Back to php4 PTS page

Accepted php4 4:4.3.10-19 (source i386 all)



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 27 Feb 2007 00:31:08 +0100
Source: php4
Binary: php4-cgi php4-sybase php4-recode libapache-mod-php4 php4-cli php4-dev libapache2-mod-php4 php4-snmp php4-odbc php4-xslt php4-mysql php4-domxml php4-gd php4-ldap php4-imap php4-common php4-curl php4 php4-pear php4-mcal php4-mhash
Architecture: source i386 all
Version: 4:4.3.10-19
Distribution: stable-security
Urgency: high
Maintainer: Adam Conrad <adconrad@0c3.net>
Changed-By: sean finney <seanius@debian.org>
Description: 
 libapache-mod-php4 - server-side, HTML-embedded scripting language (apache 1.3 module)
 libapache2-mod-php4 - server-side, HTML-embedded scripting language (apache 2.0 module)
 php4       - server-side, HTML-embedded scripting language (meta-package)
 php4-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php4-cli   - command-line interpreter for the php4 scripting language
 php4-common - Common files for packages built from the php4 source
 php4-curl  - CURL module for php4
 php4-dev   - Files for PHP4 module development
 php4-domxml - XMLv2 module for php4
 php4-gd    - GD module for php4
 php4-imap  - IMAP module for php4
 php4-ldap  - LDAP module for php4
 php4-mcal  - MCAL calendar module for php4
 php4-mhash - MHASH module for php4
 php4-mysql - MySQL module for php4
 php4-odbc  - ODBC module for php4
 php4-pear  - PEAR - PHP Extension and Application Repository
 php4-recode - Character recoding module for php4
 php4-snmp  - SNMP module for php4
 php4-sybase - Sybase / MS SQL Server module for php4
 php4-xslt  - XSLT module for php4
Changes: 
 php4 (4:4.3.10-19) stable-security; urgency=high
 .
   * NMU prepared for the security team by the package maintainer
   * The following security issues are addressed with this update:
     - CVE-2007-0906: Multiple buffer overflows in various code:
       * session (addressed in patch for CVE-2007-0910 below)
       * imap (CVE-2007-0906-imap.patch)
       * str_replace: (CVE-2007-0906-strreplace.patch)
       * the zip, sqlite, stream filters, mail, and interbase related
         vulnerabilities in this CVE do not affect the debian sarge php4
         source package.
     - CVE-2007-0907: Buffer underflow in sapi_header_op (CVE-2007-0907.patch)
     - CVE-2007-0908: wddx module information disclosure (CVE-2007-0908.patch)
     - CVE-2007-0909: More buffer overflows:
       * the odbc_result_all function (CVE-2007-0909-odbc.patch)
       * various formatted print functions (CVE-2007-0909-printf.patch)
     - CVE-2007-0910: Clobbering of super-global variables (CVE-2007-0910.patch)
     - CVE-2007-0988: DoS in unserialize on 64bit platforms (CVE-2007-0988.patch)
   * The package maintainers would like to thank Joe Orton from redhat and
     Martin Pitt from ubuntu for their help in the preparation of this update.
Files: 
 65acb80d308f7625e8ec91bb6e29eb29 1686 web optional php4_4.3.10-19.dsc
 c7c1e0ce432510ed48cd9e135a21a59e 283658 web optional php4_4.3.10-19.diff.gz
 9ab456c6fe0ed13f2e591f88a26f81d6 168222 web optional php4-common_4.3.10-19_i386.deb
 612dd25787db4bba5c0b54006c02d50b 1614182 web optional libapache-mod-php4_4.3.10-19_i386.deb
 92d2e8793dfca9be7576624beb4b0005 17892 web optional php4-curl_4.3.10-19_i386.deb
 317fd23c3687d861b8b4789c1ea381d1 37228 web optional php4-domxml_4.3.10-19_i386.deb
 d0655edb839dae2fa8ce269c84e91500 32384 web optional php4-gd_4.3.10-19_i386.deb
 95a94b237e75a4c1a64bcb592b351498 37402 web optional php4-imap_4.3.10-19_i386.deb
 9cd9bd8707c8b781e9196311f031ec02 19958 web optional php4-ldap_4.3.10-19_i386.deb
 4b6d7c1eca69b9b218617ac243fa08ad 17672 web optional php4-mcal_4.3.10-19_i386.deb
 d2efa8096dc22d3c83f8095bb1ab4041 8036 web optional php4-mhash_4.3.10-19_i386.deb
 042bca1661b147c7be77a69936793904 21218 web optional php4-mysql_4.3.10-19_i386.deb
 7bbf0a0bd2aee657573d7174f32f1ae7 27138 web optional php4-odbc_4.3.10-19_i386.deb
 449baf33502b9f48c083dc4b338979dd 7704 web optional php4-recode_4.3.10-19_i386.deb
 d58ba81b22439e5285d448c4316bf5f0 16400 web optional php4-xslt_4.3.10-19_i386.deb
 e1843d982173596abed784d8e7afcafa 13152 web optional php4-snmp_4.3.10-19_i386.deb
 629931e8d3024d1905071ec9dca9142b 21382 web optional php4-sybase_4.3.10-19_i386.deb
 5ac98a8a5649ea2ae6588c4e460ec90c 3209228 web optional php4-cgi_4.3.10-19_i386.deb
 ec3d17f2b3024ef5ed6e8b21c4286b26 1609646 web optional php4-cli_4.3.10-19_i386.deb
 1a382f30b8ece263b027cfcc35ecfe9c 325192 devel optional php4-dev_4.3.10-19_i386.deb
 9a67d7f1a9aade4bb3eed6b392077bf9 1612058 web optional libapache2-mod-php4_4.3.10-19_i386.deb
 bd2113b4fc760a9e2d81f67ccf24fcac 1142 web optional php4_4.3.10-19_all.deb
 8005785eca558044984ca6a66019c02f 250024 web optional php4-pear_4.3.10-19_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFF7IIpXm3vHE4uyloRAvp8AKDLzT4OfsSk8HJwXY99DgTdo/asUgCgo3WV
QlURcHUwuDvUck6UXG/7UWM=
=TzfQ
-----END PGP SIGNATURE-----


