non-terminated linknames in ext/phar/tar.c. - CVE-2016-2554 * SECURITY UPDATE: use-after-free in WDDX - debian/patches/CVE-2016-3141.patch: fix stack in ext/wddx/wddx.c, added test to ext/wddx/tests/bug71587.phpt. - CVE-2016-3141 * SECURITY UPDATE: out-of-Bound Read in phar_parse_zipfile() - debian/patches/CVE-2016-3142.patch: check bounds in ext/phar/zip.c. - CVE-2016-3142 * SECURITY UPDATE: openssl_random_pseudo_bytes() is not cryptographically secure - debian/patches/bug70014.patch: use RAND_bytes instead of deprecated RAND_pseudo_bytes in ext/openssl/openssl.c. - No CVE number * SECURITY UPDATE: buffer over-write in finfo_open with malformed magic file - debian/patches/bug71527.patch: properly calculate length in ext/fileinfo/libmagic/funcs.c, added test to ext/fileinfo/tests/bug71527.magic. - CVE number pending * SECURITY UPDATE: php_snmp_error() format string Vulnerability - debian/patches/bug71704.patch: use format string in ext/snmp/snmp.c. - CVE number pending * SECURITY UPDATE: integer overflow in php_raw_url_encode - debian/patches/bug71798.patch: use size_t in ext/standard/url.c. - CVE number pending * SECURITY UPDATE: invalid memory write in phar on filename containing NULL - debian/patches/bug71860.patch: require valid paths in ext/phar/phar.c, ext/phar/phar_object.c, fix tests in ext/phar/tests/badparameters.phpt, ext/phar/tests/bug64931/bug64931.phpt, ext/phar/tests/create_path_error.phpt, ext/phar/tests/phar_extract.phpt, ext/phar/tests/phar_isvalidpharfilename.phpt, ext/phar/tests/phar_unlinkarchive.phpt, ext/phar/tests/pharfileinfo_construct.phpt. - CVE number pending * SECURITY UPDATE: invalid negative size in mbfl_strcut - debian/patches/bug71906.patch: fix length checks in ext/mbstring/libmbfl/mbfl/mbfilter.c. - CVE number pending -- Marc Deslauriers <email address hidden> Fri, 15 Apr 2016 10:37:57 -0400
Available diffs
Deleted in trusty-proposed (Reason: moved to -updates) |
php5 (5.5.9+dfsg-1ubuntu4.15) trusty; urgency=medium * Fix zlib function naming with LFS (LP: #1315888). -- Nishanth Aravamudan <email address hidden> Tue, 22 Mar 2016 09:00:05 -0700
Available diffs
Deleted in xenial-release (Reason: Obsoleted by php7.0; LP: #1547183) |
Superseded in xenial-release |
Deleted in xenial-proposed (Reason: moved to release) |
php5 (5.6.17+dfsg-3ubuntu1) xenial; urgency=medium * Merge from Debian. Remaining changes: - Drop support for firebird, c-client, mcrypt, onig and qdbm as they are in universe: + d/control: drop Build-Depends on firebird-dev, libc-client-dev, libmcrypt-dev, libonig-dev, libqdbm-dev. + d/control: drop binary packages php5-imap, php5-interbase and php5-mcrypt and their reverse dependencies. + d/rules: drop configuration of qdgm, onig, imap, mcrypt. + d/rules: drop CONFIGURE_APACHE_ARGS settings since now we don't build interbase or firebird. + d/modulelist: drop imap, interbase and mcrypt. - d/control: switch Build-Depends of netcat-traditional to netcat-openbsd as only the latter is in main. - d/source_php5.py, d/rules: add apport hook.
Available diffs
php5 (5.6.16+dfsg-1ubuntu1) xenial; urgency=medium * Merge from Debian. Remaining changes: - Drop support for firebird, c-client, mcrypt, onig and qdbm as they are in universe: + d/control: drop Build-Depends on firebird-dev, libc-client-dev, libmcrypt-dev, libonig-dev, libqdbm-dev. + d/control: drop binary packages php5-imap, php5-interbase and php5-mcrypt and their reverse dependencies. + d/rules: drop configuration of qdgm, onig, imap, mcrypt. + d/rules: drop CONFIGURE_APACHE_ARGS settings since now we don't build interbase or firebird. + d/modulelist: drop imap, interbase and mcrypt. - d/control: switch Build-Depends of netcat-traditional to netcat-openbsd as only the latter is in main. - d/source_php5.py, d/rules: add apport hook.
Available diffs
php5 (5.6.14+dfsg-1ubuntu1) xenial; urgency=medium * Merge from Debian. Remaining changes: - Drop support for firebird, c-client, mcrypt, onig and qdbm as they are in universe: + d/control: drop Build-Depends on firebird-dev, libc-client-dev, libmcrypt-dev, libonig-dev, libqdbm-dev. + d/control: drop binary packages php5-imap, php5-interbase and php5-mcrypt and their reverse dependencies. + d/rules: drop configuration of qdgm, onig, imap, mcrypt. + d/rules: drop CONFIGURE_APACHE_ARGS settings since now we don't build interbase or firebird. + d/modulelist: drop imap, interbase and mcrypt. - d/control: switch Build-Depends of netcat-traditional to netcat-openbsd as only the latter is in main. - d/source_php5.py, d/rules: add apport hook. * Drop changes (patches included upstream): - CVE-2015-6831-1.patch, CVE-2015-6831-2.patch, CVE-2015-6831-3.patch, CVE-2015-6832.patch, CVE-2015-6833-1.patch, CVE-2015-6833-2.patch, CVE-2015-6834-1.patch, CVE-2015-6834-2.patch, CVE-2015-6834-3.patch, CVE-2015-6835-1.patch, CVE-2015-6835-2.patch, CVE-2015-6836.patch, CVE-2015-6837-6838.patch
Available diffs
php5 (5.3.10-1ubuntu3.21) precise-security; urgency=medium * SECURITY UPDATE: null pointer dereference in phar_get_fp_offset() - debian/patches/CVE-2015-7803.patch: check link in ext/phar/util.c. - CVE-2015-7803 * SECURITY UPDATE: uninitialized pointer in phar_make_dirstream() - debian/patches/CVE-2015-7804.patch: check filename length in ext/phar/util.c, ext/phar/zip.c. - CVE-2015-7804 -- Marc Deslauriers <email address hidden> Tue, 27 Oct 2015 16:59:36 -0400
Available diffs
php5 (5.6.11+dfsg-1ubuntu3.1) wily-security; urgency=medium * SECURITY UPDATE: null pointer dereference in phar_get_fp_offset() - debian/patches/CVE-2015-7803.patch: check link in ext/phar/util.c. - CVE-2015-7803 * SECURITY UPDATE: uninitialized pointer in phar_make_dirstream() - debian/patches/CVE-2015-7804.patch: check filename length in ext/phar/util.c, ext/phar/zip.c. - CVE-2015-7804 -- Marc Deslauriers <email address hidden> Tue, 27 Oct 2015 16:47:59 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.14) trusty-security; urgency=medium * SECURITY UPDATE: null pointer dereference in phar_get_fp_offset() - debian/patches/CVE-2015-7803.patch: check link in ext/phar/util.c. - CVE-2015-7803 * SECURITY UPDATE: uninitialized pointer in phar_make_dirstream() - debian/patches/CVE-2015-7804.patch: check filename length in ext/phar/util.c, ext/phar/zip.c. - CVE-2015-7804 -- Marc Deslauriers <email address hidden> Tue, 27 Oct 2015 16:55:35 -0400
Available diffs
php5 (5.6.4+dfsg-4ubuntu6.4) vivid-security; urgency=medium * SECURITY UPDATE: null pointer dereference in phar_get_fp_offset() - debian/patches/CVE-2015-7803.patch: check link in ext/phar/util.c. - CVE-2015-7803 * SECURITY UPDATE: uninitialized pointer in phar_make_dirstream() - debian/patches/CVE-2015-7804.patch: check filename length in ext/phar/util.c, ext/phar/zip.c. - CVE-2015-7804 -- Marc Deslauriers <email address hidden> Tue, 27 Oct 2015 16:52:47 -0400
Available diffs
php5 (5.3.10-1ubuntu3.20) precise-security; urgency=medium * debian/patches/bug65481.patch: backport bugfix to get new var_push_dtor_no_addref function. * SECURITY UPDATE: phar segfault on invalid file - debian/patches/CVE-2015-5589-1.patch: check stream before closing in ext/phar/phar_object.c. - debian/patches/CVE-2015-5589-2.patch: add better checks in ext/phar/phar_object.c. - CVE-2015-5589 * SECURITY UPDATE: phar buffer overflow in phar_fix_filepath - debian/patches/CVE-2015-5590.patch: properly handle path in ext/phar/phar.c. - CVE-2015-5590 * SECURITY UPDATE: multiple use-after-free issues in unserialize() - debian/patches/CVE-2015-6831-1.patch: fix SPLArrayObject in ext/spl/spl_array.c, added test to ext/spl/tests/bug70166.phpt. - debian/patches/CVE-2015-6831-2.patch: fix SplObjectStorage in ext/spl/spl_observer.c. - CVE-2015-6831 * SECURITY UPDATE: dangling pointer in the unserialization of ArrayObject items - debian/patches/CVE-2015-6832.patch: fix dangling pointer in ext/spl/spl_array.c. - CVE-2015-6832 * SECURITY UPDATE: phar files extracted outside of destination dir - debian/patches/CVE-2015-6833-1.patch: limit extracted files to given directory in ext/phar/phar_object.c. - CVE-2015-6833 * SECURITY UPDATE: multiple vulnerabilities in unserialize() - debian/patches/CVE-2015-6834-1.patch: fix use-after-free in ext/standard/var.c, ext/standard/var_unserializer.