← Back to branch summary

~ubuntu-branches/ubuntu/hardy/php5/hardy-security

  • Committer: Bazaar Package Importer
  • Author(s): Marc Deslauriers
  • Date: 2009-11-26 08:07:41 UTC
  • Revision ID: james.westby@ubuntu.com-20091126080741-65msu91kwypqcidh
Tags: 5.2.4-2ubuntu5.9
https://launchpad.net/bugs/446313
https://launchpad.net/bugs/446313
* SECURITY UPDATE: file truncation via key with null byte
  - debian/patches/CVE-2008-7068.patch: make sure key and value are sane
    in ext/dba/libinifile/inifile.c.
  - CVE-2008-7068
* SECURITY UPDATE: certificate spoofing via null-byte certs (LP: #446313)
  - debian/patches/CVE-2009-3291.patch: validate certificate's CN length
    in ext/openssl/openssl.c.
  - CVE-2009-3291
* SECURITY UPDATE: denial of service via malformed exif images
  (LP: #446313)
  - debian/patches/CVE-2009-3292.patch: check length, return codes, and
    nesting level in ext/exif/exif.c.
  - CVE-2009-3292
* SECURITY UPDATE: safe_mode bypass via tempam function
  - debian/patches/CVE-2009-3557.patch: check for safe_mode in
    ext/standard/file.c.
  - CVE-2009-3557
* SECURITY UPDATE: open_basedir restrictions bypass via posix_mkfifo
  - debian/patches/CVE-2009-3558.patch: check for open_basedir in
    ext/posix/posix.c.
  - CVE-2009-3558
* SECURITY UPDATE: denial of service via large number of files in
  form-data POST request.
  - debian/patches/CVE-2009-4017.patch: introduce new "max_file_uploads"
    directive and enforce in main/main.c, main/rfc1867.c.
  - ATTENTION: this update changes previous php5 behaviour by limiting
    the number of files in a POST request to 50. This may be increased
    by adding a "max_file_uploads" directive to the php.ini configuration
    file. 
  - CVE-2009-4017
* SECURITY UPDATE: safe_mode_protected_env_vars bypass via proc_open()
  - debian/patches/CVE-2009-4018.patch: add safe_mode check in
    ext/standard/proc_open.c
  - CVE-2009-4018
Filename Latest Rev Last Changed Committer Comment Size
..
build 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
debian 2 18 years ago Bazaar Package Importer Resync with Debian, bringing in two security fixes Diff
ext 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
main 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
netware 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
pear 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
regex 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
sapi 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
scripts 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
tests 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
TSRM 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
win32 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
Zend 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Diff
.gdbinit 1.1.8 16 years ago Bazaar Package Importer Import upstream version 5.2.3 10.3 KB Diff Download File
acconfig.h 1.1.6 17 years ago Bazaar Package Importer Import upstream version 5.2.1 3.2 KB Diff Download File
acconfig.h.in 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 28 bytes Diff Download File
acinclude.m4 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 72.7 KB Diff Download File
aclocal.m4 25 16 years ago Bazaar Package Importer * Merge from Debian unstable (LP: #176011). Remain 288 KB Diff Download File
File buildconf 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 1.2 KB Diff Download File
buildconf.bat 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 51 bytes Diff Download File
CODING_STANDARDS 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 10.8 KB Diff Download File
config.guess 1.1.2 18 years ago Bazaar Package Importer Import upstream version 5.1.2 42.4 KB Diff Download File
config.sub 1.1.2 18 years ago Bazaar Package Importer Import upstream version 5.1.2 30.9 KB Diff Download File
File configure 25 16 years ago Bazaar Package Importer * Merge from Debian unstable (LP: #176011). Remain 2.8 MB Diff Download File
configure.in 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 42.2 KB Diff Download File
CREDITS 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 91 bytes Diff Download File
File cvsclean 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 58 bytes Diff Download File
File cvsclean.bat 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 50 bytes Diff Download File
EXTENSIONS 1.1.7 17 years ago Bazaar Package Importer Import upstream version 5.2.2 22.1 KB Diff Download File
footer 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 137 bytes Diff Download File
generated_lists 1.1.6 17 years ago Bazaar Package Importer Import upstream version 5.2.1 2.1 KB Diff Download File
