~ubuntu-branches/ubuntu/dapper/php5/dapper-security : changes

~ubuntu-branches/ubuntu/dapper/php5/dapper-security » Changes from revision 28

From Revision 28 to 9

Rev	Summary	Authors	Tags	Date
28	* debian/patches/pear/php5-pear-CVE-2011-1144_regression.pat... * debian/patches/pear/php5-pear-CVE-2011-1144_regression.patch: fix mkdir parenthesis issue and PEAR::raiseErro typo (LP: #774452) * debian/patches/php5-CVE-2010-4697_regression.patch: fix regression in reference counting added by fix for CVE-2010-4697 (LP: #776642)	Steve Beattie	5.1.2-1ubuntu3.24	12 years ago
27	* SECURITY UPDATE: arbitrary files removal via cronjob * SECURITY UPDATE: arbitrary files removal via cronjob - debian/php5-common.php5.cron.d: take greater care when removing session files. - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09 - CVE-2011-0441 * SECURITY UPDATE: symlink tmp races in pear install - debian/patches/php5-pear-CVE-2011-1072.patch: improved tempfile handling. - debian/rules: apply patch manually after unpacking PEAR phar archive. - CVE-2011-1072 * SECURITY UPDATE: more symlink races in pear install - debian/patches/php5-pear-CVE-2011-1144.patch: add TOCTOU save file handler. - debian/rules: apply patch manually after unpacking PEAR phar archive. - CVE-2011-1144 * SECURITY UPDATE: use-after-free vulnerability - debian/patches/php5-CVE-2010-4697.patch: retain reference to object until getter/setter are done. - CVE-2010-4697 * SECURITY UPDATE: denial of service through application crash with invalid images - debian/patches/php5-CVE-2010-4698.patch: verify anti-aliasing steps are either 4 or 16. - CVE-2010-4698 * SECURITY UPDATE: denial of service through application crash when handling images with invalid exif tags - debian/patches/php5-CVE-2011-0708.patch: stricter exif checking - CVE-2011-0708 * SECURITY UPDATE: denial of service and possible data disclosure through integer overflow - debian/patches/php5-CVE-2011-1092.patch: better boundary condition checks in shmop_read() - CVE-2011-1092 * SECURITY UPDATE: use-after-free vulnerability - debian/patches/php5-CVE-2011-1148.patch: improve reference counting - CVE-2011-1148 * SECURITY UPDATE: denial of service through buffer overflow crash (code execution mitigated by compilation with Fortify Source) - debian/patches/php5-CVE-2011-1464.patch: limit amount of precision to ensure fitting within MAX_BUF_SIZE - CVE-2011-1464 * SECURITY UPDATE: denial of service through application crash via integer overflow. - debian/patches/php5-CVE-2011-1466.patch: improve boundary condition checking in SdnToJulian() - CVE-2011-1466 * SECURITY UPDATE: denial of service through application crash when using HTTP proxy with the FTP wrapper - debian/patches/php5-CVE-2011-1469.patch: improve pointer handling - CVE-2011-1469	Steve Beattie	5.1.2-1ubuntu3.22	13 years ago
26	* main/fopen_wrappers.c: update to include fix for open_base... * main/fopen_wrappers.c: update to include fix for open_basedir restriction regression (LP: #701896) - http://svn.php.net/viewvc?view=revision&revision=305698	Steve Beattie	5.1.2-1ubuntu3.21	13 years ago
