*** This bug is a security vulnerability ***
Public security bug reported:
Binary package hint: php5
PHP 5.2.6 fixes important security bugs
From the release log:
Security Fixes
* Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin)
* Properly address incomplete
** Bug watch added: Debian Bug tracker #479723
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479723
** Also affects: php5 (Debian) via
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=479723
Importance: Unknown
Status: Unknown
--
PHP 5.2.6 fixes important security bugs
Fix released in Debian onMay 11.
Fixes are available both upstream in Debian and upstream in main package.
How can I help move this bug along?
--
PHP 5.2.6 fixes important security bugs
https://bugs.launchpad.net/bugs/227464
You received this bug notification because you are a member of Ubuntu
I'm sorry for whining to the people who are subscribed to and care about this
bug, but over 2 months since the release of a package with 3 claimed remotely
exploitable code injection bugs makes me VERY hesitant to ever recommend Ubuntu
for server use ever again.
By this time even the slow
Impact:
Fixed possible stack buffer overflow in FastCGI SAPI
Impact:Potential DOS and remote code execution if using FastCGI
Updated PCRE to deal with issues fixed in USN-581-1
Impact:potential DOS and code execution
Fixes CVE-2008-0599
Impact:Potential DOS and remote code
