-
Committer:
Package Import Robot
-
Author(s):
Marc Deslauriers
-
Date:
2012-06-12 16:02:25 UTC
-
Revision ID:
package-import@ubuntu.com-20120612160225-tn90mbpdmeov3dpd
Tags: 5.2.4-2ubuntu5.25
* SECURITY UPDATE: denial of service via invalid tidy objects
- debian/patches/CVE-2012-0781.patch: track initialization in
ext/tidy/tidy.c, added tests to ext/tidy/tests/004.phpt,
ext/tidy/tests/bug54682.phpt.
- CVE-2012-0781
* SECURITY UPDATE: denial of service or possible directory traversal via
invalid filename.
- debian/patches/CVE-2012-1172.patch: ensure brackets get closed in
main/rfc1867.c, add test to tests/basic/bug55500.phpt.
- CVE-2012-1172
* SECURITY UPDATE: improve php5-cgi query string parameter parsing
- debian/patches/CVE-2012-233x.patch: improve parsing in
sapi/cgi/cgi_main.c.
- CVE-2012-2335
- CVE-2012-2336