Accepted php4 4:4.3.10-20 (source i386 all)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Mon, 23 Apr 2007 18:19:17 +0200
Source: php4
Binary: php4-cgi php4-sybase php4-recode libapache-mod-php4 php4-cli php4-dev libapache2-mod-php4 php4-snmp php4-odbc php4-xslt php4-mysql php4-domxml php4-gd php4-ldap php4-imap php4-common php4-curl php4 php4-pear php4-mcal php4-mhash
Architecture: source i386 all
Version: 4:4.3.10-20
Distribution: oldstable-security
Urgency: high
Maintainer: Adam Conrad <adconrad@0c3.net>
Changed-By: sean finney <seanius@debian.org>
Description:
libapache-mod-php4 - server-side, HTML-embedded scripting language (apache 1.3 module)
libapache2-mod-php4 - server-side, HTML-embedded scripting language (apache 2.0 module)
php4 - server-side, HTML-embedded scripting language (meta-package)
php4-cgi - server-side, HTML-embedded scripting language (CGI binary)
php4-cli - command-line interpreter for the php4 scripting language
php4-common - Common files for packages built from the php4 source
php4-curl - CURL module for php4
php4-dev - Files for PHP4 module development
php4-domxml - XMLv2 module for php4
php4-gd - GD module for php4
php4-imap - IMAP module for php4
php4-ldap - LDAP module for php4
php4-mcal - MCAL calendar module for php4
php4-mhash - MHASH module for php4
php4-mysql - MySQL module for php4
php4-odbc - ODBC module for php4
php4-pear - PEAR - PHP Extension and Application Repository
php4-recode - Character recoding module for php4
php4-snmp - SNMP module for php4
php4-sybase - Sybase / MS SQL Server module for php4
php4-xslt - XSLT module for php4
Changes:
php4 (4:4.3.10-20) oldstable-security; urgency=high
.
* NMU prepared for the security team by the package maintainer.
* The following security issues are addressed with this update:
- CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability
* note that this is an update to the previous version of the upstream
fix for CVE-2007-0910, which introduced a seperate exploit path.
- CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow
- CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak
- CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability
- CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln.
- CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability
* The other security issues resulting from the "Month of PHP bugs" either
did not affect the version of php4 shipped in sarge, or did not merit
a security update according to the established security policy for php
in debian. You are encouraged to verify that your configuration is not
affected by any of the other vulnerabilities by visiting:
http://www.php-security.org/
Files:
01afd17e8897a2ef890c00ab7946f4a6 1686 web optional php4_4.3.10-20.dsc
73f5d1f42e34efa534a09c6091b5a21e 4892209 web optional php4_4.3.10.orig.tar.gz
0cd90e33b3c9b935e2a70ccb52c00b31 530810 web optional php4_4.3.10-20.diff.gz
a70cf71baca4b197ba846b20926ec90a 168646 web optional php4-common_4.3.10-20_i386.deb
0788c4bf41dee1f9cac03ef7536d7468 1614290 web optional libapache-mod-php4_4.3.10-20_i386.deb
64c56e2e2bcb4ba34652ab4638c64ece 17896 web optional php4-curl_4.3.10-20_i386.deb
33ba55c445cbb037d599c4409840494a 37234 web optional php4-domxml_4.3.10-20_i386.deb
2b24494070d5041e13095442cb3dd2f9 32390 web optional php4-gd_4.3.10-20_i386.deb
