-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sat, 03 Mar 2007 11:13:33 +0100 Source: php5 Binary: php5-gd php5-ldap php5 php5-xmlrpc php5-pspell libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-tidy php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mcrypt php5-mysql php5-common php5-imap php5-snmp php5-dev php5-sqlite libapache-mod-php5 php5-interbase Architecture: source amd64 all Version: 5.2.0-9 Distribution: unstable Urgency: high Maintainer: Debian PHP Maintainers <[EMAIL PROTECTED]> Changed-By: sean finney <[EMAIL PROTECTED]> Description: libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 module) libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2 module) php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (meta-package) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dev - Files for PHP5 module development php5-gd - GD module for php5 php5-imap - IMAP module for php5 php5-interbase - interbase/firebird module for php5 php5-ldap - LDAP module for php5 php5-mcrypt - MCrypt module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Closes: 401712 410995 Changes: php5 (5.2.0-9) unstable; urgency=high . [ sean finney ] * The following security issues are addressed with this update: - CVE-2007-0906: Multiple buffer overflows in various code: * session (addressed in patch for CVE-2007-0910 below) * imap (062-CVE-2007-0906-imap.patch) * str_replace: (064-CVE-2007-0906-strreplace.patch) * interbase: (063-CVE-2007-0906-interbase.patch) * the zip, sqlite, stream filters, and mail related vulnerabilities in this CVE do not affect the debian sarge php4 source package. - CVE-2007-0907: sapi_header_op buffer underflow (065-CVE-2007-0907.patch) - CVE-2007-0908: wddx information disclosure (066-CVE-2007-0908.patch) - CVE-2007-0909: More buffer overflows: * the odbc_result_all function (067-CVE-2007-0909-odbc.patch) * various formatted print functions (068-CVE-2007-0909-printf.patch) - CVE-2007-0910: Clobbering of super-globals (069-CVE-2007-0910.patch) - CVE-2007-0988: 64bit unserialize DoS (070-CVE-2007-0988.patch) Closes: #410995. * The package maintainers would like to thank Joe Orton from redhat and Martin Pitt from ubuntu for their help in preparation of this update. * backport upstream fix for AUTH PLAIN support in imap extension Closes: #401712. Files: 8ec576c28ce6c0087711116d775fd0dd 1964 web optional php5_5.2.0-9.dsc 626425910661565e37a0d65274ac9c23 100821 web optional php5_5.2.0-9.diff.gz 638b2a1b2f89f0f5346c570a54fade8f 216386 web optional php5-common_5.2.0-9_amd64.deb 4d64422f486e89b580fbc220b85ea144 2508012 web optional libapache-mod-php5_5.2.0-9_amd64.deb 880874c8f7bc636db650b592c9a28142 2508424 web optional libapache2-mod-php5_5.2.0-9_amd64.deb 14d8b195d217dab6c9b215a72f83718e 4858746 web optional php5-cgi_5.2.0-9_amd64.deb 5df1e212eb97027c17bf9af3ce45a277 2450074 web optional php5-cli_5.2.0-9_amd64.deb 177a1cfcea485b9944ff70c63040a403 341984 devel optional php5-dev_5.2.0-9_amd64.deb 6c0198f8810533a0fdeeeafcf675978a 24958 web optional php5-curl_5.2.0-9_amd64.deb c58044cbc52ba4a14dc9150652dd6db2 37038 web optional php5-gd_5.2.0-9_amd64.deb cba5e61616c28175de5c6c0d237597cb 36682 web optional php5-imap_5.2.0-9_amd64.deb 3676b8cd181fc55aca80a59a50b4bbfc 46704 web optional php5-interbase_5.2.0-9_amd64.deb 3e17fc70ec04ad38ebe0c60579a1c0a4 18652 web optional php5-ldap_5.2.0-9_amd64.deb c1e0aebf57e2397a9ed6edb36ebec8bf 13476 web optional php5-mcrypt_5.2.0-9_amd64.deb 