*. - debian/patches/CVE-2015-6834-2.patch: fix use-after-free in ext/spl/spl_observer.c. - CVE-2015-6834 * SECURITY UPDATE: use after free in session deserializer - debian/patches/CVE-2015-6835-1.patch: fix use after free in ext/session/session.c, ext/standard/var_unserializer.* fixed tests in ext/session/tests/session_decode_error2.phpt, ext/session/tests/session_decode_variation3.phpt. - CVE-2015-6835 * SECURITY UPDATE: SOAP serialize_function_call() type confusion - debian/patches/CVE-2015-6836.patch: check type in ext/soap/soap.c, added test to ext/soap/tests/bug70388.phpt. - CVE-2015-6836 * SECURITY UPDATE: NULL pointer dereference in XSLTProcessor class - debian/patches/CVE-2015-6837-6838.patch: fix logic in ext/xsl/xsltprocessor.c. - CVE-2015-6837 - CVE-2015-6838 -- Marc Deslauriers <email address hidden> Tue, 29 Sep 2015 12:51:49 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.13) trusty-security; urgency=medium * SECURITY UPDATE: phar segfault on invalid file - debian/patches/CVE-2015-5589-1.patch: check stream before closing in ext/phar/phar_object.c. - debian/patches/CVE-2015-5589-2.patch: add better checks in ext/phar/phar_object.c. - CVE-2015-5589 * SECURITY UPDATE: phar buffer overflow in phar_fix_filepath - debian/patches/CVE-2015-5590.patch: properly handle path in ext/phar/phar.c. - CVE-2015-5590 * SECURITY UPDATE: multiple use-after-free issues in unserialize() - debian/patches/CVE-2015-6831-1.patch: fix SPLArrayObject in ext/spl/spl_array.c, added test to ext/spl/tests/bug70166.phpt. - debian/patches/CVE-2015-6831-2.patch: fix SplObjectStorage in ext/spl/spl_observer.c, added test to ext/spl/tests/bug70168.phpt. - debian/patches/CVE-2015-6831-3.patch: fix SplDoublyLinkedList in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug70169.phpt. - CVE-2015-6831 * SECURITY UPDATE: dangling pointer in the unserialization of ArrayObject items - debian/patches/CVE-2015-6832.patch: fix dangling pointer in ext/spl/spl_array.c, added test to ext/spl/tests/bug70068.phpt. - CVE-2015-6832 * SECURITY UPDATE: phar files extracted outside of destination dir - debian/patches/CVE-2015-6833-1.patch: limit extracted files to given directory in ext/phar/phar_object.c. - CVE-2015-6833 * SECURITY UPDATE: multiple vulnerabilities in unserialize() - debian/patches/CVE-2015-6834-1.patch: fix use-after-free in ext/standard/var.c, ext/standard/var_unserializer.*. - debian/patches/CVE-2015-6834-2.patch: fix use-after-free in ext/spl/spl_observer.c, added test to ext/spl/tests/bug70365.phpt. - debian/patches/CVE-2015-6834-3.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug70366.phpt. - CVE-2015-6834 * SECURITY UPDATE: use after free in session deserializer - debian/patches/CVE-2015-6835-1.patch: fix use after free in ext/session/session.c, ext/standard/var_unserializer.* fixed tests in ext/session/tests/session_decode_error2.phpt, ext/session/tests/session_decode_variation3.phpt. - debian/patches/CVE-2015-6835-2.patch: add more fixes to ext/session/session.c. - CVE-2015-6835 * SECURITY UPDATE: SOAP serialize_function_call() type confusion - debian/patches/CVE-2015-6836.patch: check type in ext/soap/soap.c, added test to ext/soap/tests/bug70388.phpt. - CVE-2015-6836 * SECURITY UPDATE: NULL pointer dereference in XSLTProcessor class - debian/patches/CVE-2015-6837-6838.patch: fix logic in ext/xsl/xsltprocessor.c. - CVE-2015-6837 - CVE-2015-6838 -- Marc Deslauriers <email address hidden> Tue, 29 Sep 2015 07:35:49 -0400
Available diffs
Superseded in xenial-release |
Obsolete in wily-release |
Deleted in wily-proposed (Reason: moved to release) |
php5 (5.6.11+dfsg-1ubuntu3) wily; urgency=medium * SECURITY UPDATE: multiple use-after-free issues in unserialize() - debian/patches/CVE-2015-6831-1.patch: fix SPLArrayObject in ext/spl/spl_array.c, added test to ext/spl/tests/bug70166.phpt. - debian/patches/CVE-2015-6831-2.patch: fix SplObjectStorage in ext/spl/spl_observer.c, added test to ext/spl/tests/bug70168.phpt. - debian/patches/CVE-2015-6831-3.patch: fix SplDoublyLinkedList in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug70169.phpt. - CVE-2015-6831 * SECURITY UPDATE: dangling pointer in the unserialization of ArrayObject items - debian/patches/CVE-2015-6832.patch: fix dangling pointer in ext/spl/spl_array.c, added test to ext/spl/tests/bug70068.phpt. - CVE-2015-6832 * SECURITY UPDATE: phar files extracted outside of destination dir - debian/patches/CVE-2015-6833-1.patch: limit extracted files to given directory in ext/phar/phar_object.c. - debian/patches/CVE-2015-6833-2.patch: use emalloc in ext/phar/phar_object.c. - CVE-2015-6833 * SECURITY UPDATE: multiple vulnerabilities in unserialize() - debian/patches/CVE-2015-6834-1.patch: fix use-after-free in ext/standard/var.c, ext/standard/var_unserializer.*. - debian/patches/CVE-2015-6834-2.patch: fix use-after-free in ext/spl/spl_observer.c, added test to ext/spl/tests/bug70365.phpt. - debian/patches/CVE-2015-6834-3.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug70366.phpt. - CVE-2015-6834 * SECURITY UPDATE: use after free in session deserializer - debian/patches/CVE-2015-6835-1.patch: fix use after free in ext/session/session.c, ext/standard/var_unserializer.* fixed tests in ext/session/tests/session_decode_error2.phpt, ext/session/tests/session_decode_variation3.phpt. - debian/patches/CVE-2015-6835-2.patch: add more fixes to ext/session/session.c. - CVE-2015-6835 * SECURITY UPDATE: SOAP serialize_function_call() type confusion - debian/patches/CVE-2015-6836.patch: check type in ext/soap/soap.c, added test to ext/soap/tests/bug70388.phpt. - CVE-2015-6836 * SECURITY UPDATE: NULL pointer dereference in XSLTProcessor class - debian/patches/CVE-2015-6837-6838.patch: fix logic in ext/xsl/xsltprocessor.c. - CVE-2015-6837 - CVE-2015-6838 -- Marc Deslauriers <email address hidden> Mon, 28 Sep 2015 07:26:44 -0400
Available diffs
php5 (5.6.4+dfsg-4ubuntu6.3) vivid-security; urgency=medium * SECURITY UPDATE: phar segfault on invalid file - debian/patches/CVE-2015-5589-1.patch: check stream before closing in ext/phar/phar_object.c. - debian/patches/CVE-2015-5589-2.patch: add better checks in ext/phar/phar_object.c. - CVE-2015-5589 * SECURITY UPDATE: phar buffer overflow in phar_fix_filepath - debian/patches/CVE-2015-5590.patch: properly handle path in ext/phar/phar.c. - CVE-2015-5590 * SECURITY UPDATE: multiple use-after-free issues in unserialize() - debian/patches/CVE-2015-6831-1.patch: fix SPLArrayObject in ext/spl/spl_array.c, added test to ext/spl/tests/bug70166.phpt. - debian/patches/CVE-2015-6831-2.patch: fix SplObjectStorage in ext/spl/spl_observer.c, added test to ext/spl/tests/bug70168.phpt. - debian/patches/CVE-2015-6831-3.patch: fix SplDoublyLinkedList in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug70169.phpt. - CVE-2015-6831 * SECURITY UPDATE: dangling pointer in the unserialization of ArrayObject items - debian/patches/CVE-2015-6832.patch: fix dangling pointer in ext/spl/spl_array.c, added test to ext/spl/tests/bug70068.phpt. - CVE-2015-6832 * SECURITY UPDATE: phar files extracted outside of destination dir - debian/patches/CVE-2015-6833-1.patch: limit extracted files to given directory in ext/phar/phar_object.c. - debian/patches/CVE-2015-6833-2.patch: use emalloc in ext/phar/phar_object.c. - CVE-2015-6833 * SECURITY UPDATE: multiple vulnerabilities in unserialize() - debian/patches/CVE-2015-6834-1.patch: fix use-after-free in ext/standard/var.c, ext/standard/var_unserializer.*. - debian/patches/CVE-2015-6834-2.patch: fix use-after-free in ext/spl/spl_observer.c, added test to ext/spl/tests/bug70365.phpt. - debian/patches/CVE-2015-6834-3.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug70366.phpt. - CVE-2015-6834 * SECURITY UPDATE: use after free in session deserializer - debian/patches/CVE-2015-6835-1.patch: fix use after free in ext/session/session.c, ext/standard/var_unserializer.* fixed tests in ext/session/tests/session_decode_error2.phpt, ext/session/tests/session_decode_variation3.phpt. - debian/patches/CVE-2015-6835-2.patch: add more fixes to ext/session/session.c. - CVE-2015-6835 * SECURITY UPDATE: SOAP serialize_function_call() type confusion - debian/patches/CVE-2015-6836.patch: check type in ext/soap/soap.c, added test to ext/soap/tests/bug70388.phpt. - CVE-2015-6836 * SECURITY UPDATE: NULL pointer dereference in XSLTProcessor class - debian/patches/CVE-2015-6837-6838.patch: fix logic in ext/xsl/xsltprocessor.c. - CVE-2015-6837 - CVE-2015-6838 -- Marc Deslauriers <email address hidden> Mon, 28 Sep 2015 15:51:34 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.12) trusty; urgency=medium * Fix PHP Fatal error: Inconsistent insteadof definition (LP: #1474276) - Apply upstream fix -- Ryan Harper <email address hidden> Thu, 13 Aug 2015 09:55:34 -0500
