Accepted php4 6:4.4.4-9 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 27 Feb 2007 00:51:22 +0100
Source: php4
Binary: php4-sybase php4-recode php4-pspell php4-cgi libapache-mod-php4 php4-interbase php4-mcrypt php4-cli php4-dev php4-snmp libapache2-mod-php4 php4-odbc php4-xslt php4-mysql php4-domxml php4-gd php4-ldap php4-imap php4-common php4 php4-curl php4-pear php4-mcal php4-pgsql php4-mhash
Architecture: source i386 all
Version: 6:4.4.4-9
Distribution: unstable
Urgency: high
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Changed-By: sean finney <seanius@debian.org>
Description:
libapache-mod-php4 - server-side, HTML-embedded scripting language (apache 1.3 module)
libapache2-mod-php4 - server-side, HTML-embedded scripting language (apache 2 module)
php4 - server-side, HTML-embedded scripting language (meta-package)
php4-cgi - server-side, HTML-embedded scripting language (CGI binary)
php4-cli - command-line interpreter for the php4 scripting language
php4-common - Common files for packages built from the php4 source
php4-curl - CURL module for php4
php4-dev - Files for PHP4 module development
php4-domxml - XMLv2 module for php4
php4-gd - GD module for php4
php4-imap - IMAP module for php4
php4-interbase - interbase/firebird module for php4
php4-ldap - LDAP module for php4
php4-mcal - MCAL calendar module for php4
php4-mcrypt - MCrypt module for php4
php4-mhash - MHASH module for php4
php4-mysql - MySQL module for php4
php4-odbc - ODBC module for php4
php4-pear - PHP Extension and Application Repository (transitional package)
php4-pgsql - PostgreSQL module for php4
php4-pspell - pspell module for php4
php4-recode - Character recoding module for php4
php4-snmp - SNMP module for php4
php4-sybase - Sybase / MS SQL Server module for php4
php4-xslt - XSLT module for php4
Closes: 400306
Changes:
php4 (6:4.4.4-9) unstable; urgency=high
.
[ sean finney ]
* The following security issues are addressed with this update:
- CVE-2007-0906: Multiple buffer overflows in various code:
* session (addressed in patch for CVE-2007-0910 below)
* imap (062-CVE-2007-0906-imap.patch)
* str_replace: (064-CVE-2007-0906-strreplace.patch)
* interbase: (063-CVE-2007-0906-interbase.patch)
* the zip, sqlite, stream filters, and mail related vulnerabilities
in this CVE do not affect the debian sarge php4 source package.
- CVE-2007-0907: sapi_header_op buffer underflow (065-CVE-2007-0907.patch)
- CVE-2007-0908: wddx information disclosure (066-CVE-2007-0908.patch)
- CVE-2007-0909: More buffer overflows:
* the odbc_result_all function (067-CVE-2007-0909-odbc.patch)
* various formatted print functions (068-CVE-2007-0909-printf.patch)
- CVE-2007-0910: Clobbering of super-globals (069-CVE-2007-0910.patch)
- CVE-2007-0988: 64bit unserialize DoS (070-CVE-2007-0988.patch)
* The package maintainers would like to thank Joe Orton from redhat and
Martin Pitt from ubuntu for their help in preparation of this update.
* Update package information to say simply "Apache 2" instead
of "Apache 2.0" (closes: #400306).
* Update php4-gd Description to make more sense and mention
Freetype fonts.
* Add mention to README.Debian of needing to restart apache when
installing modules.
* high urgency due to numerous security fixes.
Files:
4df66e08083db0bf318752bbd664fa48 1989 web optional php4_4.4.4-9.dsc
cd51a123843da7e404a6a12a3651b83c 96890 web optional php4_4.4.4-9.diff.gz
e7ad2e5d9e4ee29f423d8af8d2a5724e 206400 web optional php4-common_4.4.4-9_i386.deb
3324e7588316794f2d370f00c8580934 1595124 web optional libapache-mod-php4_4.4.4-9_i386.deb
ff4ee923682862451cf7bf0d4ee6f1d6 1596746 web optional libapache2-mod-php4_4.4.4-9_i386.deb
7288ba63428d2d7cf2c66f3e799af047 3175442 web optional php4-cgi_4.4.4-9_i386.deb
cca89ac23709c452eed7ba6b8e1b4c49 1596574 web optional php4-cli_4.4.4-9_i386.deb
