Accepted php5 5.3.3.1-7+squeeze27 (source i386 all) into squeeze-lts
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 27 Jul 2015 18:17:00 +0200
Source: php5
Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-dev php5-dbg php-pear php5-curl php5-enchant php5-gd php5-gmp php5-imap php5-interbase php5-intl php5-ldap php5-mcrypt php5-mysql php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl
Architecture: source i386 all
Version: 5.3.3.1-7+squeeze27
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module)
libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo
php-pear - PEAR - PHP Extension and Application Repository
php5 - server-side, HTML-embedded scripting language (metapackage)
php5-cgi - server-side, HTML-embedded scripting language (CGI binary)
php5-cli - command-line interpreter for the php5 scripting language
php5-common - Common files for packages built from the php5 source
php5-curl - CURL module for php5
php5-dbg - Debug symbols for PHP5
php5-dev - Files for PHP5 module development
php5-enchant - Enchant module for php5
php5-gd - GD module for php5
php5-gmp - GMP module for php5
php5-imap - IMAP module for php5
php5-interbase - interbase/firebird module for php5
php5-intl - internationalisation module for php5
php5-ldap - LDAP module for php5
php5-mcrypt - MCrypt module for php5
php5-mysql - MySQL module for php5
php5-odbc - ODBC module for php5
php5-pgsql - PostgreSQL module for php5
php5-pspell - pspell module for php5
php5-recode - recode module for php5
php5-snmp - SNMP module for php5
php5-sqlite - SQLite module for php5
php5-sybase - Sybase / MS SQL Server module for php5
php5-tidy - tidy module for php5
php5-xmlrpc - XML-RPC module for php5
php5-xsl - XSL module for php5
Changes:
php5 (5.3.3.1-7+squeeze27) squeeze-lts; urgency=high
.
* Non-maintainer upload by the Squeeze LTS Team.
* CVE-2015-3307
The phar_parse_metadata function in ext/phar/phar.c in PHP before
5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote
attackers to cause a denial of service (heap metadata corruption)
or possibly have unspecified other impact via a crafted tar archive.
* CVE-2015-3411 + CVE-2015-3412
Fixed bug #69353 (Missing null byte checks for paths in various
PHP extensions)
* CVE-2015-4021
The phar_parse_tarfile function in ext/phar/tar.c in PHP
before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9
does not verify that the first character of a filename is
different from the \0 character, which allows remote attackers
to cause a denial of service (integer underflow and memory
corruption) via a crafted entry in a tar archive.
* CVE-2015-4022
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP
before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows
remote FTP servers to execute arbitrary code via a long reply to a
LIST command, leading to a heap-based buffer overflow.
* CVE-2015-4025
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9
truncates a pathname upon encountering a \x00 character in certain
situations, which allows remote attackers to bypass intended
extension restrictions and access files or directories with
unexpected names via a crafted argument to (1) set_include_path,
(2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability
exists because of an incomplete fix for CVE-2006-7243.
* CVE-2015-4026
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before
5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering
a \x00 character, which might allow remote attackers to bypass
intended extension restrictions and execute files with unexpected
names via a crafted first argument. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2006-7243.
* CVE-2015-4147
The SoapClient::__call method in ext/soap/soap.c in PHP before
5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not
verify that __default_headers is an array, which allows remote
attackers to execute arbitrary code by providing crafted
serialized data with an unexpected data type, related to a "type
confusion" issue.
* CVE-2015-4148
The do_soap_call function in ext/soap/soap.c in PHP before 5.4.39,
5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that
the uri property is a string, which allows remote attackers to
obtain sensitive information by providing crafted serialized data
with an int data type, related to a "type confusion" issue.
