php5 (5.3.10-1ubuntu3.16) precise-security; urgency=medium
* SECURITY UPDATE: arbitrary code execution via improper handling of
duplicate keys in unserializer
- debian/patches/CVE-2014-8142.patch: fix use after free in
ext/standard/var_unserializer.*, added test to
ext/standard/tests/serialize/bug68594.phpt.
- CVE-2014-8142
* SECURITY UPDATE: arbitrary code execution via improper handling of
duplicate keys in unserializer, additional fix
- debian/patches/CVE-2015-0231.patch: fix use after free in
ext/standard/var_unserializer.*, added test to
ext/standard/tests/strings/bug68710.phpt.
- CVE-2015-0231
* debian/patches/remove_readelf.patch: remove readelf.c from fileinfo as
it isn't used, and is a source of confusion when doing security
updates.
* debian/patches/CVE-2014-3710.patch: removed, wasn't needed.
Date: 2015-02-13 19:42:12.121725+00:00
Changed-By: Marc Deslauriers <[email protected]>
Signed-By: Ubuntu Archive Robot
<[email protected]>
https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.16
Sorry, changesfile not available.
--
Precise-changes mailing list
[email protected]
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/precise-changes