b7bae56d6768dd4cc13eb40b3517881d 201152 devel optional php4-dev_4.4.4-9_i386.deb
cb70a48c2670a8390bbf29985f4e14b3 15918 web optional php4-curl_4.4.4-9_i386.deb
ec33ba9c269607b6a04ee5e2f5890399 35028 web optional php4-domxml_4.4.4-9_i386.deb
ef43a12c07a605888e87dc0fc3682019 29644 web optional php4-gd_4.4.4-9_i386.deb
be04a78ae6f3e21518df762e7a6c5220 33230 web optional php4-imap_4.4.4-9_i386.deb
8482780734360b6769415a2d3c4a032d 23144 web optional php4-interbase_4.4.4-9_i386.deb
6a50093df53bfeff1f5c80ea2680c5f2 17046 web optional php4-ldap_4.4.4-9_i386.deb
c553a43f9c324dbadead36bbfdfc93e4 14054 web optional php4-mcal_4.4.4-9_i386.deb
159ad5a24fdaea83469b96e22eecc115 13150 web optional php4-mcrypt_4.4.4-9_i386.deb
71d5db1290ab79d92d034617356be08c 5034 web optional php4-mhash_4.4.4-9_i386.deb
3802e9ccc127fab1315d618ce3cd069a 18540 web optional php4-mysql_4.4.4-9_i386.deb
35b6c885fa1fd2fa6e465abeb99f0dc5 24542 web optional php4-odbc_4.4.4-9_i386.deb
59da6c16196e9acfcb40002bd2d6b9e5 33828 web optional php4-pgsql_4.4.4-9_i386.deb
dd6f844e8de6edba2fb86785c9ada51b 8426 web optional php4-pspell_4.4.4-9_i386.deb
359bab9a544660fa726f5cdcc31146a8 4746 web optional php4-recode_4.4.4-9_i386.deb
ea78ed271642cb04cbd69cbecdca3ea3 10254 web optional php4-snmp_4.4.4-9_i386.deb
1d0c77c5d08815a2c21d046e6585698b 18040 web optional php4-sybase_4.4.4-9_i386.deb
7f489876713c295c6a2a41da30940615 13194 web optional php4-xslt_4.4.4-9_i386.deb
d3b241f1b674e08de7a3b1c76a086643 1160 web optional php4_4.4.4-9_all.deb
3a7a283aca70efe0142aabc285258baf 1174 web optional php4-pear_4.4.4-9_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFF6sItynjLPm522B0RAgiTAKCEml4CYBAyUgqHdTkSFIT3IDw17ACdHMV9
5IqvgOCY324yU7q42iqwGIs=
=W/TF
-----END PGP SIGNATURE-----
Accepted:
libapache-mod-php4_4.4.4-9_i386.deb
to pool/main/p/php4/libapache-mod-php4_4.4.4-9_i386.deb
libapache2-mod-php4_4.4.4-9_i386.deb
to pool/main/p/php4/libapache2-mod-php4_4.4.4-9_i386.deb
php4-cgi_4.4.4-9_i386.deb
to pool/main/p/php4/php4-cgi_4.4.4-9_i386.deb
php4-cli_4.4.4-9_i386.deb
to pool/main/p/php4/php4-cli_4.4.4-9_i386.deb
php4-common_4.4.4-9_i386.deb
to pool/main/p/php4/php4-common_4.4.4-9_i386.deb
php4-curl_4.4.4-9_i386.deb
to pool/main/p/php4/php4-curl_4.4.4-9_i386.deb
php4-dev_4.4.4-9_i386.deb
to pool/main/p/php4/php4-dev_4.4.4-9_i386.deb
php4-domxml_4.4.4-9_i386.deb
to pool/main/p/php4/php4-domxml_4.4.4-9_i386.deb
php4-gd_4.4.4-9_i386.deb
to pool/main/p/php4/php4-gd_4.4.4-9_i386.deb
php4-imap_4.4.4-9_i386.deb
to pool/main/p/php4/php4-imap_4.4.4-9_i386.deb
php4-interbase_4.4.4-9_i386.deb
to pool/main/p/php4/php4-interbase_4.4.4-9_i386.deb
php4-ldap_4.4.4-9_i386.deb
to pool/main/p/php4/php4-ldap_4.4.4-9_i386.deb
php4-mcal_4.4.4-9_i386.deb
to pool/main/p/php4/php4-mcal_4.4.4-9_i386.deb
php4-mcrypt_4.4.4-9_i386.deb
to pool/main/p/php4/php4-mcrypt_4.4.4-9_i386.deb
php4-mhash_4.4.4-9_i386.deb
to pool/main/p/php4/php4-mhash_4.4.4-9_i386.deb
php4-mysql_4.4.4-9_i386.deb
to pool/main/p/php4/php4-mysql_4.4.4-9_i386.deb
php4-odbc_4.4.4-9_i386.deb
to pool/main/p/php4/php4-odbc_4.4.4-9_i386.deb
php4-pear_4.4.4-9_all.deb
to pool/main/p/php4/php4-pear_4.4.4-9_all.deb
php4-pgsql_4.4.4-9_i386.deb
to pool/main/p/php4/php4-pgsql_4.4.4-9_i386.deb
php4-pspell_4.4.4-9_i386.deb
to pool/main/p/php4/php4-pspell_4.4.4-9_i386.deb
php4-recode_4.4.4-9_i386.deb
to pool/main/p/php4/php4-recode_4.4.4-9_i386.deb
php4-snmp_4.4.4-9_i386.deb
to pool/main/p/php4/php4-snmp_4.4.4-9_i386.deb
php4-sybase_4.4.4-9_i386.deb
to pool/main/p/php4/php4-sybase_4.4.4-9_i386.deb
php4-xslt_4.4.4-9_i386.deb
to pool/main/p/php4/php4-xslt_4.4.4-9_i386.deb
php4_4.4.4-9.diff.gz
to pool/main/p/php4/php4_4.4.4-9.diff.gz
php4_4.4.4-9.dsc
to pool/main/p/php4/php4_4.4.4-9.dsc
php4_4.4.4-9_all.deb
to pool/main/p/php4/php4_4.4.4-9_all.deb