9035f338eb081be2fc77dd77ee309c51 5252 web optional php5-mhash_5.2.0-9_amd64.deb cade69582ea7ed92dfa8bab4fea66bb6 71748 web optional php5-mysql_5.2.0-9_amd64.deb e8e36b42000240bc86107fd3baa9f58b 36396 web optional php5-odbc_5.2.0-9_amd64.deb 2cb996933af4f6570a20f59cdddfe58a 54140 web optional php5-pgsql_5.2.0-9_amd64.deb 960ae345ca18f1be2b2d73399f963ca2 9392 web optional php5-pspell_5.2.0-9_amd64.deb a537a5b3f8cfcfb8402903124e2b35af 4890 web optional php5-recode_5.2.0-9_amd64.deb a4e7823510821fce0c68c25b20bb016a 12044 web optional php5-snmp_5.2.0-9_amd64.deb 4509a839e04f3753142f040de60a7db4 38456 web optional php5-sqlite_5.2.0-9_amd64.deb 2f26efedbbce2e29809c04a9e3e83c08 19414 web optional php5-sybase_5.2.0-9_amd64.deb a90e52fa24061ff7adc03440fbfc64fe 17554 web optional php5-tidy_5.2.0-9_amd64.deb ca5010080aa4da1c2d546ab53cbbea92 39148 web optional php5-xmlrpc_5.2.0-9_amd64.deb 756966ec0d3a4a63fda91f8bd2a7e9a8 13014 web optional php5-xsl_5.2.0-9_amd64.deb cf3a91a050f826936d34fe06f6580b07 1036 web optional php5_5.2.0-9_all.deb 31ee85724cf978a49f0c416275359271 306940 web optional php-pear_5.2.0-9_all.deb
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFF6rnWynjLPm522B0RAphOAJ9vnh9X3hM4NYLFeaQXNZYWbVimXgCfcfEr stXacCId2TJXSc3hAxvyzcw= =2Jrl -----END PGP SIGNATURE----- Accepted: libapache-mod-php5_5.2.0-9_amd64.deb to pool/main/p/php5/libapache-mod-php5_5.2.0-9_amd64.deb libapache2-mod-php5_5.2.0-9_amd64.deb to pool/main/p/php5/libapache2-mod-php5_5.2.0-9_amd64.deb php-pear_5.2.0-9_all.deb to pool/main/p/php5/php-pear_5.2.0-9_all.deb php5-cgi_5.2.0-9_amd64.deb to pool/main/p/php5/php5-cgi_5.2.0-9_amd64.deb php5-cli_5.2.0-9_amd64.deb to pool/main/p/php5/php5-cli_5.2.0-9_amd64.deb php5-common_5.2.0-9_amd64.deb to pool/main/p/php5/php5-common_5.2.0-9_amd64.deb php5-curl_5.2.0-9_amd64.deb to pool/main/p/php5/php5-curl_5.2.0-9_amd64.deb php5-dev_5.2.0-9_amd64.deb to pool/main/p/php5/php5-dev_5.2.0-9_amd64.deb php5-gd_5.2.0-9_amd64.deb to pool/main/p/php5/php5-gd_5.2.0-9_amd64.deb php5-imap_5.2.0-9_amd64.deb to pool/main/p/php5/php5-imap_5.2.0-9_amd64.deb php5-interbase_5.2.0-9_amd64.deb to pool/main/p/php5/php5-interbase_5.2.0-9_amd64.deb php5-ldap_5.2.0-9_amd64.deb to pool/main/p/php5/php5-ldap_5.2.0-9_amd64.deb php5-mcrypt_5.2.0-9_amd64.deb to pool/main/p/php5/php5-mcrypt_5.2.0-9_amd64.deb php5-mhash_5.2.0-9_amd64.deb to pool/main/p/php5/php5-mhash_5.2.0-9_amd64.deb php5-mysql_5.2.0-9_amd64.deb to pool/main/p/php5/php5-mysql_5.2.0-9_amd64.deb php5-odbc_5.2.0-9_amd64.deb to pool/main/p/php5/php5-odbc_5.2.0-9_amd64.deb php5-pgsql_5.2.0-9_amd64.deb to pool/main/p/php5/php5-pgsql_5.2.0-9_amd64.deb php5-pspell_5.2.0-9_amd64.deb to pool/main/p/php5/php5-pspell_5.2.0-9_amd64.deb php5-recode_5.2.0-9_amd64.deb to pool/main/p/php5/php5-recode_5.2.0-9_amd64.deb php5-snmp_5.2.0-9_amd64.deb to pool/main/p/php5/php5-snmp_5.2.0-9_amd64.deb php5-sqlite_5.2.0-9_amd64.deb to pool/main/p/php5/php5-sqlite_5.2.0-9_amd64.deb php5-sybase_5.2.0-9_amd64.deb to pool/main/p/php5/php5-sybase_5.2.0-9_amd64.deb php5-tidy_5.2.0-9_amd64.deb to pool/main/p/php5/php5-tidy_5.2.0-9_amd64.deb php5-xmlrpc_5.2.0-9_amd64.deb to pool/main/p/php5/php5-xmlrpc_5.2.0-9_amd64.deb php5-xsl_5.2.0-9_amd64.deb to pool/main/p/php5/php5-xsl_5.2.0-9_amd64.deb php5_5.2.0-9.diff.gz to pool/main/p/php5/php5_5.2.0-9.diff.gz php5_5.2.0-9.dsc to pool/main/p/php5/php5_5.2.0-9.dsc php5_5.2.0-9_all.deb to pool/main/p/php5/php5_5.2.0-9_all.deb -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]