I'm still not sure if the packages are affected at all, nevertheless I managed to use the patches from Debian: php5 (5.2.0-8+etch13). You need the following patches from debian/patches/ 139-CVE-2008-3659.patch 140-CVE-2008-3658.patch 141-CVE-2008-3660.patch
Then you need to update debian/patches/series and change some small things in 141-CVE-2008-3660.patch (I can post that, if somebody is interested). -- CVE-2008-3658,2008-3659,2008-3660 https://bugs.launchpad.net/bugs/286851 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in ubuntu. -- Ubuntu-server-bugs mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