d312b15f47de9f7521439203085af0aa 37404 web optional php4-imap_4.3.10-20_i386.deb
b113e121c9bf8984f6217e3d88991fb4 19956 web optional php4-ldap_4.3.10-20_i386.deb
ca34f5559bf2aad0eab530168eefdc86 17680 web optional php4-mcal_4.3.10-20_i386.deb
e91216b621640a5df9ad47757b54f0ed 8034 web optional php4-mhash_4.3.10-20_i386.deb
3cac7bcfe64475759d6b50cb6dddbc05 21212 web optional php4-mysql_4.3.10-20_i386.deb
74e421f406597033ad808a2e9553436b 27142 web optional php4-odbc_4.3.10-20_i386.deb
867b4b6e92180463b56c066b97b9d21f 7700 web optional php4-recode_4.3.10-20_i386.deb
18212307871b1b99ad053037c90d45c1 16396 web optional php4-xslt_4.3.10-20_i386.deb
e6bcc87e86606fbcab7c2a661752808e 13150 web optional php4-snmp_4.3.10-20_i386.deb
e6eb33691768a6f9511d44e6f0095a76 21376 web optional php4-sybase_4.3.10-20_i386.deb
2e4481e12f311f835a8f77161922e087 3209678 web optional php4-cgi_4.3.10-20_i386.deb
5321cb8b52491099bbe3d7602df8500e 1609694 web optional php4-cli_4.3.10-20_i386.deb
2c32c61bb1c731518b39d645c09ffc72 325172 devel optional php4-dev_4.3.10-20_i386.deb
519f180dddbb4e625c31541e7d043aaa 1612106 web optional libapache2-mod-php4_4.3.10-20_i386.deb
a6884d893fc7798b47cd32601d71351c 1140 web optional php4_4.3.10-20_all.deb
044f2497171ee49cb5e8ad9e72c9ebcf 249996 web optional php4-pear_4.3.10-20_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFGLPGmXm3vHE4uyloRAgK+AJ9vOUn3XNcyC9EJMrOMrYIplmfCiACfcsOi
/h+TPD+oJaimxoXjFVgmJ6s=
=K1Fj
-----END PGP SIGNATURE-----
Accepted:
libapache-mod-php4_4.3.10-20_i386.deb
to pool/main/p/php4/libapache-mod-php4_4.3.10-20_i386.deb
libapache2-mod-php4_4.3.10-20_i386.deb
to pool/main/p/php4/libapache2-mod-php4_4.3.10-20_i386.deb
php4-cgi_4.3.10-20_i386.deb
to pool/main/p/php4/php4-cgi_4.3.10-20_i386.deb
php4-cli_4.3.10-20_i386.deb
to pool/main/p/php4/php4-cli_4.3.10-20_i386.deb
php4-common_4.3.10-20_i386.deb
to pool/main/p/php4/php4-common_4.3.10-20_i386.deb
php4-curl_4.3.10-20_i386.deb
to pool/main/p/php4/php4-curl_4.3.10-20_i386.deb
php4-dev_4.3.10-20_i386.deb
to pool/main/p/php4/php4-dev_4.3.10-20_i386.deb
php4-domxml_4.3.10-20_i386.deb
to pool/main/p/php4/php4-domxml_4.3.10-20_i386.deb
php4-gd_4.3.10-20_i386.deb
to pool/main/p/php4/php4-gd_4.3.10-20_i386.deb
php4-imap_4.3.10-20_i386.deb
to pool/main/p/php4/php4-imap_4.3.10-20_i386.deb
php4-ldap_4.3.10-20_i386.deb
to pool/main/p/php4/php4-ldap_4.3.10-20_i386.deb
php4-mcal_4.3.10-20_i386.deb
to pool/main/p/php4/php4-mcal_4.3.10-20_i386.deb
php4-mhash_4.3.10-20_i386.deb
to pool/main/p/php4/php4-mhash_4.3.10-20_i386.deb
php4-mysql_4.3.10-20_i386.deb
to pool/main/p/php4/php4-mysql_4.3.10-20_i386.deb
php4-odbc_4.3.10-20_i386.deb
to pool/main/p/php4/php4-odbc_4.3.10-20_i386.deb
php4-pear_4.3.10-20_all.deb
to pool/main/p/php4/php4-pear_4.3.10-20_all.deb
php4-recode_4.3.10-20_i386.deb
to pool/main/p/php4/php4-recode_4.3.10-20_i386.deb
php4-snmp_4.3.10-20_i386.deb
to pool/main/p/php4/php4-snmp_4.3.10-20_i386.deb
php4-sybase_4.3.10-20_i386.deb
to pool/main/p/php4/php4-sybase_4.3.10-20_i386.deb
php4-xslt_4.3.10-20_i386.deb
to pool/main/p/php4/php4-xslt_4.3.10-20_i386.deb
php4_4.3.10-20.diff.gz
to pool/main/p/php4/php4_4.3.10-20.diff.gz
php4_4.3.10-20.dsc
to pool/main/p/php4/php4_4.3.10-20.dsc
php4_4.3.10-20_all.deb
to pool/main/p/php4/php4_4.3.10-20_all.deb