Accepted:
libapache-mod-php4_4.3.10-19_i386.deb
  to pool/main/p/php4/libapache-mod-php4_4.3.10-19_i386.deb
libapache2-mod-php4_4.3.10-19_i386.deb
  to pool/main/p/php4/libapache2-mod-php4_4.3.10-19_i386.deb
php4-cgi_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-cgi_4.3.10-19_i386.deb
php4-cli_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-cli_4.3.10-19_i386.deb
php4-common_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-common_4.3.10-19_i386.deb
php4-curl_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-curl_4.3.10-19_i386.deb
php4-dev_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-dev_4.3.10-19_i386.deb
php4-domxml_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-domxml_4.3.10-19_i386.deb
php4-gd_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-gd_4.3.10-19_i386.deb
php4-imap_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-imap_4.3.10-19_i386.deb
php4-ldap_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-ldap_4.3.10-19_i386.deb
php4-mcal_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-mcal_4.3.10-19_i386.deb
php4-mhash_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-mhash_4.3.10-19_i386.deb
php4-mysql_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-mysql_4.3.10-19_i386.deb
php4-odbc_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-odbc_4.3.10-19_i386.deb
php4-pear_4.3.10-19_all.deb
  to pool/main/p/php4/php4-pear_4.3.10-19_all.deb
php4-recode_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-recode_4.3.10-19_i386.deb
php4-snmp_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-snmp_4.3.10-19_i386.deb
php4-sybase_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-sybase_4.3.10-19_i386.deb
php4-xslt_4.3.10-19_i386.deb
  to pool/main/p/php4/php4-xslt_4.3.10-19_i386.deb
php4_4.3.10-19.diff.gz
  to pool/main/p/php4/php4_4.3.10-19.diff.gz
php4_4.3.10-19.dsc
  to pool/main/p/php4/php4_4.3.10-19.dsc
php4_4.3.10-19_all.deb
  to pool/main/p/php4/php4_4.3.10-19_all.deb