All Ubuntu package versions


AllRaringQuantalPreciseOneiricNattyLucidHardyAll PPAs
DashboardRecent Search QueriesSearch Statistics
Alphabetical listSearchBugs
Comments

Package "php5-cgi"

Name: php5-cgi

Description:

server-side, HTML-embedded scripting language (CGI binary)
This package provides the /usr/lib/cgi-bin/php5 CGI interpreter built
for use in Apache 2 with mod_actions, or any other CGI httpd that
supports a similar mechanism. Note that MOST Apache users probably
want the libapache2-mod-php5 package.
The following extensions are built in: bcmath bz2 calendar Core ctype date
dba dom ereg exif fileinfo filter ftp gettext hash iconv json libxml
mbstring mhash openssl pcre Phar posix Reflection session shmop SimpleXML
soap sockets SPL standard sysvmsg sysvsem sysvshm tokenizer wddx xml
xmlreader xmlwriter zip zlib.

PHP5 is an HTML-embedded scripting language. Much of its syntax is borrowed
from C, Java and Perl with a couple of unique PHP-specific features thrown
in. The goal of the language is to allow web developers to write dynamically
generated pages quickly. This version of PHP5 was built with the Suhosin patch.
Latest version: 5.3.2-1ubuntu4.19
Release: lucid (10.04)
Level: security
Repository: main
Head package: php5
Homepage: http://www.php.net/

Links

Save this URL for the latest version of "php5-cgi": http://www.ubuntuupdates.org/php5-cgi

All versions of this package Bug fixes
List of files in package Repository home page for package

Download "php5-cgi"

32-bit deb package 64-bit deb package APT INSTALL

Other versions of "php5-cgi" in Lucid

RepositoryAreaVersion
base main 5.3.2-1ubuntu4
updates main 5.3.2-1ubuntu4.19
PPA: nathan-renniewaldock ppa 5.4.15-1~ppa1~lucid

Change Log

Version: 5.3.2-1ubuntu4.13 2012-02-09 23:03:00 UTC

php5 (5.3.2-1ubuntu4.13) lucid-security; urgency=low

  * SECURITY UPDATE: memory allocation failure denial of service
    - debian/patches/php5-CVE-2011-4153.patch: check result of
      zend_strdup() and calloc() for failed allocations
    - CVE-2011-4153
  * SECURITY UPDATE: predictable hash collision denial of service
    (LP: #910296)
    - debian/patches/php5-CVE-2011-4885.patch: add max_input_vars
      directive with default limit of 1000
    - ATTENTION: this update changes previous php5 behavior by
      limiting the number of external input variables to 1000.
      This may be increased by adding a "max_input_vars"
      directive to the php.ini configuration file. See
      http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars
      for more information.
    - CVE-2011-4885
  * SECURITY UPDATE: remote code execution vulnerability introduced by
    the fix for CVE-2011-4885 (LP: #925772)
    - debian/patches/php5-CVE-2012-0830.patch: return rather than
      continuing if max_input_vars limit is reached
    - CVE-2012-0830
  * SECURITY UPDATE: XSLT arbitrary file overwrite attack
    - debian/patches/php5-CVE-2012-0057.patch: add xsl.security_prefs
      ini option to define forbidden operations within XSLT stylesheets
    - CVE-2012-0057
  * SECURITY UPDATE: PDORow session denial of service
    - debian/patches/php5-CVE-2012-0788.patch: fail gracefully when
      attempting to serialize PDORow instances
    - CVE-2012-0788
  * SECURITY UPDATE: magic_quotes_gpc remote disable vulnerability
    - debian/patches/php5-CVE-2012-0831.patch: always restore
      magic_quote_gpc on request shutdown
    - CVE-2012-0831
  * SECURITY UPDATE: arbitrary files removal via cronjob
    - debian/php5-common.php5.cron.d: take greater care when removing
      session files (overlooked in a previous update).
    - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09
    - CVE-2011-0441

 -- Steve Beattie Wed, 08 Feb 2012 20:55:57 -0800
Source diff to previous version
910296 Please backport the upstream patch to prevent attacks based on hash collisions
925772 UPDATE REQUEST: php53u 5.3.10 is available upstream
CVE-2011-4153 PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL p
CVE-2011-4885 PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote
CVE-2012-0830 The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a lar
CVE-2012-0057 PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that us
CVE-2012-0788 RESERVED
CVE-2012-0831 RESERVED
CVE-2011-0441 The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /v

Version: 5.3.2-1ubuntu4.11 2011-12-14 18:02:55 UTC

php5 (5.3.2-1ubuntu4.11) lucid-security; urgency=low

  * SECURITY UPDATE: Denial of service and possible information disclosure
    via exif integer overflow
    - debian/patches/php5-CVE-2011-4566.patch: fix count checks in
      ext/exif/exif.c.
    - CVE-2011-4566

 -- Marc Deslauriers Tue, 13 Dec 2011 09:16:21 -0500
Source diff to previous version
CVE-2011-4566 Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to

Version: 5.3.2-1ubuntu4.10 2011-10-17 23:02:12 UTC

php5 (5.3.2-1ubuntu4.10) lucid-security; urgency=low

  [ Angel Abad ]
  * SECURITY UPDATE: File path injection vulnerability in RFC1867 File
    upload filename (LP: #813115)
    - debian/patches/php5-CVE-2011-2202.patch:
    - CVE-2011-2202
  * SECURITY UPDATE: Fixed stack buffer overflow in socket_connect()
    (LP: #813110)
    - debian/patches/php5-CVE-2011-1938.patch:
    - CVE-2011-1938

  [ Steve Beattie ]
  * SECURITY UPDATE: DoS in zip handling due to addGlob() crashing
    on invalid flags
    - debian/patches/php5-CVE-2011-1657.patch: check for valid flags
    - CVE-2011-1657
  * SECURITY UPDATE: crypt_blowfish doesn't properly handle 8-bit
    (non-ascii) passwords leading to a smaller collision space
    - debian/patches/php5-CVE-2011-2483.patch: update crypt_blowfish
      to 1.2 to correct handling of passwords containing 8-bit
      (non-ascii) characters.
      CVE-2011-2483
  * SECURITY UPDATE: DoS due to failure to check for memory allocation errors
    - debian/patches/php5-CVE-2011-3182.patch: check the return values
      of the malloc, calloc, and realloc functions
    - CVE-2011-3182
  * SECURITY UPDATE: DoS in errorlog() when passed NULL
    - debian/patches/php5-CVE-2011-3267.patch: fix NULL pointer crash in
      errorlog()
    - CVE-2011-3267
  * SECURITY UPDATE: information leak via handler interrupt (LP: #852871)
    - debian/patches/php5-CVE-2010-1914.patch: grab references before
      calling zendi_convert_to_long()
    - CVE-2010-1914

 -- Steve Beattie Fri, 14 Oct 2011 14:24:59 -0700
Source diff to previous version
813115 CVE-2011-2202
813110 CVE-2011-1938
852871 PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability
CVE-2011-2202 The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, whi
CVE-2011-1938 Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers
CVE-2011-1657 The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a de
CVE-2011-2483 openwall blowfish implementation weakness
CVE-2011-3182 PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attack
CVE-2011-3267 PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (applicatio
CVE-2010-1914 The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the

Version: 5.3.2-1ubuntu4.9 2011-05-04 23:01:51 UTC

php5 (5.3.2-1ubuntu4.9) lucid-security; urgency=low

  * debian/patches/php5-pear-CVE-2011-1144-regression.patch: fix
    mkdir parenthesis issue and PEAR::raiseErro typo (LP: #774452)

 -- Steve Beattie Mon, 02 May 2011 09:21:53 -0700
Source diff to previous version
774452 php-pear: pecl install reports Call to undefined method PEAR::raiseErro()
CVE-2011-1144 The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (

Version: 5.3.2-1ubuntu4.8 2011-04-29 17:02:20 UTC

php5 (5.3.2-1ubuntu4.8) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary files removal via cronjob
    - debian/php5-common.php5.cron.d: take greater care when removing
      session files.
    - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09
    - CVE-2011-0441
  * SECURITY UPDATE: symlink tmp races in pear install
    - debian/patches/php5-pear-CVE-2011-1072.patch: improved
      tempfile handling.
    - debian/rules: apply patch manually after unpacking PEAR phar
      archive.
    - CVE-2011-1072
  * SECURITY UPDATE: more symlink races in pear install
    - debian/patches/php5-pear-CVE-2011-1144.patch: add TOCTOU save
      file handler.
    - debian/rules: apply patch manually after unpacking PEAR phar
      archive.
    - CVE-2011-1144
  * SECURITY UPDATE: pathname restriction bypass vulnerability
    - debian/patches/php5-CVE-2006-7243.patch: check for passed
      filenames containing NULL bytes.
    - CVE-2006-7243
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/php5-CVE-2010-4697.patch: retain reference to
      object until getter/setter are done.
    - CVE-2010-4697
  * SECURITY UPDATE: denial of service through application crash with
    invalid images
    - debian/patches/php5-CVE-2010-4698.patch: verify anti-aliasing
      steps are either 4 or 16.
    - CVE-2010-4698
  * SECURITY UPDATE: denial of service through application crash
    - debian/patches/php5-CVE-2011-0420.patch: improve grapheme_extract()
      argument validation.
    - CVE-2011-0420
  * SECURITY UPDATE: denial of service through application crash
    - debian/patches/php5-CVE-2011-0421.patch: fail operation gracefully
      when handling zero sized zipfile with the FL_UNCHANGED argument
    - CVE-2011-0421
  * SECURITY UPDATE: denial of service through application crash when
    handling images with invalid exif tags
    - debian/patches/php5-CVE-2011-0708.patch: stricter exif checking
    - CVE-2011-0708
  * SECURITY UPDATE: denial of service and possible data disclosure
    through integer overflow
    - debian/patches/php5-CVE-2011-1092.patch: better boundary
      condition checks in shmop_read()
    - CVE-2011-1092
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/php5-CVE-2011-1148.patch: improve reference
      counting
    - CVE-2011-1148
  * SECURITY UPDATE: format string vulnerability
    - debian/patches/php5-CVE-2011-1153.patch: correctly quote format
      strings
    - CVE-2011-1153
  * SECURITY UPDATE: denial of service through buffer overflow crash
    (code execution mitigated by compilation with Fortify Source)
    - debian/patches/php5-CVE-2011-1464.patch: limit amount of precision
      to ensure fitting within MAX_BUF_SIZE
    - CVE-2011-1464
  * SECURITY UPDATE: denial of service through application crash via
    integer overflow.
    - debian/patches/php5-CVE-2011-1466.patch: improve boundary
      condition checking in SdnToJulian()
    - CVE-2011-1466
  * SECURITY UPDATE: denial of service through application crash
    - debian/patches/php5-CVE-2011-1467.patch: check for invalid
      attribute symbols in NumberFormatter::setSymbol()
    - CVE-2011-1467
  * SECURITY UPDATE: denial of service through memory leak
    - debian/patches/php5-CVE-2011-1468.patch: fix memory leak of
      openssl contexts
    - CVE-2011-1468
  * SECURITY UPDATE: denial of service through application crash
    when using HTTP proxy with the FTP wrapper
    - debian/patches/php5-CVE-2011-1469.patch: improve pointer handling
    - CVE-2011-1469
  * SECURITY UPDATE: denial of service through application crash when
    handling ziparchive streams
    - debian/patches/php5-CVE-2011-1470.patch: set necessary elements of
      the meta data structure
    - CVE-2011-1470
  * SECURITY UPDATE: denial of service through application crash when
    handling malformed zip files
    - debian/patches/php5-CVE-2011-1471.patch: correct integer
      signedness error when handling zip_fread() return value.
    - CVE-2011-1471

 -- Steve Beattie Thu, 21 Apr 2011 11:07:40 -0700
CVE-2011-0441 The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /v
CVE-2011-1072 The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) do
CVE-2011-1144 The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (
CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placi
CVE-2010-4697 Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial
CVE-2010-4698 Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of se
CVE-2011-0420 The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial
CVE-2011-0421 The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argume
CVE-2011-0708 exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of se
CVE-2011-1092 Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read se
CVE-2011-1148 Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (
CVE-2011-1153 Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sen
CVE-2011-1464 Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent a
CVE-2011-1466 Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of ser
CVE-2011-1467 Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-
CVE-2011-1468 Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via
CVE-2011-1469 Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application cr
CVE-2011-1470 The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that
CVE-2011-1471 Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU


About   -   Changelog   -   Send Feedback
Site Meter