[Bug 227464] [NEW] PHP 5.2.6 fixes important security bugs

spinkham Tue, 06 May 2008 13:05:18 -0700

*** This bug is a security vulnerability ***

Public security bug reported:


Binary package hint: php5

PHP 5.2.6 fixes important security bugs

>From the release log:
Security Fixes

    * Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei Nigmatulin)
    * Properly address incomplete multibyte chars inside escapeshellcmd() 
(Ilia, Stefan Esser)
    * Fixed security issue detailed in CVE-2008-0599. (Rasmus)
    * Fixed a safe_mode bypass in cURL identified by Maksymilian Arciemowicz. 
(Ilia)
    * Upgraded PCRE to version 7.6 (Nuno)

** Affects: php5 (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-0599

-- 
PHP 5.2.6 fixes important security bugs
https://bugs.launchpad.net/bugs/227464
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 227464] [NEW] PHP 5.2.6 fixes important security bugs

Reply via email to