25	* SECURITY UPDATE: overflow leading to xml decode bypass * SECURITY UPDATE: overflow leading to xml decode bypass - ext/xml/xml.c: convert short to int to prevent overflow in bit operations - http://svn.php.net/viewvc/?view=revision&revision=287790 - CVE-2009-5016 * SECURITY UPDATE: xml decode bypass - ext/xml/xml.c: improve utf8 decoding - ext/xml/tests/bug49687.phpt: add testcase - http://svn.php.net/viewvc/?view=revision&revision=304959 - CVE-2010-3780 * SECURITY UPDATE: open_basedir bypass - main/fopen_wrappers.c: more strict checking in php_check_specific_open_basedir() - http://svn.php.net/viewvc?view=revision&revision=303824 - CVE-2010-3436 * SECURITY UPDATE: infinite loop/denial of service when dealing with certain textual forms of MAX_FLOAT (LP: #697181) - Zend/zend_strtod.c: treat local doubles as volatile to avoid x87 registers in zend_strtod() - http://svn.php.net/viewvc?view=revision&revision=263637 - http://svn.php.net/viewvc?view=revision&revision=307095 - CVE-2010-4645	Steve Beattie	5.1.2-1ubuntu3.20	13 years ago
24	* SECURITY UPDATE: denial of service via xmlrpc crafted argu... * SECURITY UPDATE: denial of service via xmlrpc crafted argument - debian/patches/CVE-2010-0397.patch: make sure method_name isn't empty in ext/xmlrpc/xmlrpc-epi-php.c, add test to ext/xmlrpc/tests/bug51288.phpt. - CVE-2010-0397 * SECURITY UPDATE: weak entropy in Linear Congruential Generator (LCG) - debian/patches/CVE-2010-1128.patch: add more entropy in ext/standard/lcg.c. - CVE-2010-1128 * SECURITY UPDATE: safe_mode bypass via trailing slash in dir pathnames - debian/patches/CVE-2010-1129.patch: properly validate pathname in ext/standard/file.c. - CVE-2010-1129 * SECURITY UPDATE: arbitrary code execution via empty SQL query - debian/patches/CVE-2010-1868.patch: use ecalloc instead of emalloc in ext/sqlite/sqlite.c. - CVE-2010-1868 * SECURITY UPDATE: denial of service via fnmatch stack consumption - debian/patches/CVE-2010-1917.patch: limit size of pattern in ext/standard/file.c. - CVE-2010-1917 * SECURITY UPDATE: sensitive information disclosure via error messages - debian/patches/CVE-2010-2531.patch: don't display data when flushing output buffer in ext/standard/{var.c,php_var.h}. - CVE-2010-2531 * SECURITY UPDATE: arbitrary session variable modification via crafted session variable name - debian/patches/CVE-2010-3065.patch: handle PS_UNDEF_MARKER marker in ext/session/session.c. - CVE-2010-3065	Marc Deslauriers	5.1.2-1ubuntu3.19	13 years ago
23	* SECURITY UPDATE: information disclosure and denial of serv... * SECURITY UPDATE: information disclosure and denial of service via zend_restore_ini_entry_cb function. - debian/patches/CVE-2009-2626.patch: gracefully handle failure in Zend/zend_ini.c. - CVE-2009-2626 * SECURITY UPDATE: Cross-site scripting via incomplete htmlspecialchars filtering - debian/patches/CVE-2009-4142.patch: rewrite handling logic in ext/standard/html.c, add ext/standard/tests/strings/bug49785.phpt test script. - CVE-2009-4142 * SECURITY UPDATE: restrictions bypass via incorrect session data handling - debian/patches/CVE-2009-4143.patch: protect from interrupt corruption in ext/session/session.c. - CVE-2009-4143	Marc Deslauriers	5.1.2-1ubuntu3.18	14 years ago
22	* SECURITY UPDATE: file truncation via key with null byte * SECURITY UPDATE: file truncation via key with null byte - debian/patches/CVE-2008-7068.patch: make sure key and value are sane in ext/dba/libinifile/inifile.c. - CVE-2008-7068 * SECURITY UPDATE: certificate spoofing via null-byte certs (LP: #446313) - debian/patches/CVE-2009-3291.patch: validate certificate's CN length in ext/openssl/openssl.c. - CVE-2009-3291 * SECURITY UPDATE: denial of service via malformed exif images (LP: #446313) - debian/patches/CVE-2009-3292.patch: check length, return codes, and nesting level in ext/exif/exif.c. - CVE-2009-3292 * SECURITY UPDATE: safe_mode bypass via tempam function - debian/patches/CVE-2009-3557.patch: check for safe_mode in ext/standard/file.c. - CVE-2009-3557 * SECURITY UPDATE: open_basedir restrictions bypass via posix_mkfifo - debian/patches/CVE-2009-3558.patch: