[Pkg-php-commits] r1075 - in php5/branches/etch-proposed-updates/debian: . patches

Sean Finney seanius at alioth.debian.org
Thu May 15 16:13:20 UTC 2008


tags 479723 pending
thanks

Author: seanius
Date: 2008-05-15 16:13:20 +0000 (Thu, 15 May 2008)
New Revision: 1075

Added:
   php5/branches/etch-proposed-updates/debian/patches/137-CVE-2007-3806.patch
Modified:
   php5/branches/etch-proposed-updates/debian/changelog
Log:
merge from etch

Modified: php5/branches/etch-proposed-updates/debian/changelog
===================================================================
--- php5/branches/etch-proposed-updates/debian/changelog	2008-05-14 21:28:07 UTC (rev 1074)
+++ php5/branches/etch-proposed-updates/debian/changelog	2008-05-15 16:13:20 UTC (rev 1075)
@@ -1,6 +1,12 @@
-php5 (5.2.0-8+etch11~p2) UNRELEASED; urgency=low
+php5 (5.2.0-8+etch11) stable-security; urgency=high
 
-  * NOT RELEASED YET
+  * Upload to etch for security issues.
+  * The following security issues are addressed with this update:
+    - CVE-2007-3806: glob denial of service
+    - CVE-2008-1384: integer overflow in printf() 
+    - CVE-2008-2050: possible stack buffer overflow in the FastCGI SAPI
+    - CVE-2008-2051: incomplete multibyte chars inside escapeshellcmd()
+    closes: #479723
 
  -- sean finney <seanius at debian.org>  Thu, 21 Feb 2008 07:09:01 +0100
 

Copied: php5/branches/etch-proposed-updates/debian/patches/137-CVE-2007-3806.patch (from rev 1074, php5/branches/etch/debian/patches/137-CVE-2007-3806.patch)
===================================================================
--- php5/branches/etch-proposed-updates/debian/patches/137-CVE-2007-3806.patch	                        (rev 0)
+++ php5/branches/etch-proposed-updates/debian/patches/137-CVE-2007-3806.patch	2008-05-15 16:13:20 UTC (rev 1075)
@@ -0,0 +1,11 @@
+diff -Nurad php5-5.2.3~/ext/standard/dir.c php5-5.2.3.new/ext/standard/dir.c
+--- php5-5.2.3~/ext/standard/dir.c	2007-09-28 23:37:59.000000000 +0200
++++ php5-5.2.3.new/ext/standard/dir.c	2007-09-28 23:59:48.000000000 +0200
+@@ -395,6 +395,7 @@
+ 	} 
+ #endif
+ 
++	memset(&globbuf, 0, sizeof(glob_t));
+ 	globbuf.gl_offs = 0;
+ 	if (0 != (ret = glob(pattern, flags & GLOB_FLAGMASK, NULL, &globbuf))) {
+ #ifdef GLOB_NOMATCH




More information about the Pkg-php-commits mailing list