All Ubuntu package versions


AllUtopicTrustySaucyPreciseLucidAll PPAs
DashboardRecent Search QueriesSearch Statistics
Alphabetical listSearchBugs
CommentsResqueStathatMemoryTracker

Package "php5"

Name: php5

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • server-side, HTML-embedded scripting language (apache 2 filter module)
  • Enchant module for php5
  • internationalisation module for php5

Latest version: 5.3.2-1ubuntu4.29
Release: lucid (10.04)
Level: updates
Repository: universe

Links

Save this URL for the latest version of "php5": http://www.ubuntuupdates.org/php5

All versions of this package Bug fixes
List of files in package Repository home page for package

Other versions of "php5" in Lucid

RepositoryAreaVersion
base universe 5.3.2-1ubuntu4
base main 5.3.2-1ubuntu4
security main 5.3.2-1ubuntu4.29
security universe 5.3.2-1ubuntu4.29
updates main 5.3.2-1ubuntu4.29
PPA: nathan-renniewaldock ppa 5.4.26-1~ppa1~lucid

Packages in group

Deleted packages are displayed in grey.

libapache2-mod-php5filter php5-enchant php5-intl

Change Log

Version: 5.3.2-1ubuntu4.24 2014-04-07 14:07:09 UTC

  php5 (5.3.2-1ubuntu4.24) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service in fileinfo via crafted offset in
    PE executable
    - debian/patches/CVE-2014-2270.patch: check bounds in
      ext/fileinfo/libmagic/softmagic.c.
    - CVE-2014-2270
 -- Marc Deslauriers <email address hidden> Thu, 03 Apr 2014 15:23:04 -0400

Source diff to previous version
CVE-2014-2270 softmagic.c in file before 5.17 and libmagic allows context-dependent ...

Version: 5.3.2-1ubuntu4.23 2014-03-03 19:07:10 UTC

  php5 (5.3.2-1ubuntu4.23) lucid-security; urgency=medium

  * SECURITY UPDATE: denial of service via crafted indirect offset value
    in fileinfo
    - debian/patches/CVE-2013-1943.patch: properly handle recursion in
      ext/fileinfo/libmagic/{ascmagic.c,file.h,funcs.c,softmagic.c}, added
      test to ext/fileinfo/tests/cve-2014-1943.phpt.
    - CVE-2013-1943
 -- Marc Deslauriers <email address hidden> Fri, 28 Feb 2014 17:40:15 -0500

Source diff to previous version
CVE-2013-1943 The KVM subsystem in the Linux kernel before 3.0 does not check ...

Version: 5.3.2-1ubuntu4.22 2013-12-12 18:06:54 UTC

  php5 (5.3.2-1ubuntu4.22) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via
    malicious certificate
    - debian/patches/CVE-2013-6420.patch: properly validate timestr in
      ext/openssl/openssl.c, added ext/openssl/tests/cve-2013-6420.*.
    - CVE-2013-6420
  * SECURITY UPDATE: denial of service via crafted interval specification
    - debian/patches/CVE-2013-6712.patch: check error_count in
      ext/date/lib/parse_iso_intervals.*.
    - CVE-2013-6712
 -- Marc Deslauriers <email address hidden> Wed, 11 Dec 2013 19:23:24 -0500

Source diff to previous version
CVE-2013-6420 php: memory corruption in openssl_x509_parse()
CVE-2013-6712 The scan function in ext/date/lib/parse_iso_intervals.c in PHP through ...

Version: 5.3.2-1ubuntu4.21 2013-09-05 20:08:08 UTC

  php5 (5.3.2-1ubuntu4.21) lucid-security; urgency=low

  * SECURITY UPDATE: SSL cert validation spoofing via NULL character in
    subjectAltName.
    - debian/patches/CVE-2013-4248.patch: validate subjectAltName in
      ext/openssl/openssl.c, added test to ext/openssl/tests/cve2013_4073*.
    - CVE-2013-4248
 -- Marc Deslauriers <email address hidden> Wed, 04 Sep 2013 12:56:49 -0400

Source diff to previous version
CVE-2013-4248 The openssl_x509_parse function in openssl.c in the OpenSSL module in ...

Version: 5.3.2-1ubuntu4.20 2013-07-16 13:07:26 UTC

  php5 (5.3.2-1ubuntu4.20) lucid-security; urgency=low

  * SECURITY UPDATE: denial of service and possible code execution via xml
    parser heap overflow
    - debian/patches/CVE-2013-4113.patch: check against XML_MAXLEVEL in
      ext/xml/xml.c, add test to ext/xml/tests/bug65236.phpt.
    - CVE-2013-4113
  * SECURITY UPDATE: denial of service via overflow in SdnToJewish
    - debian/patches/CVE-2013-4635.patch: check value in
      ext/calendar/jewish.c, add test to
      ext/calendar/tests/jdtojewish64.phpt.
    - CVE-2013-4635
 -- Marc Deslauriers <email address hidden> Mon, 15 Jul 2013 09:50:48 -0400

CVE-2013-4113 ext/xml/xml.c in PHP before 5.3.27 does not properly consider parsing ...
CVE-2013-4635 Integer overflow in the SdnToJewish function in jewish.c in the ...



About   -   Changelog   -   Send Feedback