* CVE-2015-4598
Incorrect handling of paths with NULs
* CVE-2015-4599
Type confusion vulnerability in exception::getTraceAsString
* CVE-2015-4600 + CVE-2015-4601
Added type checks
* CVE-2015-4602
Type Confusion Infoleak Vulnerability in unserialize() with SoapFault
* CVE-2015-4604 + CVE-2015-4605
denial of service when processing a crafted file with Fileinfo
(already fixed in CVE-2015-temp-68819.patch)
* CVE-2015-4643
Improved fix for bug #69545 (Integer overflow in ftp_genlist()
resulting in heap overflow)
* CVE-2015-4644
Fixed bug #69667 (segfault in php_pgsql_meta_data)
* CVE-2015-5589
Segfault in Phar::convertToData on invalid file
* CVE-2015-5590
Buffer overflow and stack smashing error in phar_fix_filepath
Checksums-Sha1:
7e9917754d1cefae077ab9000616d8cc673a6296 3324 php5_5.3.3.1-7+squeeze27.dsc
5766661aeb72cfd1e7d6d723339dbd3988a23e62 14836699 php5_5.3.3.1-7+squeeze27.tar.gz
867e915d85a0bc74861bef155cfd5fa21474155a 559460 php5-common_5.3.3.1-7+squeeze27_i386.deb
7fa55cc5ccfdefab08c2ea18aee262e0401c7949 2891838 libapache2-mod-php5_5.3.3.1-7+squeeze27_i386.deb
eefd06d547862e13f456159180c447374138b8bf 2890894 libapache2-mod-php5filter_5.3.3.1-7+squeeze27_i386.deb
e86e8d5c87403794eb30b06e5560794221bf077b 5722922 php5-cgi_5.3.3.1-7+squeeze27_i386.deb
1b19e11d5bbd5733454240a87a34a1edb207a1f3 2861504 php5-cli_5.3.3.1-7+squeeze27_i386.deb
f679e7aa1fdd867e314f31177c0d848d0aabf21a 409592 php5-dev_5.3.3.1-7+squeeze27_i386.deb
eaa510f32a15815cadce8de031899cdf88a8bd4e 10472480 php5-dbg_5.3.3.1-7+squeeze27_i386.deb
b40b902749a8adb65c47c2124d17d2eae6925e3a 25574 php5-curl_5.3.3.1-7+squeeze27_i386.deb
d2a034de930a9e24c4f9103d2a4ef4be1e03e996 7816 php5-enchant_5.3.3.1-7+squeeze27_i386.deb
5bab09f216cf9cf13d77a3665baf3df9a00be70a 34812 php5-gd_5.3.3.1-7+squeeze27_i386.deb
555e8dabe641a361a1364a78a48b133cdda04c9b 14172 php5-gmp_5.3.3.1-7+squeeze27_i386.deb
952d30797c7cd8d5f97b29b0e7597391f6b1a6eb 31786 php5-imap_5.3.3.1-7+squeeze27_i386.deb
9fe61dabe782509e0a060ab0e6726a995041caa4 46510 php5-interbase_5.3.3.1-7+squeeze27_i386.deb
db93f7312861059ca7a382a3f09c736d8d3179c9 54032 php5-intl_5.3.3.1-7+squeeze27_i386.deb
2561c53e7388fe8bfc6cc2caeffa5e163b6e65cd 17544 php5-ldap_5.3.3.1-7+squeeze27_i386.deb
289acf5bc4bb8d6e5d56e6d72367d394b2a6060d 13534 php5-mcrypt_5.3.3.1-7+squeeze27_i386.deb
3dbe9b668a10f549215696af35038d5c90a0ae61 66418 php5-mysql_5.3.3.1-7+squeeze27_i386.deb
c0121e46bc1e20da0b011ff508a3aa910fbedfc2 31354 php5-odbc_5.3.3.1-7+squeeze27_i386.deb
ebe7291e266c57efa7ec3bfd47c372bc9e04b25f 54946 php5-pgsql_5.3.3.1-7+squeeze27_i386.deb
0f90129cb26c46531d6abc54197bda2586dec5b0 7320 php5-pspell_5.3.3.1-7+squeeze27_i386.deb