Available diffs
php5 (5.6.11+dfsg-1ubuntu2) wily; urgency=medium * No-change rebuild against new libicu -- Iain Lane <email address hidden> Wed, 05 Aug 2015 17:41:17 +0100
Available diffs
php5 (5.6.11+dfsg-1ubuntu1) wily; urgency=medium * Merge from Debian. Remaining changes: - Drop support for firebird, c-client, mcrypt, onig and qdbm as they are in universe: + d/control: drop Build-Depends on firebird-dev, libc-client-dev, libmcrypt-dev, libonig-dev, libqdbm-dev. + d/control: drop binary packages php5-imap, php5-interbase and php5-mcrypt and their reverse dependencies. + d/rules: drop configuration of qdgm, onig, imap, mcrypt. + d/rules: drop CONFIGURE_APACHE_ARGS settings since now we don't build interbase or firebird. + d/modulelist: drop imap, interbase and mcrypt. - d/control: switch Build-Depends of netcat-traditional to netcat-openbsd as only the latter is in main. - d/source_php5.py, d/rules: add apport hook. * New upstream version uses __builtin_clzl when __powerpc__ is defined, improving performance on POWER systems (LP: #1458434). * Drop changes (patches included upstream): CVE-2015-4598.patch, CVE-2015-4643.patch, CVE-2015-4644.patch. -- Robie Basak <email address hidden> Mon, 27 Jul 2015 11:15:34 +0000
Available diffs
php5 (5.6.9+dfsg-1ubuntu1) wily; urgency=medium * Merge from Debian. Remaining changes: - d/control: drop Build-Depends that are in universe: firebird-dev, libc-client-dev, libmcrypt-dev, libonig-dev, libqdbm-dev. - d/rules: drop configuration of packages that are in universe: qdgm, onig. - d/rules: drop CONFIGURE_APACHE_ARGS settings since now we don't build interbase or firebird. - d/control: drop binary packages php5-imap, php5-interbase and php5-mcrypt since we have separate versions in universe. - d/modulelist: drop imap, interbase and mcrypt since we have separate versions in universe. - d/rules: drop configuration of imap and mcrypt since we have separate versions in universe. - d/source_php5.py, d/rules: add apport hook. - d/control: switch Build-Depends of netcat-traditional to netcat-openbsd as only the latter is in main. * Dropped changes: - patches included in new upstream version: CVE-2014-9427.patch, CVE-2014-9652.patch, CVE-2015-0231.patch, CVE-2015-0232.patch, CVE-2015-1351.patch, CVE-2015-1352.patch, remove_readelf.patch, CVE-2014-9705.patch, CVE-2015-0273.patch, CVE-2015-2301.patch, CVE-2015-2305.patch, CVE-2015-2331.patch, CVE-2015-2348.patch, CVE-2015-2787.patch, CVE-2015-2783.patch, bug69218.patch, bug69441.patch. * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4598.patch: add missing checks to ext/dom/document.c, ext/gd/gd.c, fix test in ext/dom/tests/DOMDocument_loadHTMLfile_error2.phpt. - CVE-2015-4598 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4643.patch: prevent overflow check bypass in ext/ftp/ftp.c. - CVE-2015-4643 * SECURITY UPDATE: denial of service via php_pgsql_meta_data - debian/patches/CVE-2015-4644.patch: check return value in ext/pgsql/pgsql.c, add test to ext/pgsql/pg_insert_002.phpt. - CVE-2015-4644
Available diffs
php5 (5.3.10-1ubuntu3.19) precise-security; urgency=medium * SECURITY UPDATE: missing file path null byte checks - debian/patches/CVE-2015-3411.patch: add missing checks to ext/dom/document.c, ext/fileinfo/fileinfo.c, ext/gd/gd.c, ext/hash/hash.c, ext/pgsql/pgsql.c, ext/standard/streamsfuncs.c, ext/xmlwriter/php_xmlwriter.c, ext/zlib/zlib.c, add tests to ext/fileinfo/tests/finfo_file_basic.phpt, ext/hash/tests/hash_hmac_file_error.phpt, backport CHECK_NULL_PATH to Zend/zend_API.h. - CVE-2015-3411 - CVE-2015-3412 * SECURITY UPDATE: denial of service via crafted tar archive - debian/patches/CVE-2015-4021.patch: handle empty strings in ext/phar/tar.c. - CVE-2015-4021 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4022.patch: fix overflow in ext/ftp/ftp.c. - CVE-2015-4022 * SECURITY UPDATE: denial of service via crafted form data - debian/patches/CVE-2015-4024.patch: use smart_str to assemble strings in main/rfc1867.c. - CVE-2015-4024 * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4025.patch: add missing checks to ext/pcntl/pcntl.c, ext/standard/dir.c. - CVE-2015-4025 - CVE-2015-4026 * SECURITY UPDATE: arbitrary code execution via crafted serialized data with unexpected data type - debian/patches/CVE-2015-4147.patch: check variable types in ext/soap/php_encoding.c, ext/soap/php_http.c, ext/soap/soap.c. - CVE-2015-4147 - CVE-2015-4148 - CVE-2015-4600 - CVE-2015-4601 * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4598.patch: add missing checks to ext/dom/document.c, ext/gd/gd.c. - CVE-2015-4598 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4599.patch: use proper types in ext/soap/soap.c. - CVE-2015-4599 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4602.patch: check for proper type in ext/standard/incomplete_class.c. - CVE-2015-4602 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4603.patch: check type in Zend/zend_exceptions.c, add test to ext/standard/tests/serialize/bug69152.phpt. - CVE-2015-4603 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4643.patch: prevent overflow check bypass in ext/ftp/ftp.c. - CVE-2015-4643 * SECURITY UPDATE: denial of service via php_pgsql_meta_data - debian/patches/CVE-2015-4644.patch: check return value in ext/pgsql/pgsql.c, add test to ext/pgsql/pg_insert_002.phpt. - CVE-2015-4644 * debian/patches/CVE-2015-2783-memleak.patch: fix memory leak introduced by CVE-2015-2783 security update. -- Marc Deslauriers <email address hidden> Thu, 02 Jul 2015 07:42:32 -0400
Available diffs
php5 (5.5.12+dfsg-2ubuntu4.6) utopic-security; urgency=medium * SECURITY UPDATE: missing file path null byte checks - debian/patches/CVE-2015-3411.patch: add missing checks to ext/dom/document.c, ext/fileinfo/fileinfo.c, ext/gd/gd.c, ext/hash/hash.c, ext/pgsql/pgsql.c, ext/standard/link.c, ext/standard/streamsfuncs.c, ext/xmlwriter/php_xmlwriter.c, ext/zlib/zlib.c, add tests to ext/dom/tests/DOMDocument_loadHTMLfile_error2.phpt, ext/fileinfo/tests/finfo_file_basic.phpt, ext/hash/tests/hash_hmac_file_error.phpt - CVE-2015-3411 - CVE-2015-3412 * SECURITY UPDATE: denial of service via crafted tar archive - debian/patches/CVE-2015-4021.patch: handle empty strings in ext/phar/tar.c. - CVE-2015-4021 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4022.patch: fix overflow in ext/ftp/ftp.c. - CVE-2015-4022 * SECURITY UPDATE: denial of service via crafted form data - debian/patches/CVE-2015-4024.patch: use smart_str to assemble strings in main/rfc1867.c. - CVE-2015-4024 * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4025.patch: add missing checks to ext/pcntl/pcntl.c, ext/standard/basic_functions.c, ext/standard/dir.c, ext/standard/file.c. - CVE-2015-4025 - CVE-2015-4026 * SECURITY UPDATE: arbitrary code execution via crafted serialized data with unexpected data type - debian/patches/CVE-2015-4147.patch: check variable types in ext/soap/php_encoding.c, ext/soap/php_http.c, ext/soap/soap.c. - CVE-2015-4147 - CVE-2015-4148 - CVE-2015-4600 - CVE-2015-4601 * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4598.patch: add missing checks to ext/dom/document.c, ext/gd/gd.c, fix tests in ext/dom/tests/DOMDocument_loadHTMLfile_error2.phpt, ext/gd/tests/imageloadfont_error1.phpt, ext/zlib/tests/gzopen_variation1.phpt, ext/zlib/tests/readgzfile_variation1.phpt, ext/zlib/tests/readgzfile_variation6.phpt, ext/standard/tests/dir/dir_variation1.phpt, ext/standard/tests/dir/opendir_variation1.phpt, ext/standard/tests/file/mkdir_rmdir_variation2.phpt, ext/standard/tests/file/readlink_variation1.phpt, ext/standard/tests/file/tempnam_variation3-win32.phpt, ext/standard/tests/file/tempnam_variation3.phpt, ext/standard/tests/general_functions/include_path.phpt. - CVE-2015-4598 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4599.patch: use proper types in ext/soap/soap.c. - CVE-2015-4599 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4602.patch: check for proper type in ext/standard/incomplete_class.c. - CVE-2015-4602 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4603.patch: check type in Zend/zend_exceptions.c, add test to ext/standard/tests/serialize/bug69152.phpt. - CVE-2015-4603 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4643.patch: prevent overflow check bypass in ext/ftp/ftp.c. - CVE-2015-4643 * SECURITY UPDATE: denial of service via php_pgsql_meta_data - debian/patches/CVE-2015-4644.patch: check return value in ext/pgsql/pgsql.c, add test to ext/pgsql/pg_insert_002.phpt. - CVE-2015-4644 * debian/patches/CVE-2015-2783-memleak.patch: fix memory leak introduced by CVE-2015-2783 security update. -- Marc Deslauriers <email address hidden> Thu, 02 Jul 2015 08:51:10 -0400
php5 (5.6.4+dfsg-4ubuntu6.2) vivid-security; urgency=medium * SECURITY UPDATE: missing file path null byte checks - debian/patches/CVE-2015-3411.patch: add missing checks to ext/dom/document.c, ext/fileinfo/fileinfo.c, ext/gd/gd.c, ext/hash/hash.c, ext/pgsql/pgsql.c, ext/standard/link.c, ext/standard/streamsfuncs.c, ext/xmlwriter/php_xmlwriter.c, ext/zlib/zlib.c, add tests to ext/dom/tests/DOMDocument_loadHTMLfile_error2.phpt, ext/fileinfo/tests/finfo_file_basic.phpt, ext/hash/tests/hash_hmac_file_error.phpt - CVE-2015-3411 - CVE-2015-3412 * SECURITY UPDATE: denial of service via crafted tar archive - debian/patches/CVE-2015-4021.patch: handle empty strings in ext/phar/tar.c. - CVE-2015-4021 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4022.patch: fix overflow in ext/ftp/ftp.c. - CVE-2015-4022 * SECURITY UPDATE: denial of service via crafted form data - debian/patches/CVE-2015-4024.patch: use smart_str to assemble strings in main/rfc1867.c. - CVE-2015-4024 * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4025.patch: add missing checks to ext/pcntl/pcntl.c, ext/standard/basic_functions.c, ext/standard/dir.c, ext/standard/file.c. - CVE-2015-4025 - CVE-2015-4026 * SECURITY UPDATE: arbitrary code execution via crafted serialized data with unexpected data type - debian/patches/CVE-2015-4147.patch: check variable types in ext/soap/php_encoding.c, ext/soap/php_http.c, ext/soap/soap.c. - CVE-2015-4147 - CVE-2015-4148 - CVE-2015-4600 - CVE-2015-4601 * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4598.patch: add missing checks to ext/dom/document.c, ext/gd/gd.c, fix tests in ext/dom/tests/DOMDocument_loadHTMLfile_error2.phpt, ext/gd/tests/imageloadfont_error1.phpt, ext/zlib/tests/gzopen_variation1.phpt, ext/zlib/tests/readgzfile_variation1.phpt, ext/zlib/tests/readgzfile_variation6.phpt, ext/standard/tests/dir/dir_variation1.phpt, ext/standard/tests/dir/opendir_variation1.phpt, ext/standard/tests/file/mkdir_rmdir_variation2.phpt, ext/standard/tests/file/readlink_variation1.phpt, ext/standard/tests/file/tempnam_variation3-win32.phpt, ext/standard/tests/file/tempnam_variation3.phpt, ext/standard/tests/general_functions/include_path.phpt. - CVE-2015-4598 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4599.patch: use proper types in ext/soap/soap.c. - CVE-2015-4599 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4602.patch: check for proper type in ext/standard/incomplete_class.c. - CVE-2015-4602 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4603.patch: check type in Zend/zend_exceptions.c, add test to ext/standard/tests/serialize/bug69152.phpt. - CVE-2015-4603 * SECURITY UPDATE: denial of service in Fileinfo with crafted file - debian/patches/CVE-2015-4604.patch: handle large offset in ext/fileinfo/libmagic/softmagic.c, add test to ext/fileinfo/tests/bug68819_001.phpt, ext/fileinfo/tests/bug68819_002.phpt. - CVE-2015-4604 - CVE-2015-4605 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4643.patch: prevent overflow check bypass in ext/ftp/ftp.c. - CVE-2015-4643 * SECURITY UPDATE: denial of service via php_pgsql_meta_data - debian/patches/CVE-2015-4644.patch: check return value in ext/pgsql/pgsql.c, add test to ext/pgsql/pg_insert_002.phpt. - CVE-2015-4644 * debian/patches/CVE-2015-2783-memleak.patch: fix memory leak introduced by CVE-2015-2783 security update. -- Marc Deslauriers <email address hidden> Thu, 02 Jul 2015 08:45:58 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.11) trusty-security; urgency=medium * SECURITY UPDATE: missing file path null byte checks - debian/patches/CVE-2015-3411.patch: add missing checks to ext/dom/document.c, ext/fileinfo/fileinfo.c, ext/gd/gd.c, ext/hash/hash.c, ext/pgsql/pgsql.c, ext/standard/link.c, ext/standard/streamsfuncs.c, ext/xmlwriter/php_xmlwriter.c, ext/zlib/zlib.c, add tests to ext/dom/tests/DOMDocument_loadHTMLfile_error2.phpt, ext/fileinfo/tests/finfo_file_basic.phpt, ext/hash/tests/hash_hmac_file_error.phpt - CVE-2015-3411 - CVE-2015-3412 * SECURITY UPDATE: denial of service via crafted tar archive - debian/patches/CVE-2015-4021.patch: handle empty strings in ext/phar/tar.c. - CVE-2015-4021 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4022.patch: fix overflow in ext/ftp/ftp.c. - CVE-2015-4022 * SECURITY UPDATE: denial of service via crafted form data - debian/patches/CVE-2015-4024.patch: use smart_str to assemble strings in main/rfc1867.c. - CVE-2015-4024 * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4025.patch: add missing checks to ext/pcntl/pcntl.c, ext/standard/basic_functions.c, ext/standard/dir.c, ext/standard/file.c. - CVE-2015-4025 - CVE-2015-4026 * SECURITY UPDATE: arbitrary code execution via crafted serialized data with unexpected data type - debian/patches/CVE-2015-4147.patch: check variable types in ext/soap/php_encoding.c, ext/soap/php_http.c, ext/soap/soap.c. - CVE-2015-4147 - CVE-2015-4148 - CVE-2015-4600 - CVE-2015-4601 * SECURITY UPDATE: more missing file path null byte checks - debian/patches/CVE-2015-4598.patch: add missing checks to ext/dom/document.c, ext/gd/gd.c, fix tests in ext/dom/tests/DOMDocument_loadHTMLfile_error2.phpt, ext/gd/tests/imageloadfont_error1.phpt, ext/zlib/tests/gzopen_variation1.phpt, ext/zlib/tests/readgzfile_variation1.phpt, ext/zlib/tests/readgzfile_variation6.phpt, ext/standard/tests/dir/dir_variation1.phpt, ext/standard/tests/dir/opendir_variation1.phpt, ext/standard/tests/file/mkdir_rmdir_variation2.phpt, ext/standard/tests/file/readlink_variation1.phpt, ext/standard/tests/file/tempnam_variation3-win32.phpt, ext/standard/tests/file/tempnam_variation3.phpt, ext/standard/tests/general_functions/include_path.phpt. - CVE-2015-4598 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4599.patch: use proper types in ext/soap/soap.c. - CVE-2015-4599 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4602.patch: check for proper type in ext/standard/incomplete_class.c. - CVE-2015-4602 * SECURITY UPDATE: denial of service or information leak via type confusion with crafted serialized data - debian/patches/CVE-2015-4603.patch: check type in Zend/zend_exceptions.c, add test to ext/standard/tests/serialize/bug69152.phpt. - CVE-2015-4603 * SECURITY UPDATE: arbitrary code execution via ftp server long reply to a LIST command - debian/patches/CVE-2015-4643.patch: prevent overflow check bypass in ext/ftp/ftp.c. - CVE-2015-4643 * SECURITY UPDATE: denial of service via php_pgsql_meta_data - debian/patches/CVE-2015-4644.patch: check return value in ext/pgsql/pgsql.c, add test to ext/pgsql/pg_insert_002.phpt. - CVE-2015-4644 * debian/patches/CVE-2015-2783-memleak.patch: fix memory leak introduced by CVE-2015-2783 security update. -- Marc Deslauriers <email address hidden> Thu, 02 Jul 2015 08:53:30 -0400
Superseded in wily-release |
Obsolete in vivid-release |
Deleted in vivid-proposed (Reason: moved to release) |
php5 (5.6.4+dfsg-4ubuntu6) vivid; urgency=medium * SECURITY UPDATE: potential remote code execution vulnerability when used with the Apache 2.4 apache2handler - debian/patches/bug69218.patch: perform proper cleanup in sapi/apache2handler/sapi_apache2.c. - CVE number pending * SECURITY UPDATE: buffer overflow when parsing tar/zip/phar - debian/patches/bug69441.patch: check lengths in ext/phar/phar_internal.h. - CVE number pending * SECURITY UPDATE: buffer overflow in unserialize when parsing Phar - debian/patches/CVE-2015-2783.patch: properly check lengths in ext/phar/phar.c, ext/phar/phar_internal.h. - CVE-2015-2783 -- Marc Deslauriers <email address hidden> Fri, 17 Apr 2015 05:15:49 -0400
Available diffs
