-
Committer:
Package Import Robot
-
Author(s):
Steve Beattie
-
Date:
2011-01-07 22:39:12 UTC
-
Revision ID:
package-import@ubuntu.com-20110107223912-mbpgguifsuptndmv
Tags: 5.2.10.dfsg.1-2ubuntu6.6
* SECURITY UPDATE: overflow leading to xml decode bypass
- debian/patches/php5-CVE-2009-5016.patch: convert short to int
to prevent overflow in bit operations
- CVE-2009-5016
* SECURITY UPDATE: xml decode bypass
- debian/patches/php5-CVE-2010-3780.patch: improve utf8 decoding
- CVE-2010-3780
* SECURITY UPDATE: open_basedir bypass
- debian/patches/php5-CVE-2010-3436.patch: more strict checking in
php_check_specific_open_basedir()
- CVE-2010-3436
* SECURITY UPDATE: NULL pointer dereference crash
- debian/patches/php5-CVE-2010-3709.patch: check for NULL when
getting zip comment
- CVE-2010-3709
* SECURITY UPDATE: memory consumption denial of service
- debian/patches/php5-CVE-2010-3710.patch: check for email address
longer than RFC 2821 allows
- CVE-2010-3710
* SECURITY UPDATE: infinite loop/denial of service when dealing with
certain textual forms of MAX_FLOAT (LP: #697181)
- debian/patches/php5-CVE-2010-4645.patch: treat local doubles
as volatile to avoid x87 registers in zend_strtod()
- CVE-2010-4645