ff50fc17754e3635ccba6994dbb1d85a0682bdd5 4088 php5-recode_5.3.3.1-7+squeeze27_i386.deb
565205cff53553087a33bdcf394298b6345c4cbe 10216 php5-snmp_5.3.3.1-7+squeeze27_i386.deb
edc6aafe34e7acd1cf7aceca6a5921f54a30c14d 48090 php5-sqlite_5.3.3.1-7+squeeze27_i386.deb
fd767c7cffb737fc4bf9ba6316098bbdcc033faa 23246 php5-sybase_5.3.3.1-7+squeeze27_i386.deb
da9855842b857fc70926b3ac1b4c7e2101f66515 16398 php5-tidy_5.3.3.1-7+squeeze27_i386.deb
f57492e0f0d75ddbf0022873d8815b35993872b2 31890 php5-xmlrpc_5.3.3.1-7+squeeze27_i386.deb
370ff50996e4beead98ddbec02927dfe4330e009 12986 php5-xsl_5.3.3.1-7+squeeze27_i386.deb
b93e6b7930272009b6b733cc572e881f4b47d197 1062 php5_5.3.3.1-7+squeeze27_all.deb
a3787eb42aec55cccce503d67c41452a39e7efd4 360404 php-pear_5.3.3.1-7+squeeze27_all.deb
Checksums-Sha256:
0f1d2e407ec6d9b620db6a494da2d7ac7279aec5fab3d8858e4908867ce9cbd3 3324 php5_5.3.3.1-7+squeeze27.dsc
99fe749206314344481e88918c1219be6c826950d5eda7bcbcb41bf5dfe5c711 14836699 php5_5.3.3.1-7+squeeze27.tar.gz
4389d8fd7a45d55fd58df14cb612d3dc2b7151bb1ac0e5be1ca577dfafb5cd4b 559460 php5-common_5.3.3.1-7+squeeze27_i386.deb
4f88135f37bd663561531427391b726c2393205d0f2218ebb5f0538a5f0ab3e0 2891838 libapache2-mod-php5_5.3.3.1-7+squeeze27_i386.deb
0ee3cd9f750926ea1c680ec90f06048988b6e5e920c38219a722910aaed8b952 2890894 libapache2-mod-php5filter_5.3.3.1-7+squeeze27_i386.deb
0d69b3996b23358a3651887082ff012e3db338acc4700f19bb5593f8d8f83ec4 5722922 php5-cgi_5.3.3.1-7+squeeze27_i386.deb
f95907f8cbe427f85cd28819fe23a449731e6d0be583cc8e85239ab5ded7332d 2861504 php5-cli_5.3.3.1-7+squeeze27_i386.deb
d3e486581f886891aa9ff5fd9a32005c1d696a3b0b9d0c4ffd00e573ab370a8b 409592 php5-dev_5.3.3.1-7+squeeze27_i386.deb
c8bffa87fd1c80012a269b43c76d08bbcea3fd8dd86b0322fe6c1837d3c2fada 10472480 php5-dbg_5.3.3.1-7+squeeze27_i386.deb
903b8457fe9d0ac1551115e8abb3f55a0a869bfff669302b69db64fab53aee3e 25574 php5-curl_5.3.3.1-7+squeeze27_i386.deb
66765944f8baca045e1c7953ba1610bb5d020d0d867ec881317a0e910a3b8d57 7816 php5-enchant_5.3.3.1-7+squeeze27_i386.deb
a43523da169c3561fbd145c4ff1b2429ab2779d48947cb5b5fe0dbaaa9bf76cb 34812 php5-gd_5.3.3.1-7+squeeze27_i386.deb
f5fda58b2c56f8fac9a1bd69c84ce3426cf3225b1cdeb6ba21dbf04ad991ff82 14172 php5-gmp_5.3.3.1-7+squeeze27_i386.deb
4b3dec5040b30d2dffae8b82d993f47a74d693040754b47d7b45a7f36a7574cb 31786 php5-imap_5.3.3.1-7+squeeze27_i386.deb
934ea42fbd162cdec05c43b4a2db29868a5c3f65c037ee9dce2b7b64c9aac6e7 46510 php5-interbase_5.3.3.1-7+squeeze27_i386.deb
ecede20fd6f647778fc027d3972be6f5a4efca0a8d1106ca706730d11e0abd6e 54032 php5-intl_5.3.3.1-7+squeeze27_i386.deb
561e5d9c24da8a15c8777dffd1a22061d14e11efd3196f68fa96d1267d04f3ec 17544 php5-ldap_5.3.3.1-7+squeeze27_i386.deb