php5 (5.3.2-1ubuntu4.30) lucid-security; urgency=medium * SECURITY UPDATE: potential remote code execution vulnerability when used with the Apache 2.4 apache2handler - debian/patches/bug69218.patch: perform proper cleanup in sapi/apache2handler/sapi_apache2.c. - CVE number pending * SECURITY UPDATE: buffer overflow when parsing tar/zip/phar - debian/patches/bug69441.patch: check lengths in ext/phar/phar_internal.h. - CVE number pending * SECURITY UPDATE: heap overflow in regexp library - debian/patches/CVE-2015-2305.patch: check for overflow in ext/ereg/regex/regcomp.c. - CVE-2015-2305 * SECURITY UPDATE: buffer overflow in unserialize when parsing Phar - debian/patches/CVE-2015-2783.patch: properly check lengths in ext/phar/phar.c, ext/phar/phar_internal.h. - CVE-2015-2783 * SECURITY UPDATE: arbitrary code exection via process_nested_data use-after-free - debian/patches/CVE-2015-2787.patch: fix logic in ext/standard/var_unserializer.*. - CVE-2015-2787 -- Marc Deslauriers <email address hidden> Fri, 17 Apr 2015 07:37:39 -0400
Available diffs
php5 (5.3.10-1ubuntu3.18) precise-security; urgency=medium * SECURITY UPDATE: potential remote code execution vulnerability when used with the Apache 2.4 apache2handler - debian/patches/bug69218.patch: perform proper cleanup in sapi/apache2handler/sapi_apache2.c. - CVE number pending * SECURITY UPDATE: buffer overflow when parsing tar/zip/phar - debian/patches/bug69441.patch: check lengths in ext/phar/phar_internal.h. - CVE number pending * SECURITY UPDATE: heap overflow in regexp library - debian/patches/CVE-2015-2305.patch: check for overflow in ext/ereg/regex/regcomp.c. - CVE-2015-2305 * SECURITY UPDATE: buffer overflow in unserialize when parsing Phar - debian/patches/CVE-2015-2783.patch: properly check lengths in ext/phar/phar.c, ext/phar/phar_internal.h. - CVE-2015-2783 * SECURITY UPDATE: arbitrary code exection via process_nested_data use-after-free - debian/patches/CVE-2015-2787.patch: fix logic in ext/standard/var_unserializer.*. - CVE-2015-2787 -- Marc Deslauriers <email address hidden> Fri, 17 Apr 2015 06:25:37 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.9) trusty-security; urgency=medium * SECURITY UPDATE: potential remote code execution vulnerability when used with the Apache 2.4 apache2handler - debian/patches/bug69218.patch: perform proper cleanup in sapi/apache2handler/sapi_apache2.c. - CVE number pending * SECURITY UPDATE: buffer overflow when parsing tar/zip/phar - debian/patches/bug69441.patch: check lengths in ext/phar/phar_internal.h. - CVE number pending * SECURITY UPDATE: heap overflow in regexp library - debian/patches/CVE-2015-2305.patch: check for overflow in ext/ereg/regex/regcomp.c. - CVE-2015-2305 * SECURITY UPDATE: move_uploaded_file filename restriction bypass - debian/patches/CVE-2015-2348.patch: handle nulls in ext/standard/basic_functions.c. - CVE-2015-2348 * SECURITY UPDATE: buffer overflow in unserialize when parsing Phar - debian/patches/CVE-2015-2783.patch: properly check lengths in ext/phar/phar.c, ext/phar/phar_internal.h. - CVE-2015-2783 * SECURITY UPDATE: arbitrary code exection via process_nested_data use-after-free - debian/patches/CVE-2015-2787.patch: fix logic in ext/standard/var_unserializer.*. - CVE-2015-2787 -- Marc Deslauriers <email address hidden> Fri, 17 Apr 2015 05:28:02 -0400
php5 (5.5.12+dfsg-2ubuntu4.4) utopic-security; urgency=medium * SECURITY UPDATE: potential remote code execution vulnerability when used with the Apache 2.4 apache2handler - debian/patches/bug69218.patch: perform proper cleanup in sapi/apache2handler/sapi_apache2.c. - CVE number pending * SECURITY UPDATE: buffer overflow when parsing tar/zip/phar - debian/patches/bug69441.patch: check lengths in ext/phar/phar_internal.h. - CVE number pending * SECURITY UPDATE: heap overflow in regexp library - debian/patches/CVE-2015-2305.patch: check for overflow in ext/ereg/regex/regcomp.c. - CVE-2015-2305 * SECURITY UPDATE: move_uploaded_file filename restriction bypass - debian/patches/CVE-2015-2348.patch: handle nulls in ext/standard/basic_functions.c. - CVE-2015-2348 * SECURITY UPDATE: buffer overflow in unserialize when parsing Phar - debian/patches/CVE-2015-2783.patch: properly check lengths in ext/phar/phar.c, ext/phar/phar_internal.h. - CVE-2015-2783 * SECURITY UPDATE: arbitrary code exection via process_nested_data use-after-free - debian/patches/CVE-2015-2787.patch: fix logic in ext/standard/var_unserializer.*. - CVE-2015-2787 -- Marc Deslauriers <email address hidden> Fri, 17 Apr 2015 05:24:45 -0400
php5 (5.6.4+dfsg-4ubuntu5) vivid; urgency=medium * SECURITY UPDATE: move_uploaded_file filename restriction bypass - debian/patches/CVE-2015-2348.patch: handle nulls in ext/standard/basic_functions.c. - CVE-2015-2348 * SECURITY UPDATE: arbitrary code exection via process_nested_data use-after-free - debian/patches/CVE-2015-2787.patch: fix logic in ext/standard/var_unserializer.*. - CVE-2015-2787 -- Marc Deslauriers <email address hidden> Thu, 02 Apr 2015 08:06:41 -0400
Available diffs
Deleted in trusty-proposed (Reason: moved to -updates) |
php5 (5.5.9+dfsg-1ubuntu4.8) trusty; urgency=medium * Fix php5-fpm logrotate since the upstart job has been introduced. (LP: #1230917) - Backport the /usr/lib/php5/php5-fpm-reopenlogs script from utopic. - Call the script in postrotate instead of invoke-rc.d php5-fpm reopen-logs. Upstart jobs don't support custom actions. -- Felix Geyer <email address hidden> Tue, 31 Mar 2015 07:51:32 -0400
Available diffs
php5 (5.6.4+dfsg-4ubuntu4) vivid; urgency=medium * SECURITY UPDATE: heap overflow in regexp library - debian/patches/CVE-2015-2305.patch: check for overflow in ext/ereg/regex/regcomp.c. - CVE-2015-2305 * SECURITY UPDATE: integer overflow in zip module - debian/patches/CVE-2015-2331.patch: check for overflow in ext/zip/lib/zip_dirent.c. - CVE-2015-2331 -- Marc Deslauriers <email address hidden> Tue, 24 Mar 2015 15:12:32 -0400
Available diffs
php5 (5.6.4+dfsg-4ubuntu3) vivid; urgency=medium * SECURITY UPDATE: denial of service or possible code execution in enchant - debian/patches/CVE-2014-9705.patch: handle position better in ext/enchant/enchant.c. - CVE-2014-9705 * SECURITY UPDATE: arbitrary code execution via use after free in unserialize() with DateTimeZone and DateTime - debian/patches/CVE-2015-0273.patch: fix use after free in ext/date/php_date.c, added tests to ext/date/tests/bug68942.phpt, ext/date/tests/bug68942_2.phpt. - CVE-2015-0273 * SECURITY UPDATE: denial of service or possible code execution in phar - debian/patches/CVE-2015-2301.patch: fix use after free in ext/phar/phar_object.c. - CVE-2015-2301 -- Marc Deslauriers <email address hidden> Mon, 16 Mar 2015 13:21:17 -0400
Available diffs
php5 (5.3.10-1ubuntu3.17) precise-security; urgency=medium * SECURITY UPDATE: denial of service via recursion - debian/patches/CVE-2014-8117.patch: lower recursion limit in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-8117 * SECURITY UPDATE: denial of service or possible code execution in enchant - debian/patches/CVE-2014-9705.patch: handle position better in ext/enchant/enchant.c. - CVE-2014-9705 * SECURITY UPDATE: arbitrary code execution via use after free in unserialize() with DateTime - debian/patches/CVE-2015-0273.patch: fix use after free in ext/date/php_date.c, added test to ext/date/tests/*.phpt. - CVE-2015-0273 * SECURITY UPDATE: denial of service or possible code execution in phar - debian/patches/CVE-2015-2301.patch: fix use after free in ext/phar/phar_object.c. - CVE-2015-2301 -- Marc Deslauriers <email address hidden> Mon, 16 Mar 2015 13:59:27 -0400
Available diffs
php5 (5.3.2-1ubuntu4.29) lucid-security; urgency=medium * SECURITY UPDATE: denial of service via recursion - debian/patches/CVE-2014-8117.patch: lower recursion limit in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-8117 * SECURITY UPDATE: denial of service or possible code execution in enchant - debian/patches/CVE-2014-9705.patch: handle position better in ext/enchant/enchant.c. - CVE-2014-9705 * SECURITY UPDATE: arbitrary code execution via use after free in unserialize() with DateTime - debian/patches/CVE-2015-0273.patch: fix use after free in ext/date/php_date.c, added tests to ext/date/tests/*.phpt. - CVE-2015-0273 * SECURITY UPDATE: denial of service or possible code execution in phar - debian/patches/CVE-2015-2301.patch: fix use after free in ext/phar/phar_object.c. - CVE-2015-2301 -- Marc Deslauriers <email address hidden> Mon, 16 Mar 2015 15:00:32 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.7) trusty-security; urgency=medium * SECURITY UPDATE: denial of service via recursion - debian/patches/CVE-2014-8117.patch: lower recursion limit in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-8117 * SECURITY UPDATE: denial of service or possible code execution in enchant - debian/patches/CVE-2014-9705.patch: handle position better in ext/enchant/enchant.c. - CVE-2014-9705 * SECURITY UPDATE: arbitrary code execution via use after free in unserialize() with DateTimeZone and DateTime - debian/patches/CVE-2015-0273.patch: fix use after free in ext/date/php_date.c, added tests to ext/date/tests/bug68942.phpt, ext/date/tests/bug68942_2.phpt. - CVE-2015-0273 * SECURITY UPDATE: denial of service or possible code execution in phar - debian/patches/CVE-2015-2301.patch: fix use after free in ext/phar/phar_object.c. - CVE-2015-2301 -- Marc Deslauriers <email address hidden> Mon, 16 Mar 2015 13:40:18 -0400
Available diffs
php5 (5.5.12+dfsg-2ubuntu4.3) utopic-security; urgency=medium * SECURITY UPDATE: denial of service via recursion - debian/patches/CVE-2014-8117.patch: lower recursion limit in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-8117 * SECURITY UPDATE: denial of service or possible code execution in enchant - debian/patches/CVE-2014-9705.patch: handle position better in ext/enchant/enchant.c. - CVE-2014-9705 * SECURITY UPDATE: arbitrary code execution via use after free in unserialize() with DateTimeZone and DateTime - debian/patches/CVE-2015-0273.patch: fix use after free in ext/date/php_date.c, added tests to ext/date/tests/bug68942.phpt, ext/date/tests/bug68942_2.phpt. - CVE-2015-0273 * SECURITY UPDATE: denial of service or possible code execution in phar - debian/patches/CVE-2015-2301.patch: fix use after free in ext/phar/phar_object.c. - CVE-2015-2301 -- Marc Deslauriers <email address hidden> Mon, 16 Mar 2015 13:31:32 -0400
Available diffs
php5 (5.6.4+dfsg-4ubuntu2) vivid; urgency=medium * SECURITY UPDATE: out of bounds read via invalid php file - debian/patches/CVE-2014-9427.patch: fix bounds in sapi/cgi/cgi_main.c. - CVE-2014-9427 * SECURITY UPDATE: out of bounds read in fileinfo - debian/patches/CVE-2014-9652.patch: properly check length in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-9652 * SECURITY UPDATE: arbitrary code execution via improper handling of duplicate keys in unserializer, additional fix - debian/patches/CVE-2015-0231.patch: fix use after free in ext/standard/var_unserializer.*, added test to ext/standard/tests/strings/bug68710.phpt. - CVE-2015-0231 * SECURITY UPDATE: arbitrary code execution or denial of service via crafted EXIF data - debian/patches/CVE-2015-0232.patch: fix uninitialized pointer free in ext/exif/exif.c. - CVE-2015-0232 * SECURITY UPDATE: use after free in opcache component - debian/patches/CVE-2015-1351.patch: fix use after free in ext/opcache/zend_shared_alloc.c. - CVE-2015-1351 * SECURITY UPDATE: null pointer dereference in pgsql - debian/patches/CVE-2015-1352.patch: properly set valid token in ext/pgsql/pgsql.c. - CVE-2015-1352 * debian/patches/remove_readelf.patch: remove readelf.c from fileinfo as it isn't used, and is a source of confusion when doing security updates. -- Marc Deslauriers <email address hidden> Tue, 17 Feb 2015 15:47:51 -0500
Available diffs
php5 (5.3.10-1ubuntu3.16) precise-security; urgency=medium * SECURITY UPDATE: arbitrary code execution via improper handling of duplicate keys in unserializer - debian/patches/CVE-2014-8142.patch: fix use after free in ext/standard/var_unserializer.*, added test to ext/standard/tests/serialize/bug68594.phpt. - CVE-2014-8142 * SECURITY UPDATE: arbitrary code execution via improper handling of duplicate keys in unserializer, additional fix - debian/patches/CVE-2015-0231.patch: fix use after free in ext/standard/var_unserializer.*, added test to ext/standard/tests/strings/bug68710.phpt. - CVE-2015-0231 * debian/patches/remove_readelf.patch: remove readelf.c from fileinfo as it isn't used, and is a source of confusion when doing security updates. * debian/patches/CVE-2014-3710.patch: removed, wasn't needed. -- Marc Deslauriers <email address hidden> Fri, 13 Feb 2015 11:53:39 -0500
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.6) trusty-security; urgency=medium * SECURITY UPDATE: arbitrary code execution via improper handling of duplicate keys in unserializer - debian/patches/CVE-2014-8142.patch: fix use after free in ext/standard/var_unserializer.*, added test to ext/standard/tests/serialize/bug68594.phpt. - CVE-2014-8142 * SECURITY UPDATE: out of bounds read via invalid php file - debian/patches/CVE-2014-9427.patch: fix bounds in sapi/cgi/cgi_main.c. - CVE-2014-9427 * SECURITY UPDATE: out of bounds read in fileinfo - debian/patches/CVE-2014-9652.patch: properly check length in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-9652 * SECURITY UPDATE: arbitrary code execution via improper handling of duplicate keys in unserializer, additional fix - debian/patches/CVE-2015-0231.patch: fix use after free in ext/standard/var_unserializer.*, added test to ext/standard/tests/strings/bug68710.phpt. - CVE-2015-0231 * SECURITY UPDATE: arbitrary code execution or denial of service via crafted EXIF data - debian/patches/CVE-2015-0232.patch: fix uninitialized pointer free in ext/exif/exif.c. - CVE-2015-0232 * SECURITY UPDATE: use after free in opcache component - debian/patches/CVE-2015-1351.patch: fix use after free in ext/opcache/zend_shared_alloc.c. - CVE-2015-1351 * SECURITY UPDATE: null pointer dereference in pgsql - debian/patches/CVE-2015-1352.patch: properly set valid token in ext/pgsql/pgsql.c. - CVE-2015-1352 * debian/patches/remove_readelf.patch: remove readelf.c from fileinfo as it isn't used, and is a source of confusion when doing security updates. * debian/patches/CVE-2014-3710.patch: removed, wasn't needed. -- Marc Deslauriers <email address hidden> Fri, 13 Feb 2015 11:15:38 -0500
Available diffs
php5 (5.5.12+dfsg-2ubuntu4.2) utopic-security; urgency=medium * SECURITY UPDATE: arbitrary code execution via improper handling of duplicate keys in unserializer - debian/patches/CVE-2014-8142.patch: fix use after free in ext/standard/var_unserializer.*, added test to ext/standard/tests/serialize/bug68594.phpt. - CVE-2014-8142 * SECURITY UPDATE: out of bounds read via invalid php file - debian/patches/CVE-2014-9427.patch: fix bounds in sapi/cgi/cgi_main.c. - CVE-2014-9427 * SECURITY UPDATE: out of bounds read in fileinfo - debian/patches/CVE-2014-9652.patch: properly check length in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-9652 * SECURITY UPDATE: arbitrary code execution via improper handling of duplicate keys in unserializer, additional fix - debian/patches/CVE-2015-0231.patch: fix use after free in ext/standard/var_unserializer.*, added test to ext/standard/tests/strings/bug68710.phpt. - CVE-2015-0231 * SECURITY UPDATE: arbitrary code execution or denial of service via crafted EXIF data - debian/patches/CVE-2015-0232.patch: fix uninitialized pointer free in ext/exif/exif.c. - CVE-2015-0232 * SECURITY UPDATE: use after free in opcache component - debian/patches/CVE-2015-1351.patch: fix use after free in ext/opcache/zend_shared_alloc.c. - CVE-2015-1351 * SECURITY UPDATE: null pointer dereference in pgsql - debian/patches/CVE-2015-1352.patch: properly set valid token in ext/pgsql/pgsql.c. - CVE-2015-1352 * debian/patches/remove_readelf.patch: remove readelf.c from fileinfo as it isn't used, and is a source of confusion when doing security updates. * debian/patches/CVE-2014-3710.patch: removed, wasn't needed. -- Marc Deslauriers <email address hidden> Fri, 13 Feb 2015 08:10:41 -0500
Available diffs
