Bug#391586: marked as done (Security: Possible remote-code execution via integer overflow (CVE-2006-4812))

Sat, 28 Oct 2006 07:11:41 -0700 

Your message dated Sat, 28 Oct 2006 06:18:08 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#391586: fixed in php5 5.1.6-5
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message --- 
Package: php5
Version: all
Severity: critical
Tags: security, fixed-upstream

See
http://www.heise-security.co.uk/news/79145
and
http://rhn.redhat.com/errata/RHSA-2006-0708.html

"
An integer overflow was discovered in the PHP memory handling routines. If 
a script can cause memory allocation based on untrusted user data, a remote 
attacker sending a carefully crafted request could execute arbitrary code 
as the 'apache' user. (CVE-2006-4812) 
"

and

http://archives.mandrivalinux.com/security-announce/2006-10/msg00004.php

Fixed upstream:
http://cvs.php.net/viewvc.cgi/ZendEngine2/zend_alloc.c?r1=1.161&r2=1.162

Old versions of Php4 are possibly also affected.

--- End Message ---
--- Begin Message --- 
Source: php5
Source-Version: 5.1.6-5

We believe that the bug you reported is fixed in the latest version of
php5, which is due to be installed in the Debian FTP archive:

libapache-mod-php5_5.1.6-5_amd64.deb
  to pool/main/p/php5/libapache-mod-php5_5.1.6-5_amd64.deb
libapache2-mod-php5_5.1.6-5_amd64.deb
  to pool/main/p/php5/libapache2-mod-php5_5.1.6-5_amd64.deb
php-pear_5.1.6-5_all.deb
  to pool/main/p/php5/php-pear_5.1.6-5_all.deb
php5-cgi_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-cgi_5.1.6-5_amd64.deb
php5-cli_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-cli_5.1.6-5_amd64.deb
php5-common_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-common_5.1.6-5_amd64.deb
php5-curl_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-curl_5.1.6-5_amd64.deb
php5-dev_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-dev_5.1.6-5_amd64.deb
php5-gd_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-gd_5.1.6-5_amd64.deb
php5-ldap_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-ldap_5.1.6-5_amd64.deb
php5-mhash_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-mhash_5.1.6-5_amd64.deb
php5-mysql_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-mysql_5.1.6-5_amd64.deb
php5-mysqli_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-mysqli_5.1.6-5_amd64.deb
php5-odbc_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-odbc_5.1.6-5_amd64.deb
php5-pgsql_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-pgsql_5.1.6-5_amd64.deb
php5-recode_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-recode_5.1.6-5_amd64.deb
php5-snmp_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-snmp_5.1.6-5_amd64.deb
php5-sqlite_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-sqlite_5.1.6-5_amd64.deb
php5-sybase_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-sybase_5.1.6-5_amd64.deb
php5-xmlrpc_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-xmlrpc_5.1.6-5_amd64.deb
php5-xsl_5.1.6-5_amd64.deb
  to pool/main/p/php5/php5-xsl_5.1.6-5_amd64.deb
php5_5.1.6-5.diff.gz
  to pool/main/p/php5/php5_5.1.6-5.diff.gz
php5_5.1.6-5.dsc
  to pool/main/p/php5/php5_5.1.6-5.dsc
php5_5.1.6-5_all.deb
  to pool/main/p/php5/php5_5.1.6-5_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
sean finney <[EMAIL PROTECTED]> (supplier of updated php5 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Sat, 28 Oct 2006 14:29:44 +0200
Source: php5
Binary: php5-mysqli php5-gd php5-ldap php5 php5-xmlrpc libapache2-mod-php5 
php5-xsl php5-cgi php-pear php5-pgsql php5-cli php5-recode php5-mhash 
php5-sybase php5-curl php5-odbc php5-mysql php5-common php5-snmp php5-dev 
php5-sqlite libapache-mod-php5
Architecture: source amd64 all
Version: 5.1.6-5
Distribution: unstable
Urgency: high
Maintainer: Debian PHP Maintainers <[EMAIL PROTECTED]>
Changed-By: sean finney <[EMAIL PROTECTED]>
Description: 
 libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 
module)
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 
2.0 module)
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (meta-package)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language
 php5-common - Common files for packages built from the php5 source
