** Changed in: debian
Status: Unknown = Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/286851
Title:
CVE-2008-3658,2008-3659,2008-3660
To manage notifications
** Branch linked: lp:~ubuntu-branches/ubuntu/dapper/php5/dapper-security
** Branch linked: lp:~ubuntu-branches/ubuntu/gutsy/php5/gutsy-security
** Branch linked: lp:~ubuntu-branches/ubuntu/hardy/php5/hardy-security
** Branch linked: lp:~ubuntu-branches/ubuntu/intrepid/php5/intrepid-
security
This bug was fixed in the package php5 - 5.2.6-2ubuntu4.1
---
php5 (5.2.6-2ubuntu4.1) intrepid-security; urgency=low
* SECURITY UPDATE: denial of service and possible arbitrary code execution
via crafted font file. (LP: #286851)
-
This bug was fixed in the package php5 - 5.2.4-2ubuntu5.5
---
php5 (5.2.4-2ubuntu5.5) hardy-security; urgency=low
* SECURITY UPDATE: php_admin_value and php_admin_flag restrictions bypass via
ini_set. (LP: #228095)
- debian/patches/120_SECURITY_CVE-2007-5900.patch: add new
** Changed in: php5 (Ubuntu)
Status: New = Confirmed
** Changed in: php5 (Ubuntu Hardy)
Status: New = Confirmed
--
CVE-2008-3658,2008-3659,2008-3660
https://bugs.launchpad.net/bugs/286851
You received this bug notification because you are a member of Ubuntu
Server Team, which is
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3658
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3659
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-3660
--
CVE-2008-3658,2008-3659,2008-3660
** Bug watch added: Debian Bug tracker #499987
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499987
** Also affects: debian via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=499987
Importance: Unknown
Status: Unknown
--
CVE-2008-3658,2008-3659,2008-3660
These CVEs aren't fixed for hardy (and probably gutsy), too. Is there an
update planned or are the ubuntu packages not affected?
--
CVE-2008-3658,2008-3659,2008-3660
https://bugs.launchpad.net/bugs/286851
You received this bug notification because you are a member of Ubuntu
Server Team, which is
** Visibility changed to: Public
--
CVE-2008-3658,2008-3659,2008-3660
https://bugs.launchpad.net/bugs/286851
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
Ubuntu-server-bugs mailing list