30ccff7d3735ff19d09667cff26ad42cd65809fe7cab2cee63df07936b808577 13534 php5-mcrypt_5.3.3.1-7+squeeze27_i386.deb
ab4bc27d69542d61d06830c63463f6df0aedc9133b1562627c8091be1eca13d5 66418 php5-mysql_5.3.3.1-7+squeeze27_i386.deb
0a8016fc615de064b046e0c789a12e1c36bd0ec54f10db3f366c7f846397336b 31354 php5-odbc_5.3.3.1-7+squeeze27_i386.deb
e6bb7dd187a3d640649cb87709d6279e6c8b1f183cdf7f8ddc7eca0f22ebf7e9 54946 php5-pgsql_5.3.3.1-7+squeeze27_i386.deb
b4b894a839bea4fff50d443a6f1982c4468321505f059961fdde26c2a657ec74 7320 php5-pspell_5.3.3.1-7+squeeze27_i386.deb
edafe4677c23f953843fc7cff332e9a180f9f44f512c83a2b898ffc6a3949e54 4088 php5-recode_5.3.3.1-7+squeeze27_i386.deb
49782c6543ddaad55b73e8ca089bc87d08ba303296d75d504b4b5171797675c4 10216 php5-snmp_5.3.3.1-7+squeeze27_i386.deb
f161d2e9d5c3f3100f31057eae6afacb052a1737d12191c783c0a64d2cb0ce12 48090 php5-sqlite_5.3.3.1-7+squeeze27_i386.deb
ff851477717b7b34d708751b71bfec2f7be5c4f6bad239e5fe6fb23a3de5e517 23246 php5-sybase_5.3.3.1-7+squeeze27_i386.deb
42feb0933d560498f858655233ca0cbba4891216106ef4c6c91f5fe262993dbf 16398 php5-tidy_5.3.3.1-7+squeeze27_i386.deb
fb055c334aa846f84230287e263ebaf613c41e0be94c405ece52581580491906 31890 php5-xmlrpc_5.3.3.1-7+squeeze27_i386.deb
9819d52f120bfcb357f79d5ea363f3dd17f96ddd7bc9497cec72e44d90a7a09f 12986 php5-xsl_5.3.3.1-7+squeeze27_i386.deb
532a41bdc96717717c4018327c3e2720ae02a4d1b4d0fab49e2049360c89cac6 1062 php5_5.3.3.1-7+squeeze27_all.deb
ab6edb1a0c655aff3ed3cc2739d417eee9b93d3808876b552994dae66cf18d6c 360404 php-pear_5.3.3.1-7+squeeze27_all.deb
Files:
383aed0cb8ddf112ec791191070e486b 3324 php optional php5_5.3.3.1-7+squeeze27.dsc
8f018e2113769bced414e78da9db7890 14836699 php optional php5_5.3.3.1-7+squeeze27.tar.gz
00c93a3ac89f7a58e2861ce1c3810aae 559460 php optional php5-common_5.3.3.1-7+squeeze27_i386.deb
5d5153bde4e5c23d7761e8984300d612 2891838 httpd optional libapache2-mod-php5_5.3.3.1-7+squeeze27_i386.deb
c86dd94fcad05b61f9c8b52c0ce7653a 2890894 httpd optional libapache2-mod-php5filter_5.3.3.1-7+squeeze27_i386.deb
f4697ea16c274f7227b0f1543e338182 5722922 php optional php5-cgi_5.3.3.1-7+squeeze27_i386.deb
ba2ced0499f41a1a6361ed5173f6b7fd 2861504 php optional php5-cli_5.3.3.1-7+squeeze27_i386.deb
31713c71802d46d3d92e7a943a6133e2 409592 php optional php5-dev_5.3.3.1-7+squeeze27_i386.deb
a064a143919900ddba8e3f6f29fc9f15 10472480 debug extra php5-dbg_5.3.3.1-7+squeeze27_i386.deb
39702f95cee286df599f97477fe06ded 25574 php optional php5-curl_5.3.3.1-7+squeeze27_i386.deb
39b848f39cdbc3438ee5be023f1835b2 7816 php optional php5-enchant_5.3.3.1-7+squeeze27_i386.deb