File genfiles 1.1.1 18 years ago Bazaar Package Importer Import upstream version 5.1.1 459 bytes Diff Download File
header 1.1.6 17 years ago Bazaar Package Importer Import upstream version 5.2.1 1.1 KB Diff Download File
INSTALL 1.1.7 17 years ago Bazaar Package Importer Import upstream version 5.2.2 85.5 KB Diff Download File
install-sh 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Empty Diff Download File
LICENSE 1.1.2 18 years ago Bazaar Package Importer Import upstream version 5.1.2 3.1 KB Diff Download File
ltmain.sh 1.1.2 18 years ago Bazaar Package Importer Import upstream version 5.1.2 182 KB Diff Download File
File makedist 1.1.5 17 years ago Bazaar Package Importer Import upstream version 5.2.0 3.6 KB Diff Download File
Makefile.frag 1.1.8 16 years ago Bazaar Package Importer Import upstream version 5.2.3 919 bytes Diff Download File
Makefile.gcov 1.1.6 17 years ago Bazaar Package Importer Import upstream version 5.2.1 2.7 KB Diff Download File
Makefile.global 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 6.2 KB Diff Download File
makerpm 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 5.1 KB Diff Download File
missing 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Empty Diff Download File
mkinstalldirs 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 Empty Diff Download File
NEWS 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 161 KB Diff Download File
php.gif 1.1.3 17 years ago Bazaar Package Importer Import upstream version 5.1.4 2.4 KB Diff Download File
php.ini-dist 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 43.9 KB Diff Download File
php.ini-recommended 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 47.4 KB Diff Download File
php5.spec.in 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 1.4 KB Diff Download File
README.CVS-RULES 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 5.1 KB Diff Download File
README.EXT_SKEL 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 6.9 KB Diff Download File
README.EXTENSIONS 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 1.5 KB Diff Download File
README.input_filter 1.1.5 17 years ago Bazaar Package Importer Import upstream version 5.2.0 5.7 KB Diff Download File
README.PARAMETER_PARSING_API 1.1.6 17 years ago Bazaar Package Importer Import upstream version 5.2.1 3.9 KB Diff Download File
README.PHP4-TO-PHP5-THIN-CHANGES 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 4.6 KB Diff Download File
README.QNX 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 2 KB Diff Download File
README.SELF-CONTAINED-EXTENSIONS 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 4.6 KB Diff Download File
README.STREAMS 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 15 KB Diff Download File
README.SUBMITTING_PATCH 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 4.4 KB Diff Download File
README.TESTING 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 6.3 KB Diff Download File
README.TESTING2 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 4.8 KB Diff Download File
README.UNIX-BUILD-SYSTEM 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 4.1 KB Diff Download File
README.UPDATE_5_2 1.1.6 17 years ago Bazaar Package Importer Import upstream version 5.2.1 37 KB Diff Download File
README.WIN32-BUILD-SYSTEM 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 6.1 KB Diff Download File
README.Zeus 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 4.1 KB Diff Download File
File run-tests.php 1.1.9 16 years ago Bazaar Package Importer Import upstream version 5.2.4 57.1 KB Diff Download File
File server-tests-config.php 1.1.1 18 years ago Bazaar Package Importer Import upstream version 5.1.1 2 KB Diff Download File
File server-tests.php 1.1.6 17 years ago Bazaar Package Importer Import upstream version 5.2.1 50.5 KB Diff Download File
File snapshot 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 108 bytes Diff Download File
stamp-h.in 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 10 bytes Diff Download File
stub.c 1 18 years ago Bazaar Package Importer Import upstream version 5.0.5 1 bytes Diff Download File
TODO 1.1.7 17 years ago Bazaar Package Importer Import upstream version 5.2.2 4.9 KB Diff Download File
TODO-5.1 1.1.1 18 years ago Bazaar Package Importer Import upstream version 5.1.1 163 bytes Diff Download File
TODO-PHP5 1.1.7 17 years ago Bazaar Package Importer Import upstream version 5.2.2 3.6 KB Diff Download File
File UPGRADING 1.1.5 17 years ago Bazaar Package Importer Import upstream version 5.2.0 17 KB Diff Download File