check for open_basedir in ext/posix/posix.c. - CVE-2009-3558 * SECURITY UPDATE: denial of service via large number of files in form-data POST request. - debian/patches/CVE-2009-4017.patch: introduce new "max_file_uploads" directive and enforce in main/main.c, main/rfc1867.c. - ATTENTION: this update changes previous php5 behaviour by limiting the number of files in a POST request to 50. This may be increased by adding a "max_file_uploads" directive to the php.ini configuration file. - CVE-2009-4017 * SECURITY UPDATE: safe_mode_protected_env_vars bypass via proc_open() - debian/patches/CVE-2009-4018.patch: add safe_mode check in ext/standard/proc_open.c - CVE-2009-4018	Marc Deslauriers	5.1.2-1ubuntu3.17	14 years ago
21	* SECURITY UPDATE: denial of service via malformed JPEG imag... * SECURITY UPDATE: denial of service via malformed JPEG image with invalid offset fields - debian/patches/229_SECURITY_CVE-2009-2687.patch: validate offset_of_ifd in ext/exif/exif.c. - CVE-2009-2687	Marc Deslauriers	5.1.2-1ubuntu3.15	14 years ago
20	* SECURITY UPDATE: cross-site scripting vulnerability when d... * SECURITY UPDATE: cross-site scripting vulnerability when display_errors is enabled. - debian/patches/227_SECURITY_CVE-2008-5814.patch: don't print back cookie names or values in ext/standard/head.c. - CVE-2008-5814 * SECURITY UPDATE: mbstring.func_overload setting in .htaccess affects other virtual hosts. - debian/patches/228_SECURITY_CVE-2009-0754.patch: don't terminate on the first function that is not overloaded in ext/mbstring/mbstring.c. - CVE-2009-0754	Marc Deslauriers	5.1.2-1ubuntu3.14	15 years ago
19	* SECURITY UPDATE: denial of service and possible code execu... * SECURITY UPDATE: denial of service and possible code execution from integer overflow in libgd. Although the system libgd was fixed in USN-557-1, php5 would not gracefully handle the error return code, resulting in a denial of service. - debian/patches/219_SECURITY_CVE-2007-3996.patch: check return codes when calling libgd in ext/gd/gd.c. - CVE-2007-3996 * SECURITY UPDATE: php_admin_value and php_admin_flag restrictions bypass via ini_set. (LP: #228095) - debian/patches/220_SECURITY_CVE-2007-5900.patch: add new zend_alter_ini_entry_ex() function that extends zend_alter_ini_entry() by making sure the entry can be modified in Zend/zend_ini.{c,h}, Zend/zend_vm_def.h, and Zend/zend_vm_execute.h. Use the new function for bacporting reasons in sapi/cgi/cgi_main.c and sapi/cli/php_cli.c. - CVE-2007-5900 * SECURITY UPDATE: denial of service and possible arbitrary code execution via crafted font file. (LP: #286851) - debian/patches/221_SECURITY_CVE-2008-3658.patch: make sure font->nchars, font->h, and font->w don't cause overflows in ext/gd/gd.c. Also, add test script ext/gd/tests/imageloadfont_invalid.phpt. - CVE-2008-3658 * SECURITY UPDATE: denial of service and possible arbitrary code execution via the delimiter argument to the explode function. (LP: #286851) - debian/patches/222_SECURITY_CVE-2008-3659.patch: make sure needle_length is sane in ext/standard/tests/strings/explode_bug.phpt. Also, add test script ext/standard/tests/strings/explode_bug.phpt. - CVE-2008-3659 * SECURITY UPDATE: denial of service via a request with multiple dots preceding the extension. (ex: foo..php) (LP: #286851) - debian/patches/223_SECURITY_CVE-2008-3660.patch: improve .. cleaning with a new is_valid_path() function in sapi/cgi/cgi_main.c. - CVE-2008-3660 * SECURITY UPDATE: mbstring extension arbitrary code execution via crafted string containing HTML entity. (LP: #317672) - debian/patches/224_SECURITY_CVE-2008-5557.patch: improve mbfl_filt_conv_html_dec_flush() error handling in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c. - CVE-2008-5557 * SECURITY UPDATE: safe_mode restriction bypass via unrestricted variable settings. - debian/patches/225_SECURITY_CVE-2008-5624.patch: make sure the page_uid and page_gid get initialized properly in ext/standard/basic_functions.c. Also, init server_context before processing config variables in sapi/apache/mod_php5.c. - CVE-2008-5624 * SECURITY UPDATE: arbitrary file write by placing a "php_value error_log" entry in a .htaccess file. - debian/patches/226_SECURITY_CVE-2008-5625.patch: enforce restrictions when merging in dir entry in sapi/apache/mod_php5.c and sapi/apache2handler/apache_config.c. - CVE-2008-5625	Marc Deslauriers	5.1.2-1ubuntu3.13	15 years ago
18	* debian/patches/209-CVE-2008-2051.patch: properly address i... * debian/patches/209-CVE-2008-2051.patch: properly address incomplete multibyte chars inside escapeshellcmd() * Add debian/patches/210-CVE-2008-2829.patch: unsafe usage of deprecated imap functions (patch from Debian) * Add debian/patches/211-CVE-2008-1384.patch: integer overflow in printf() (patch from Debian) * Add debian/patches/212-CVE-2008-2107+2108.patch: weak random number seed. * Add debian/patches/213-SECURITY_CVE-2007-4782.patch: DoS via long string in the fnmatch functions * debian/patches/214-SECURITY-pcre_compile.patch: avoid stack overflow (fix from pcre 7.6) * Update debian/patches/207-htmlentity-utf8-fix.patch: fail on improperly finished UTF sequence * References CVE-2008-2051 CVE-2008-2829 CVE-2008-1384 CVE-2008-2107 CVE-2008-2108 CVE-2007-4782 CVE-2007-5898 LP: #227464	Jamie Strandboge	5.1.2-1ubuntu3.12	15 years ago
17	* SECURITY UPDATE: multiple vulnerabilities. Thanks to Sean... * SECURITY UPDATE: multiple vulnerabilities. Thanks to Sean Finney for help locating upstream fixes. * Add 200-string-wordwrap.patch: wordwrap function can be made to crash. Backported upstream fixes (CVE-2007-3998). * Add 201-strspn-oob-read.patch: memory reading, possible crash via strspn. chunk_split. Backported upstream fixes (CVE-2007-4657). * Add 202-money-format-abuse.patch: money_format format string vulnerable. Backported upstream fixes (CVE-2007-4658). * Add 203-openssl_make_REQ-overflow.patch: overflow in openssl_make_REQ. Applied and corrected upstream fixes (CVE-2007-4662). * Add 204-start-session-cookies.patch: overwrite cookie values. Applied upstream fixes (CVE-2007-3799). * Add 206-chunk_split-fixes.patch: memory reading, possible crash via chunk_split. Merged various upstream fixes (CVE-2007-2872, CVE-2007-4660, CVE-2007-4661). * Add 206-cookie-nesting-fix.patch: corruption/crashes via deeply nested variables. Backported upstream fixes (CVE-2007-1285, CVE-2007-4670). * Add 207-htmlentity-utf8-fix.patch: don't accept partial utf8 sequences. Backported upstream fixes (CVE-2007-5898). * Add 208-session-id-leak.patch: don't send session id to remote forms. Backported upstream fixes (CVE-2007-5899). * References http://www.php.net/releases/5_2_4.php http://www.php.net/releases/5_2_5.php	Kees Cook	5.1.2-1ubuntu3.10	16 years ago
16	* SECURITY UPDATE: arbitrary code execution via heap overflo... * SECURITY UPDATE: arbitrary code execution via heap overflow. * Add debian/patches/122-CVE-2007-1864-xmlrpc.patch: upstream fix (CVE-2007-1864).	Kees Cook	5.1.2-1ubuntu3.9	16 years ago