1a06965cb6a8eb5da0f58ecab9b50050 34812 php optional php5-gd_5.3.3.1-7+squeeze27_i386.deb
faa6b00b7541d3b4833b7fbe22b05247 14172 php optional php5-gmp_5.3.3.1-7+squeeze27_i386.deb
b7c365bc7b968d9f9e75f920c1c4f526 31786 php optional php5-imap_5.3.3.1-7+squeeze27_i386.deb
ff7d85b2d6b5a8957b531f5b24822fa1 46510 php optional php5-interbase_5.3.3.1-7+squeeze27_i386.deb
31886145cf86e91c14d3fa601fde6021 54032 php optional php5-intl_5.3.3.1-7+squeeze27_i386.deb
e8e5908cade0ab601e906f4c8482263c 17544 php optional php5-ldap_5.3.3.1-7+squeeze27_i386.deb
b4992eba15e1f326b913272f9e560ffe 13534 php optional php5-mcrypt_5.3.3.1-7+squeeze27_i386.deb
c80b8345d239ab5419bc9e2de438d07a 66418 php optional php5-mysql_5.3.3.1-7+squeeze27_i386.deb
e0ceaba3e488153ac40c8aa8147d1bf2 31354 php optional php5-odbc_5.3.3.1-7+squeeze27_i386.deb
36a987fe357888f7d35cf50202248f9e 54946 php optional php5-pgsql_5.3.3.1-7+squeeze27_i386.deb
82c7068ef9c497db110e02299d55b55f 7320 php optional php5-pspell_5.3.3.1-7+squeeze27_i386.deb
da625b5dbca55fb6249e346c0a806f6e 4088 php optional php5-recode_5.3.3.1-7+squeeze27_i386.deb
e9d44bed9c75214fbfd0272ee53a79b0 10216 php optional php5-snmp_5.3.3.1-7+squeeze27_i386.deb
14bd931d0f2aaf0bbfa0d9b54746f04f 48090 php optional php5-sqlite_5.3.3.1-7+squeeze27_i386.deb
ae302df2b4ddbc4bcc5ccd7579464a7b 23246 php optional php5-sybase_5.3.3.1-7+squeeze27_i386.deb
28af334bbbf050dbfc5bf356d5450294 16398 php optional php5-tidy_5.3.3.1-7+squeeze27_i386.deb
66616091083a711cf624bf4669deda36 31890 php optional php5-xmlrpc_5.3.3.1-7+squeeze27_i386.deb
258be7f1a8aed785bfb68a56fd1ccabe 12986 php optional php5-xsl_5.3.3.1-7+squeeze27_i386.deb
205db437eb6a538b072f2557b024f108 1062 php optional php5_5.3.3.1-7+squeeze27_all.deb
aa34c8a943ad138a8641e81b7e969280 360404 php optional php-pear_5.3.3.1-7+squeeze27_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJV7PJUXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHRskQAKZsEtpqBr9FLIKi48CLV8kz
mJnyaC2iNPwe505oYtLjZUjr6y14LJWX+GmYmjFM58IYlMSLbDuHVoCjP/T3d3QI
XzSuXTRRCbW7CRyybaN6hheH8bNMefQqQbYfv2ApX1pcMTBRc45Bla0PRTPWsuAP
a4456pN3X0TmgWs2RXBNpRnTB2wTnMhMurN4aL8nUVTManyGQga6V5NpxJfZLpSR
C5oagVCjbLdd0jUKO2//OxMwNcTEAZpD3ZLJqJbdcpmhzc8/862Or0oG3qB1oOkC
yO5LXEeo6D+Xt5AaJi7Ka2R2Bk96FCpyuBN20/d91Mr7ZJk3YmAN98Yxesog6qYT
/gOHFxc7RLVuVeDOV9SIQopQDgmkPEMlbep+Rp3/IV0w8kH+3CDzOJ+87ST+CYTA
hTHabTwH4QEoKo8jhN/6T7uceABBkx9oVeRpZBUjCMCGCgem7rtH6rq8vMz1i0C1
DG1HkA/zsKBdWBdDqmKOVaP5Fz+PhPC5b4X7nGJ1xU4mPF4ICpxmWbMAKM3fDWNz
kNeuW7ZERGerXV2222Yy4uK3ntDK7qg/fjcRpdYaKz5D+nIvzG92hwBWPXbJXIFQ
QYj3lmcy/wYHDezj7RcsbfISOxkZhupUsK9BB87YS0/yMOBT0L6GmPIExIGBV/WC
YWxF6IfUCptskAcSgMM5
=zCvQ
-----END PGP SIGNATURE-----