 php5-curl  - CURL module for php5
 php5-dev   - Files for PHP5 module development
 php5-gd    - GD module for php5
 php5-ldap  - LDAP module for php5
 php5-mhash - MHASH module for php5
 php5-mysql - MySQL module for php5
 php5-mysqli - MySQL Improved module for php5
 php5-odbc  - ODBC module for php5
 php5-pgsql - PostgreSQL module for php5
 php5-recode - recode module for php5
 php5-snmp  - SNMP module for php5
 php5-sqlite - SQLite module for php5
 php5-sybase - Sybase / MS SQL Server module for php5
 php5-xmlrpc - XML-RPC module for php5
 php5-xsl   - XSL module for php5
Closes: 340586 361211 375070 381438 388697 391368 391586 393788
Changes: 
 php5 (5.1.6-5) unstable; urgency=high
 .
   [sean finney]
   * add a README.Debian.security to clarify how we handle/respond
     to security problems in stable releases.
   * SECURITY: include patch for integer overflow in zend_alloc.c.
     Reference: CVE-2006-04812 (closes: #391586).
     patch: 110-CVE-2006-4812_zend_alloc.patch
   * bump the debhelper compatibility level to 4.
   * remove cyclic depends for mysql/mysqli.
   * the long overdue rework of configuration file handling.  this also
     removes the need for debconf and template translations
     (closes: #361211, #393788, #388697).
   * start using ucf to manage the the various SAPI php.ini files.
   * cleanup and consolidation of a few things in the ./debian dir
   * bump the memory limit to 32M for the cli API (closes: #375070, #340586).
   * include a fix for missing mbstring headers reported by Jan Wagner
     (closes: #391368).
     patch: 111-mbstring-headers.patch.
   * include support for PTY's in proc_open, as reported by Eike Dehling.
     according to php's BTS (http://bugs.php.net/bug.php?id=39224) the
     feature was disabled only because the configure script couldn't
     accurately determine whether the feature was available, and we know
     it is :) (closes: #381438).
     patch: 112-proc_open.patch.
   * update standards-version to 3.7.2
Files: 
 69d4eff31fd6fa54a7a6f5e091fe7c46 1800 web optional php5_5.1.6-5.dsc
 36610cb53ca214405d3180b36b2d3efd 90272 web optional php5_5.1.6-5.diff.gz
 699c804d34c943f0b7f84458ee9102e3 167076 web optional 
php5-common_5.1.6-5_amd64.deb
 27868ba039c8fd2d5c3e27d355692c72 2422102 web optional 
libapache-mod-php5_5.1.6-5_amd64.deb
 36abaf5905734da03d142b00dfb32041 2422946 web optional 
libapache2-mod-php5_5.1.6-5_amd64.deb
 eb4b629f0f799d878392bf7aa3bda5ee 4715644 web optional 
php5-cgi_5.1.6-5_amd64.deb
 98676bfa55f951762655553cee1224b3 2378588 web optional 
php5-cli_5.1.6-5_amd64.deb
 23b16dcb81ca45fb3d8af080f5d7f653 316396 devel optional 
php5-dev_5.1.6-5_amd64.deb
 396acccafb2bf342ae03218e62e6b398 22400 web optional php5-curl_5.1.6-5_amd64.deb
 7e317dc8994de55c624ddc39a6447167 33624 web optional php5-gd_5.1.6-5_amd64.deb
 1f97b287132e687f9f1c1cae54a03908 18604 web optional php5-ldap_5.1.6-5_amd64.deb
 838aa4204bcc36e67b5023d35fcab0ea 5240 web optional php5-mhash_5.1.6-5_amd64.deb
 e47306307113c47699aa0e058677d0b3 21764 web optional 
php5-mysql_5.1.6-5_amd64.deb
 27d6baae6c067373f7b046f6175d610f 40562 web optional 
php5-mysqli_5.1.6-5_amd64.deb
 e54c4e499dfbd1c70f0822f506d5d35e 26538 web optional php5-odbc_5.1.6-5_amd64.deb
 0f4b860b013cce3fa4178a7966264f6d 40826 web optional 
php5-pgsql_5.1.6-5_amd64.deb
 6cbd0085c1fea12dbbc307a4e3f5db4c 4866 web optional 
php5-recode_5.1.6-5_amd64.deb
 07358f5481424f65e7ebeb62bcac6f1a 11878 web optional php5-snmp_5.1.6-5_amd64.deb
 abd4197dc8ee4083b4464be7b0e30d23 25812 web optional 
php5-sqlite_5.1.6-5_amd64.deb
 cf57112b95deb2abaf010b28143dd5dd 19282 web optional 
php5-sybase_5.1.6-5_amd64.deb
 c8fdeb95c1e03455c836e921c8d188ce 39106 web optional 
php5-xmlrpc_5.1.6-5_amd64.deb
 ebd60a1a38b341d075eb84eda5048a7b 12888 web optional php5-xsl_5.1.6-5_amd64.deb
 597625809ba5212557e9f1a3953aeecd 1032 web optional php5_5.1.6-5_all.deb
 9dbb199ea56b80c7fb61e6e343f600ed 305610 web optional php-pear_5.1.6-5_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFQ1NoynjLPm522B0RAkZ6AJ4xfXzQZUDtWQGItLxRiIXXhGa4mwCeJw3U
9YQUklsjo+BnowJ0WRPvHC0=
=ZZe2
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to