-
Committer:
Bazaar Package Importer
-
Author(s):
Kees Cook
-
Date:
2007-10-19 12:58:34 UTC
-
Revision ID:
james.westby@ubuntu.com-20071019125834-cluydllf9h162hx9
Tags: 5.2.3-1ubuntu6.1
* SECURITY UPDATE: multiple vulnerabilities. Thanks to Sean Finney for
help locating upstream fixes.
* Add 200-string-wordwrap.patch: wordwrap function can be made to crash.
Backported upstream fixes (CVE-2007-3998).
* Add 201-strspn-oob-read.patch: memory reading, possible crash via strspn.
chunk_split. Backported upstream fixes (CVE-2007-4657).
* Add 202-money-format-abuse.patch: money_format format string vulnerable.
Backported upstream fixes (CVE-2007-4658).
* Add 203-openssl_make_REQ-overflow.patch: overflow in openssl_make_REQ.
Applied and corrected upstream fixes (CVE-2007-4662).
* Add 204-start-session-cookies.patch: overwrite cookie values.
Applied upstream fixes (CVE-2007-3799).
* Add 206-chunk_split-fixes.patch: memory reading, possible crash via
chunk_split. Merged various upstream fixes (CVE-2007-2872, CVE-2007-4660,
CVE-2007-4661).
* Add 206-cookie-nesting-fix.patch: corruption/crashes via deeply nested
variables. Backported upstream fixes (CVE-2007-1285, CVE-2007-4670).
* Add 207-htmlentity-utf8-fix.patch: don't accept partial utf8 sequences.
Backported upstream fixes (CVE-2007-5898).
* Add 208-session-id-leak.patch: don't send session id to remote forms.
Backported upstream fixes (CVE-2007-5899).
* References
http://www.php.net/releases/5_2_4.php
http://www.php.net/releases/5_2_5.php