php5 (5.6.4+dfsg-4ubuntu1) vivid; urgency=medium * Merge from Debian testing (LP: #1411811). Remaining changes: - d/control: drop Build-Depends that are in universe: firebird-dev, libc-client-dev, libmcrypt-dev, libonig-dev, libqdbm-dev. - d/rules: drop configuration of packages that are in universe: qdgm, onig. - d/rules: drop CONFIGURE_APACHE_ARGS settings since now we don't build interbase or firebird. - d/control: drop binary packages php5-imap, php5-interbase and php5-mcrypt since we have separate versions in universe. - d/modulelist: drop imap, interbase and mcrypt since we have separate versions in universe. - d/rules: drop configuration of imap and mcrypt since we have separate versions in universe. - d/source_php5.py, d/rules: add apport hook. - d/control: switch Build-Depends of netcat-traditional to netcat-openbsd as only the latter is in main. * Drop changes: - Reported fixed in upstream release of 5.6.0: quilt patches for CVE-2014-0237, CVE-2014-0238, CVE-2014-4049, CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487, CVE-2014-3515, CVE-2014-4670, CVE-2014-4698, CVE-2014-4721, CVE-2014-3587 and CVE-2014-3597, and d/p/fix_systemd_ftbfs.patch. - Reported fixed in upstream release of 5.6.2: quilt patches for CVE-2014-3668, CVE-2014-3669 and CVE-2014-3670, and d/p/curl_embedded_null.patch. - Reported fixed in upstream release of 5.6.3: quilt patch for CVE-2014-3710. - Applied in Debian: + d/rules: stop mysql instance on clean just in case we failed in tests. + d/tests/{cgi,cli,mod-php}: dep8 tests for common use cases. + d/rules: export DEB_HOST_MULTIARCH properly. + d/rules: load dpkg-buildflags earlier, so that CFLAGS changes are not overridden. -- Robie Basak <email address hidden> Tue, 27 Jan 2015 12:09:42 +0000
Available diffs
php5 (5.5.12+dfsg-2ubuntu5) vivid; urgency=medium * SECURITY UPDATE: denial of service via buffer overflow in mkgmtime() - debian/patches/CVE-2014-3668.patch: properly handle sizes in ext/xmlrpc/libxmlrpc/xmlrpc.c, added test to ext/xmlrpc/tests/bug68027.phpt. - CVE-2014-3668 * SECURITY UPDATE: integer overflow in unserialize() - debian/patches/CVE-2014-3669.patch: fix overflow in ext/standard/var_unserializer.{c,re}, added test to ext/standard/tests/serialize/bug68044.phpt. - CVE-2014-3669 * SECURITY UPDATE: Heap corruption in exif_thumbnail() - debian/patches/CVE-2014-3670.patch: fix sizes in ext/exif/exif.c. - CVE-2014-3670 * SECURITY UPDATE: out of bounds read in elf note headers in fileinfo() - debian/patches/CVE-2014-3710.patch: validate note headers in ext/fileinfo/libmagic/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: local file disclosure via curl NULL byte injection - debian/patches/curl_embedded_null.patch: don't accept curl options with embedded NULLs in ext/curl/interface.c, added test to ext/curl/tests/bug68089.phpt. - No CVE number * Fix FTBFS with systemd version in vivid - debian/patches/fix_systemd_ftbfs.patch: improve detection logic in sapi/fpm/config.m4. -- Marc Deslauriers <email address hidden> Wed, 29 Oct 2014 11:56:11 -0400
Available diffs
php5 (5.3.10-1ubuntu3.15) precise-security; urgency=medium * SECURITY UPDATE: denial of service via buffer overflow in mkgmtime() - debian/patches/CVE-2014-3668.patch: properly handle sizes in ext/xmlrpc/libxmlrpc/xmlrpc.c, added test to ext/xmlrpc/tests/bug68027.phpt. - CVE-2014-3668 * SECURITY UPDATE: integer overflow in unserialize() - debian/patches/CVE-2014-3669.patch: fix overflow in ext/standard/var_unserializer.{c,re}, added test to ext/standard/tests/serialize/bug68044.phpt. - CVE-2014-3669 * SECURITY UPDATE: Heap corruption in exif_thumbnail() - debian/patches/CVE-2014-3670.patch: fix sizes in ext/exif/exif.c. - CVE-2014-3670 * SECURITY UPDATE: out of bounds read in elf note headers in fileinfo() - debian/patches/CVE-2014-3710.patch: validate note headers in ext/fileinfo/libmagic/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: local file disclosure via curl NULL byte injection - debian/patches/curl_embedded_null.patch: don't accept curl options with embedded NULLs in ext/curl/interface.c, added test to ext/curl/tests/bug68089.phpt. - No CVE number -- Marc Deslauriers <email address hidden> Tue, 28 Oct 2014 15:06:12 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.5) trusty-security; urgency=medium * SECURITY UPDATE: denial of service via buffer overflow in mkgmtime() - debian/patches/CVE-2014-3668.patch: properly handle sizes in ext/xmlrpc/libxmlrpc/xmlrpc.c, added test to ext/xmlrpc/tests/bug68027.phpt. - CVE-2014-3668 * SECURITY UPDATE: integer overflow in unserialize() - debian/patches/CVE-2014-3669.patch: fix overflow in ext/standard/var_unserializer.{c,re}, added test to ext/standard/tests/serialize/bug68044.phpt. - CVE-2014-3669 * SECURITY UPDATE: Heap corruption in exif_thumbnail() - debian/patches/CVE-2014-3670.patch: fix sizes in ext/exif/exif.c. - CVE-2014-3670 * SECURITY UPDATE: out of bounds read in elf note headers in fileinfo() - debian/patches/CVE-2014-3710.patch: validate note headers in ext/fileinfo/libmagic/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: local file disclosure via curl NULL byte injection - debian/patches/curl_embedded_null.patch: don't accept curl options with embedded NULLs in ext/curl/interface.c, added test to ext/curl/tests/bug68089.phpt. - No CVE number -- Marc Deslauriers <email address hidden> Tue, 28 Oct 2014 14:52:03 -0400
Available diffs
php5 (5.5.12+dfsg-2ubuntu4.1) utopic-security; urgency=medium * SECURITY UPDATE: denial of service via buffer overflow in mkgmtime() - debian/patches/CVE-2014-3668.patch: properly handle sizes in ext/xmlrpc/libxmlrpc/xmlrpc.c, added test to ext/xmlrpc/tests/bug68027.phpt. - CVE-2014-3668 * SECURITY UPDATE: integer overflow in unserialize() - debian/patches/CVE-2014-3669.patch: fix overflow in ext/standard/var_unserializer.{c,re}, added test to ext/standard/tests/serialize/bug68044.phpt. - CVE-2014-3669 * SECURITY UPDATE: Heap corruption in exif_thumbnail() - debian/patches/CVE-2014-3670.patch: fix sizes in ext/exif/exif.c. - CVE-2014-3670 * SECURITY UPDATE: out of bounds read in elf note headers in fileinfo() - debian/patches/CVE-2014-3710.patch: validate note headers in ext/fileinfo/libmagic/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: local file disclosure via curl NULL byte injection - debian/patches/curl_embedded_null.patch: don't accept curl options with embedded NULLs in ext/curl/interface.c, added test to ext/curl/tests/bug68089.phpt. - No CVE number -- Marc Deslauriers <email address hidden> Tue, 28 Oct 2014 14:41:37 -0400
Available diffs
php5 (5.3.2-1ubuntu4.28) lucid-security; urgency=medium * SECURITY UPDATE: denial of service via buffer overflow in mkgmtime() - debian/patches/CVE-2014-3668.patch: properly handle sizes in ext/xmlrpc/libxmlrpc/xmlrpc.c, added test to ext/xmlrpc/tests/bug68027.phpt. - CVE-2014-3668 * SECURITY UPDATE: integer overflow in unserialize() - debian/patches/CVE-2014-3669.patch: fix overflow in ext/standard/var_unserializer.{c,re}, added test to ext/standard/tests/serialize/bug68044.phpt. - CVE-2014-3669 * SECURITY UPDATE: Heap corruption in exif_thumbnail() - debian/patches/CVE-2014-3670.patch: fix sizes in ext/exif/exif.c. - CVE-2014-3670 * SECURITY UPDATE: out of bounds read in elf note headers in fileinfo() - debian/patches/CVE-2014-3710.patch: validate note headers in ext/fileinfo/libmagic/readelf.c. - CVE-2014-3710 * SECURITY UPDATE: local file disclosure via curl NULL byte injection - debian/patches/curl_embedded_null.patch: don't accept curl options with embedded NULLs in ext/curl/interface.c, added test to ext/curl/tests/bug68089.phpt. - No CVE number -- Marc Deslauriers <email address hidden> Tue, 28 Oct 2014 15:17:04 -0400
Available diffs
Superseded in vivid-release |
Obsolete in utopic-release |
Deleted in utopic-proposed (Reason: moved to release) |
php5 (5.5.12+dfsg-2ubuntu4) utopic; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3587.patch: check for array under-runs as well as over-runs in ext/fileinfo/libmagic/cdf.c - CVE-2014-3587 * SECURITY UPDATE: denial of service in dns_get_record - debian/patches/CVE-2014-3597.patch: check for DNS overflows in ext/standard/dns.c - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 03 Sep 2014 23:27:47 -0700
Available diffs
php5 (5.3.2-1ubuntu4.27) lucid-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3587.patch: check for array under-runs as well as over-runs in ext/fileinfo/libmagic/cdf.c - CVE-2014-3587 * SECURITY UPDATE: denial of service in dns_get_record - debian/patches/CVE-2014-3597.patch: check for DNS overflows in ext/standard/dns.c - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 03 Sep 2014 23:27:31 -0700
Available diffs
