← Back to branch summary

~ubuntu-branches/ubuntu/feisty/php5/feisty-security

Viewing all changes in revision 21.

  • Committer: Bazaar Package Importer
  • Author(s): Jamie Strandboge
  • Date: 2008-07-16 15:45:20 UTC
  • Revision ID: james.westby@ubuntu.com-20080716154520-rxnvpkk1t14plemm
Tags: 5.2.1-0ubuntu1.6
https://launchpad.net/bugs/227464
* debian/patches/209-CVE-2008-2050.patch: possible stack overflow and
  sending of unitialized paddings
* debian/patches/210-CVE-2008-2051.patch: properly address incomplete
  multibyte chars inside escapeshellcmd()
* debian/patches/211-CVE-2007-4850.patch: fixed a safe_mode bypass in cURL
* debian/patches/212-CVE-2008-2829.patch: unsafe usage of deprecated imap
  functions (patch from Debian)
* debian/patches/213-CVE-2008-1384.patch: integer overflow in printf()
  (patch from Debian)
* debian/patches/214-CVE-2008-2107+2108.patch: weak random number seed
* debian/patches/215-CVE-2007-4782.patch: DoS via long string in the fnmatch
  functions
* debian/patches/216-pcre-compile.patch: avoid stack overflow (fix from
  pcre 7.6)
* Update debian/patches/207-htmlentity-utf8-fix.patch: fail on improperly
  finished UTF sequence
* References
  CVE-2008-2050
  CVE-2008-2051
  CVE-2007-4850
  CVE-2008-2829
  CVE-2008-1384
  CVE-2008-2107
  CVE-2008-2108
  CVE-2007-4782
  CVE-2007-5898
  LP: #227464

expand all expand all

Show diffs side-by-side

added added

removed removed

Lines of Context: