All Ubuntu package versions


AllRaringQuantalPreciseOneiricNattyLucidHardyAll PPAs
DashboardRecent Search QueriesSearch Statistics
Alphabetical listSearchBugs
Comments

Package "php5"

Name: php5

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • server-side, HTML-embedded scripting language (apache 2 filter module)
  • Enchant module for php5
  • internationalisation module for php5

Latest version: 5.3.2-1ubuntu4.19
Release: lucid (10.04)
Level: updates
Repository: universe
Homepage: http://www.php.net/

Links

Save this URL for the latest version of "php5": http://www.ubuntuupdates.org/php5

All versions of this package Bug fixes
List of files in package Repository home page for package

Other versions of "php5" in Lucid

RepositoryAreaVersion
base main 5.3.2-1ubuntu4
base universe 5.3.2-1ubuntu4
security universe 5.3.2-1ubuntu4.19
security main 5.3.2-1ubuntu4.19
updates main 5.3.2-1ubuntu4.19
PPA: nathan-renniewaldock ppa 5.4.12-1~ppa1~lucid

Packages in group

Deleted packages are displayed in grey.

libapache2-mod-php5filter php5-enchant php5-intl

Change Log

Version: 5.3.2-1ubuntu4.13 2012-02-10 08:06:47 UTC

php5 (5.3.2-1ubuntu4.13) lucid-security; urgency=low

  * SECURITY UPDATE: memory allocation failure denial of service
    - debian/patches/php5-CVE-2011-4153.patch: check result of
      zend_strdup() and calloc() for failed allocations
    - CVE-2011-4153
  * SECURITY UPDATE: predictable hash collision denial of service
    (LP: #910296)
    - debian/patches/php5-CVE-2011-4885.patch: add max_input_vars
      directive with default limit of 1000
    - ATTENTION: this update changes previous php5 behavior by
      limiting the number of external input variables to 1000.
      This may be increased by adding a "max_input_vars"
      directive to the php.ini configuration file. See
      http://www.php.net/manual/en/info.configuration.php#ini.max-input-vars
      for more information.
    - CVE-2011-4885
  * SECURITY UPDATE: remote code execution vulnerability introduced by
    the fix for CVE-2011-4885 (LP: #925772)
    - debian/patches/php5-CVE-2012-0830.patch: return rather than
      continuing if max_input_vars limit is reached
    - CVE-2012-0830
  * SECURITY UPDATE: XSLT arbitrary file overwrite attack
    - debian/patches/php5-CVE-2012-0057.patch: add xsl.security_prefs
      ini option to define forbidden operations within XSLT stylesheets
    - CVE-2012-0057
  * SECURITY UPDATE: PDORow session denial of service
    - debian/patches/php5-CVE-2012-0788.patch: fail gracefully when
      attempting to serialize PDORow instances
    - CVE-2012-0788
  * SECURITY UPDATE: magic_quotes_gpc remote disable vulnerability
    - debian/patches/php5-CVE-2012-0831.patch: always restore
      magic_quote_gpc on request shutdown
    - CVE-2012-0831
  * SECURITY UPDATE: arbitrary files removal via cronjob
    - debian/php5-common.php5.cron.d: take greater care when removing
      session files (overlooked in a previous update).
    - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09
    - CVE-2011-0441

 -- Steve Beattie Wed, 08 Feb 2012 20:55:57 -0800
Source diff to previous version
910296 Please backport the upstream patch to prevent attacks based on hash collisions
925772 UPDATE REQUEST: php53u 5.3.10 is available upstream
CVE-2011-4153 PHP 5.3.8 does not always check the return value of the zend_strndup function, which might allow remote attackers to cause a denial of service (NULL p
CVE-2011-4885 PHP before 5.3.9 computes hash values for form parameters without restricting the ability to trigger hash collisions predictably, which allows remote
CVE-2012-0830 The php_register_variable_ex function in php_variables.c in PHP 5.3.9 allows remote attackers to execute arbitrary code via a request containing a lar
CVE-2012-0057 PHP before 5.3.9 has improper libxslt security settings, which allows remote attackers to create arbitrary files via a crafted XSLT stylesheet that us
CVE-2012-0788 RESERVED
CVE-2012-0831 RESERVED
CVE-2011-0441 The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /v

Version: 5.3.2-1ubuntu4.11 2011-12-14 19:02:47 UTC

php5 (5.3.2-1ubuntu4.11) lucid-security; urgency=low

  * SECURITY UPDATE: Denial of service and possible information disclosure
    via exif integer overflow
    - debian/patches/php5-CVE-2011-4566.patch: fix count checks in
      ext/exif/exif.c.
    - CVE-2011-4566

 -- Marc Deslauriers Tue, 13 Dec 2011 09:16:21 -0500
Source diff to previous version
CVE-2011-4566 Integer overflow in the exif_process_IFD_TAG function in exif.c in the exif extension in PHP 5.4.0beta2 on 32-bit platforms allows remote attackers to

Version: 5.3.2-1ubuntu4.10 2011-10-18 00:02:31 UTC

php5 (5.3.2-1ubuntu4.10) lucid-security; urgency=low

  [ Angel Abad ]
  * SECURITY UPDATE: File path injection vulnerability in RFC1867 File
    upload filename (LP: #813115)
    - debian/patches/php5-CVE-2011-2202.patch:
    - CVE-2011-2202
  * SECURITY UPDATE: Fixed stack buffer overflow in socket_connect()
    (LP: #813110)
    - debian/patches/php5-CVE-2011-1938.patch:
    - CVE-2011-1938

  [ Steve Beattie ]
  * SECURITY UPDATE: DoS in zip handling due to addGlob() crashing
    on invalid flags
    - debian/patches/php5-CVE-2011-1657.patch: check for valid flags
    - CVE-2011-1657
  * SECURITY UPDATE: crypt_blowfish doesn't properly handle 8-bit
    (non-ascii) passwords leading to a smaller collision space
    - debian/patches/php5-CVE-2011-2483.patch: update crypt_blowfish
      to 1.2 to correct handling of passwords containing 8-bit
      (non-ascii) characters.
      CVE-2011-2483
  * SECURITY UPDATE: DoS due to failure to check for memory allocation errors
    - debian/patches/php5-CVE-2011-3182.patch: check the return values
      of the malloc, calloc, and realloc functions
    - CVE-2011-3182
  * SECURITY UPDATE: DoS in errorlog() when passed NULL
    - debian/patches/php5-CVE-2011-3267.patch: fix NULL pointer crash in
      errorlog()
    - CVE-2011-3267
  * SECURITY UPDATE: information leak via handler interrupt (LP: #852871)
    - debian/patches/php5-CVE-2010-1914.patch: grab references before
      calling zendi_convert_to_long()
    - CVE-2010-1914

 -- Steve Beattie Fri, 14 Oct 2011 14:24:59 -0700
Source diff to previous version
813115 CVE-2011-2202
813110 CVE-2011-1938
852871 PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability
CVE-2011-2202 The rfc1867_post_handler function in main/rfc1867.c in PHP before 5.3.7 does not properly restrict filenames in multipart/form-data POST requests, whi
CVE-2011-1938 Stack-based buffer overflow in the socket_connect function in ext/sockets/sockets.c in PHP 5.3.3 through 5.3.6 might allow context-dependent attackers
CVE-2011-1657 The (1) ZipArchive::addGlob and (2) ZipArchive::addPattern functions in ext/zip/php_zip.c in PHP 5.3.6 allow context-dependent attackers to cause a de
CVE-2011-2483 openwall blowfish implementation weakness
CVE-2011-3182 PHP before 5.3.7 does not properly check the return values of the malloc, calloc, and realloc library functions, which allows context-dependent attack
CVE-2011-3267 PHP before 5.3.7 does not properly implement the error_log function, which allows context-dependent attackers to cause a denial of service (applicatio
CVE-2010-1914 The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to obtain sensitive information by interrupting the

Version: 5.3.2-1ubuntu4.9 2011-05-05 00:02:09 UTC

php5 (5.3.2-1ubuntu4.9) lucid-security; urgency=low

  * debian/patches/php5-pear-CVE-2011-1144-regression.patch: fix
    mkdir parenthesis issue and PEAR::raiseErro typo (LP: #774452)

 -- Steve Beattie Mon, 02 May 2011 09:21:53 -0700
Source diff to previous version
774452 php-pear: pecl install reports Call to undefined method PEAR::raiseErro()
CVE-2011-1144 The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (

Version: 5.3.2-1ubuntu4.8 2011-04-29 17:02:23 UTC

php5 (5.3.2-1ubuntu4.8) lucid-security; urgency=low

  * SECURITY UPDATE: arbitrary files removal via cronjob
    - debian/php5-common.php5.cron.d: take greater care when removing
      session files.
    - http://git.debian.org/?p=pkg-php%2Fphp.git;a=commitdiff_plain;h=d09fd04ed7bfcf7f008360c6a42025108925df09
    - CVE-2011-0441
  * SECURITY UPDATE: symlink tmp races in pear install
    - debian/patches/php5-pear-CVE-2011-1072.patch: improved
      tempfile handling.
    - debian/rules: apply patch manually after unpacking PEAR phar
      archive.
    - CVE-2011-1072
  * SECURITY UPDATE: more symlink races in pear install
    - debian/patches/php5-pear-CVE-2011-1144.patch: add TOCTOU save
      file handler.
    - debian/rules: apply patch manually after unpacking PEAR phar
      archive.
    - CVE-2011-1144
  * SECURITY UPDATE: pathname restriction bypass vulnerability
    - debian/patches/php5-CVE-2006-7243.patch: check for passed
      filenames containing NULL bytes.
    - CVE-2006-7243
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/php5-CVE-2010-4697.patch: retain reference to
      object until getter/setter are done.
    - CVE-2010-4697
  * SECURITY UPDATE: denial of service through application crash with
    invalid images
    - debian/patches/php5-CVE-2010-4698.patch: verify anti-aliasing
      steps are either 4 or 16.
    - CVE-2010-4698
  * SECURITY UPDATE: denial of service through application crash
    - debian/patches/php5-CVE-2011-0420.patch: improve grapheme_extract()
      argument validation.
    - CVE-2011-0420
  * SECURITY UPDATE: denial of service through application crash
    - debian/patches/php5-CVE-2011-0421.patch: fail operation gracefully
      when handling zero sized zipfile with the FL_UNCHANGED argument
    - CVE-2011-0421
  * SECURITY UPDATE: denial of service through application crash when
    handling images with invalid exif tags
    - debian/patches/php5-CVE-2011-0708.patch: stricter exif checking
    - CVE-2011-0708
  * SECURITY UPDATE: denial of service and possible data disclosure
    through integer overflow
    - debian/patches/php5-CVE-2011-1092.patch: better boundary
      condition checks in shmop_read()
    - CVE-2011-1092
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/php5-CVE-2011-1148.patch: improve reference
      counting
    - CVE-2011-1148
  * SECURITY UPDATE: format string vulnerability
    - debian/patches/php5-CVE-2011-1153.patch: correctly quote format
      strings
    - CVE-2011-1153
  * SECURITY UPDATE: denial of service through buffer overflow crash
    (code execution mitigated by compilation with Fortify Source)
    - debian/patches/php5-CVE-2011-1464.patch: limit amount of precision
      to ensure fitting within MAX_BUF_SIZE
    - CVE-2011-1464
  * SECURITY UPDATE: denial of service through application crash via
    integer overflow.
    - debian/patches/php5-CVE-2011-1466.patch: improve boundary
      condition checking in SdnToJulian()
    - CVE-2011-1466
  * SECURITY UPDATE: denial of service through application crash
    - debian/patches/php5-CVE-2011-1467.patch: check for invalid
      attribute symbols in NumberFormatter::setSymbol()
    - CVE-2011-1467
  * SECURITY UPDATE: denial of service through memory leak
    - debian/patches/php5-CVE-2011-1468.patch: fix memory leak of
      openssl contexts
    - CVE-2011-1468
  * SECURITY UPDATE: denial of service through application crash
    when using HTTP proxy with the FTP wrapper
    - debian/patches/php5-CVE-2011-1469.patch: improve pointer handling
    - CVE-2011-1469
  * SECURITY UPDATE: denial of service through application crash when
    handling ziparchive streams
    - debian/patches/php5-CVE-2011-1470.patch: set necessary elements of
      the meta data structure
    - CVE-2011-1470
  * SECURITY UPDATE: denial of service through application crash when
    handling malformed zip files
    - debian/patches/php5-CVE-2011-1471.patch: correct integer
      signedness error when handling zip_fread() return value.
    - CVE-2011-1471

 -- Steve Beattie Thu, 21 Apr 2011 11:07:40 -0700
CVE-2011-0441 The Debian GNU/Linux /etc/cron.d/php5 cron job for PHP 5.3.5 allows local users to delete arbitrary files via a symlink attack on a directory under /v
CVE-2011-1072 The installer in PEAR before 1.9.2 allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (1) do
CVE-2011-1144 The installer in PEAR 1.9.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the package.xml file, related to the (
CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placi
CVE-2010-4697 Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might allow context-dependent attackers to cause a denial
CVE-2010-4698 Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows context-dependent attackers to cause a denial of se
CVE-2011-0420 The grapheme_extract function in the Internationalization extension (Intl) for ICU for PHP 5.3.5 allows context-dependent attackers to cause a denial
CVE-2011-0421 The _zip_name_locate function in zip_name_locate.c in the Zip extension in PHP before 5.3.6 does not properly handle a ZIPARCHIVE::FL_UNCHANGED argume
CVE-2011-0708 exif.c in the Exif extension in PHP before 5.3.6 on 64-bit platforms performs an incorrect cast, which allows remote attackers to cause a denial of se
CVE-2011-1092 Integer overflow in ext/shmop/shmop.c in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (crash) and possibly read se
CVE-2011-1148 Use-after-free vulnerability in the substr_replace function in PHP 5.3.6 and earlier allows context-dependent attackers to cause a denial of service (
CVE-2011-1153 Multiple format string vulnerabilities in phar_object.c in the phar extension in PHP 5.3.5 and earlier allow context-dependent attackers to obtain sen
CVE-2011-1464 Buffer overflow in the strval function in PHP before 5.3.6, when the precision configuration option has a large value, might allow context-dependent a
CVE-2011-1466 Integer overflow in the SdnToJulian function in the Calendar extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of ser
CVE-2011-1467 Unspecified vulnerability in the NumberFormatter::setSymbol (aka numfmt_set_symbol) function in the Intl extension in PHP before 5.3.6 allows context-
CVE-2011-1468 Multiple memory leaks in the OpenSSL extension in PHP before 5.3.6 might allow remote attackers to cause a denial of service (memory consumption) via
CVE-2011-1469 Unspecified vulnerability in the Streams component in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application cr
CVE-2011-1470 The Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (application crash) via a ziparchive stream that
CVE-2011-1471 Integer signedness error in zip_stream.c in the Zip extension in PHP before 5.3.6 allows context-dependent attackers to cause a denial of service (CPU


About   -   Changelog   -   Send Feedback
Site Meter