php5 (5.3.10-1ubuntu3.14) precise-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3587.patch: check for array under-runs as well as over-runs in ext/fileinfo/libmagic/cdf.c - CVE-2014-3587 * SECURITY UPDATE: denial of service in dns_get_record - debian/patches/CVE-2014-3597.patch: check for DNS overflows in ext/standard/dns.c - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 03 Sep 2014 23:27:39 -0700
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.4) trusty-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3587.patch: check for array under-runs as well as over-runs in ext/fileinfo/libmagic/cdf.c - CVE-2014-3587 * SECURITY UPDATE: denial of service in dns_get_record - debian/patches/CVE-2014-3597.patch: check for DNS overflows in ext/standard/dns.c - CVE-2014-3587 -- Seth Arnold <email address hidden> Wed, 03 Sep 2014 23:33:06 -0700
Available diffs
php5 (5.5.12+dfsg-2ubuntu3) utopic; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in FileInfo mconvert - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal string size in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-3478 * SECURITY UPDATE: denial of service in FileInfo cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in FileInfo cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3487 * SECURITY UPDATE: denial of service and possible code execution via unserialize() SPL type confusion - debian/patches/CVE-2014-3515.patch: properly check types in ext/spl/spl_array.c, ext/spl/spl_observer.c, added test to ext/spl/tests/SplObjectStorage_unserialize_bad.phpt. - CVE-2014-3515 * SECURITY UPDATE: denial of service via SPL Iterators use-after-free - debian/patches/CVE-2014-4670.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug67538.phpt. - CVE-2014-4670 * SECURITY UPDATE: denial of service via ArrayIterator use-after-free - debian/patches/CVE-2014-4698.patch: don't allow modifying ArrayObject during sorting in ext/spl/spl_array.c, added test to ext/spl/tests/bug67539.phpt. - CVE-2014-4698 * SECURITY UPDATE: information leak via phpinfo (LP: #1338170) - debian/patches/CVE-2014-4721.patch: fix type confusion in ext/standard/info.c, added test to ext/standard/tests/general_functions/bug67498.phpt. - CVE-2014-4721 -- Marc Deslauriers <email address hidden> Wed, 09 Jul 2014 13:00:04 -0400
Available diffs
php5 (5.3.2-1ubuntu4.26) lucid-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in FileInfo cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service and possible code execution via unserialize() SPL type confusion - debian/patches/CVE-2014-3515.patch: properly check types in ext/spl/spl_array.c, ext/spl/spl_observer.c, added test to ext/spl/tests/SplObjectStorage_unserialize_bad.phpt. - CVE-2014-3515 * SECURITY UPDATE: denial of service via SPL Iterators use-after-free - debian/patches/CVE-2014-4670.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug67538.phpt. - CVE-2014-4670 * SECURITY UPDATE: denial of service via ArrayIterator use-after-free - debian/patches/CVE-2014-4698.patch: don't allow modifying ArrayObject during sorting in ext/spl/spl_array.c, added test to ext/spl/tests/bug67539.phpt. - CVE-2014-4698 * SECURITY UPDATE: information leak via phpinfo (LP: #1338170) - debian/patches/CVE-2014-4721.patch: fix type confusion in ext/standard/info.c, added test to ext/standard/tests/general_functions/bug67498.phpt. - CVE-2014-4721 -- Marc Deslauriers <email address hidden> Tue, 08 Jul 2014 21:22:42 -0400
Available diffs
php5 (5.3.10-1ubuntu3.13) precise-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in FileInfo cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service and possible code execution via unserialize() SPL type confusion - debian/patches/CVE-2014-3515.patch: properly check types in ext/spl/spl_array.c, ext/spl/spl_observer.c, added test to ext/spl/tests/SplObjectStorage_unserialize_bad.phpt. - CVE-2014-3515 * SECURITY UPDATE: denial of service via SPL Iterators use-after-free - debian/patches/CVE-2014-4670.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug67538.phpt. - CVE-2014-4670 * SECURITY UPDATE: denial of service via ArrayIterator use-after-free - debian/patches/CVE-2014-4698.patch: don't allow modifying ArrayObject during sorting in ext/spl/spl_array.c, added test to ext/spl/tests/bug67539.phpt. - CVE-2014-4698 * SECURITY UPDATE: information leak via phpinfo (LP: #1338170) - debian/patches/CVE-2014-4721.patch: fix type confusion in ext/standard/info.c, added test to ext/standard/tests/general_functions/bug67498.phpt. - CVE-2014-4721 -- Marc Deslauriers <email address hidden> Mon, 07 Jul 2014 08:41:06 -0400
Available diffs
php5 (5.5.3+dfsg-1ubuntu2.6) saucy-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in FileInfo mconvert - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal string size in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-3478 * SECURITY UPDATE: denial of service in FileInfo cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in FileInfo cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3487 * SECURITY UPDATE: denial of service and possible code execution via unserialize() SPL type confusion - debian/patches/CVE-2014-3515.patch: properly check types in ext/spl/spl_array.c, ext/spl/spl_observer.c, added test to ext/spl/tests/SplObjectStorage_unserialize_bad.phpt. - CVE-2014-3515 * SECURITY UPDATE: denial of service via SPL Iterators use-after-free - debian/patches/CVE-2014-4670.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug67538.phpt. - CVE-2014-4670 * SECURITY UPDATE: denial of service via ArrayIterator use-after-free - debian/patches/CVE-2014-4698.patch: don't allow modifying ArrayObject during sorting in ext/spl/spl_array.c, added test to ext/spl/tests/bug67539.phpt. - CVE-2014-4698 * SECURITY UPDATE: information leak via phpinfo (LP: #1338170) - debian/patches/CVE-2014-4721.patch: fix type confusion in ext/standard/info.c, added test to ext/standard/tests/general_functions/bug67498.phpt. - CVE-2014-4721 -- Marc Deslauriers <email address hidden> Mon, 07 Jul 2014 07:46:31 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.3) trusty-security; urgency=medium * SECURITY UPDATE: denial of service in FileInfo cdf_read_short_sector - debian/patches/CVE-2014-0207.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-0207 * SECURITY UPDATE: denial of service in FileInfo mconvert - debian/patches/CVE-2014-3478.patch: properly handle truncated pascal string size in ext/fileinfo/libmagic/softmagic.c. - CVE-2014-3478 * SECURITY UPDATE: denial of service in FileInfo cdf_check_stream_offset - debian/patches/CVE-2014-3479.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3479 * SECURITY UPDATE: denial of service in FileInfo cdf_count_chain - debian/patches/CVE-2014-3480.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3480 * SECURITY UPDATE: denial of service in FileInfo cdf_read_property_info - debian/patches/CVE-2014-3487.patch: properly calculate sizes in ext/fileinfo/libmagic/cdf.c. - CVE-2014-3487 * SECURITY UPDATE: denial of service and possible code execution via unserialize() SPL type confusion - debian/patches/CVE-2014-3515.patch: properly check types in ext/spl/spl_array.c, ext/spl/spl_observer.c, added test to ext/spl/tests/SplObjectStorage_unserialize_bad.phpt. - CVE-2014-3515 * SECURITY UPDATE: denial of service via SPL Iterators use-after-free - debian/patches/CVE-2014-4670.patch: fix use-after-free in ext/spl/spl_dllist.c, added test to ext/spl/tests/bug67538.phpt. - CVE-2014-4670 * SECURITY UPDATE: denial of service via ArrayIterator use-after-free - debian/patches/CVE-2014-4698.patch: don't allow modifying ArrayObject during sorting in ext/spl/spl_array.c, added test to ext/spl/tests/bug67539.phpt. - CVE-2014-4698 * SECURITY UPDATE: information leak via phpinfo (LP: #1338170) - debian/patches/CVE-2014-4721.patch: fix type confusion in ext/standard/info.c, added test to ext/standard/tests/general_functions/bug67498.phpt. - CVE-2014-4721 -- Marc Deslauriers <email address hidden> Mon, 07 Jul 2014 07:44:21 -0400
Available diffs
php5 (5.5.9+dfsg-1ubuntu4.2) trusty-security; urgency=medium * SECURITY UPDATE: better FastCGI socket permissions (LP: #1334337) - debian/rules: enable listen.owner and listen.group so that the socket is accessible to www-data by default. This allows most setups to continue working with the more restrictive permissions. -- Marc Deslauriers <email address hidden> Wed, 25 Jun 2014 11:46:16 -0400
Available diffs
1 → 75 of 362 results | First • Previous • Next • Last |