Yes, this has been fixed in hardy (8.04 LTS); however, I forgot to incorporate the bug number in the changelog entry for the hardy version. You are correct that this issue has not been addressed in precise, yet.
As for CVE-2012-0830, there is no separate bug report; the security team doesn't track all security issues via bug reports due to some inadequacies in launchpad. Issues are tracked publicly in the Ubuntu CVE tracker at http://people.canonical.com/~ubuntu-security/cve/ . Thanks! ** Changed in: php5 (Ubuntu Hardy) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/910296 Title: Please backport the upstream patch to prevent attacks based on hash collisions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