15	* SECURITY UPDATE: FTP command injection, code execution in ... * SECURITY UPDATE: FTP command injection, code execution in SOAP requests, user filter code execution, PEAR installer path traversal. * 121-CVE-2007-2509_ftp.patch: ported from upstream and Debian (CVE-2007-2509) * 121-CVE-2007-2510_soap.patch: ported from upstream and Debian (CVE-2007-2510) * 121-CVE-2007-2511_userfilters.patch: ported from upstream and Debian (CVE-2007-2511) * pear/121-pear-installer.patch: extracted from upstream changes (CVE-2007-2519)	Kees Cook	5.1.2-1ubuntu3.8	16 years ago
14	* SECURITY UPDATE: multiple security vulnerabilities fixed. ... * SECURITY UPDATE: multiple security vulnerabilities fixed. Thanks to Moritz Muehlenhoff and Sean Finney. * MOPB-10.patch: php_binary Session Deserialization Information Leak (CVE-2007-1380) * MOPB-14.patch: substr_compare() Information Leak (CVE-2007-1375) * MOPB-15.patch: shmop Functions Resource Verification (CVE-2007-1376) * MOPB-22.patch: session_regenerate_id() Double Free (CVE-2007-1521) * MOPB-24.patch: array_user_key_compare() Double DTOR (CVE-2007-1484) * MOPB-26.patch: mb_parse_str() register_globals Activation (CVE-2007-1583) * MOPB-30.patch: _SESSION unset() (CVE-2007-1700) * MOPB-34.patch: mail() Header Injection (CVE-2007-1718) * MOPB-41.patch: sqlite_udf_decode_binary() Buffer Overflow (CVE-2007-1887 CVE-2007-1888) * MOPB-42.patch: php_stream_filter_create() Off By One (CVE-2007-1824)	Kees Cook	5.1.2-1ubuntu3.7	17 years ago
13	* debian/patches/CVE-2007-0906_streams.patch: * debian/patches/CVE-2007-0906_streams.patch: - Extend streams string variables to accomodate null byte. (LP: #87481) - Fix backported from upstream CVS: http://cvs.php.net/viewvc.cgi/php-src/main/streams/streams.c?r1=1.82.2.6.2.9&r2=1.82.2.6.2.10	Martin Pitt	5.1.2-1ubuntu3.6	17 years ago
12	* SECURITY UPDATE: Remote code execution. * SECURITY UPDATE: Remote code execution. * Add debian/patches/CVE-2007-0906_imap.patch: - Buffer overflows in the imap extension. - http://cvs.php.net/viewvc.cgi/php-src/ext/imap/php_imap.c?r1=1.208.2.7.2.11&r2=1.208.2.7.2.12 - http://cvs.php.net/viewvc.cgi/php-src/ext/imap/php_imap.c?r1=1.208.2.7.2.15&r2=1.208.2.7.2.16 * Add debian/patches/CVE-2007-0906_session.patch: - Buffer overflow in the session extension. - http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.22&r2=1.417.2.8.2.23 * Add debian/patches/CVE-2007-0906_streams.patch: - Buffer overflows in the stream filters functions. - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/streamsfuncs.c?r1=1.58.2.6.2.12&r2=1.58.2.6.2.13 - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/streamsfuncs.c?r1=1.98&r2=1.99 * Add debian/patches/CVE-2007-0906_string.patch: - Buffer overflow in the string extension. - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.629&r2=1.631 * Add debian/patches/CVE-2007-0907.patch: - Buffer underflow in sapi_header_op() that can be exploited to crash the PHP interpreter. - http://cvs.php.net/viewvc.cgi/php-src/main/SAPI.c?r1=1.202.2.7.2.3&r2=1.202.2.7.2.4 * Add debian/patches/CVE-2007-0908.patch: - Fix forgotten initialization of key_length and buffer overflow in the wddx extension that could be exploited to reveal memory that is not supposed to be accessible (potential information disclosure). - http://cvs.php.net/viewvc.cgi/php-src/ext/wddx/wddx.c?r1=1.119.2.10.2.8&r2=1.119.2.10.2.10 * Add debian/patches/CVE-2007-0909_print.patch: - Fix format string vulnerability on 64 bit systems in the print() functions. - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/formatted_print.c?r1=1.82.2.1.2.11&r2=1.82.2.1.2.12 Add debian/patches/CVE-2007-0909_odbc.patch: - Fix format string vulnerability on 64 bit systems in odbc_result_all(). - http://cvs.php.net/viewvc.cgi/php-src/ext/odbc/php_odbc.c?r1=1.189.2.4.2.1&r2=1.189.2.4.2.2 - http://cvs.php.net/viewvc.cgi/php-src/ext/odbc/php_odbc.c?r1=1.189.2.4.2.3&r2=1.189.2.4.2.4 * Add debian/patches/CVE-2007-0910.patch: - Fix clobbering of superglobal variables during session variable unserialization. - http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.458&r2=1.459 - http://cvs.php.net/viewvc.cgi/php-src/ext/session/session.c?r1=1.417.2.8.2.24&r2=1.417.2.8.2.26 - http://cvs.php.net/viewvc.cgi/php-src/main/php_variables.c?r1=1.104.2.10.2.3&r2=1.104.2.10.2.4 * Add debian/patches/CVE-2007-0988.patch: - Fix infinite loop in zend_hash_init() when unserializing untrusted data on 64 bit systems. - http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_hash.c?r1=1.121.2.4.2.5&r2=1.121.2.4.2.6	Martin Pitt	5.1.2-1ubuntu3.5	17 years ago
11	* SECURITY UPDATE: Remote code execution. * SECURITY UPDATE: Remote code execution. * Add debian/patches/CVE-2006-5465.patch: - Fix buffer overflows in htmlentities() and htmlspecialchars(). - Ported from upstream CVS: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/html.c?r1=1.111.2.2.2.2&r2=1.111.2.2.2.3 * Add debian/patches/200-chdir_openbasedir_bypass.patch: - Fix open_basedir bypass in chdir(). - Ported from upstream CVS: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/dir.c?r1=1.147.2.3&r2=1.147.2.3.2.1 * Add debian/patches/201-tempnam_openbasedir_bypass.patch: - Fix open_basedir bypass in tempnam(). - Ported from upstream CVS: http://cvs.php.net/viewvc.cgi/php-src/main/php_open_temporary_file.c?r1=1.34.2.1.2.1&r2=1.34.2.1.2.3	Martin Pitt	5.1.2-1ubuntu3.4	17 years ago
10	* SECURITY UPDATE: Multiple vulnerabilities. * SECURITY UPDATE: Multiple vulnerabilities. * Fix CVE number in 5.1.2-1ubuntu3.1 changelog: The curl open_basedir bypass is actually CVE-2006-4483, not -2563. * Add debian/patches/CVE-2006-4485.patch: - Fix buffer overread in stripos(). - Ported from upstream CVS: http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?view=diff&r1=1.547&r2=1.548 * Add debian/patches/CVE-2006-4486.patch: - Fix integer overflow and memory_limit bypass on 64 bit platforms. - Patch stolen from RedHat security update, not fixed upstream yet. * Add debian/patches/CVE-2006-4625.patch: - Fix open_basedir/safe_mode bypass with ini_restore(). - Ported from upstream CVS: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_ini.c?r1=1.39.2.2&r2=1.39.2.3 * Add debian/patches/CVE-2006-4812.patch: - Fix integer overflow in Zend's ecalloc(). - Ported from upstream CVS: http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_alloc.c?r1=1.161&r2=1.162	Martin Pitt	5.1.2-1ubuntu3.3	17 years ago
9	* SECURITY UPDATE: Multiple vulnerabilities. * SECURITY UPDATE: Multiple vulnerabilities. * debian/patches/CVE-2006-4020.patch: - sscanf buffer overflow - http://bugs.php.net/bug.php?id=38322 - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/scanf.c?r1=1.31.2.2&r2=1.31.2.3 * debian/patches/CVE-2006-4481.patch: - safe_mode/open_basedir bypass with file_exists() and imap_reopen() - http://cvs.php.net/viewvc.cgi/php-src/ext/imap/php_imap.c?r1=1.208.2.8&r2=1.208.2.9 (imap_reopen()) - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/filestat.c?r1=1.136.2.8&r2=1.136.2.9 (file_exists()) * debian/patches/CVE-2006-4482.patch: - str_repeat() and wordwrap() buffer overflow on 64 bit systems - http://cvs.php.net/viewvc.cgi/php-src/ext/standard/string.c?r1=1.445.2.14.2.10&r2=1.445.2.14.2.11 * debian/patches/CVE-2006-4484.patch: - GIF parser overflow - http://cvs.php.net/viewvc.cgi/php-src/ext/gd/libgd/gd_gif_in.c?r1=1.5.4.4&r2=1.5.4.5	Martin Pitt	5.1.2-1ubuntu3.2	17 years ago

Older »