[php-maint] Upstream PHP 5.2.2 Available
Alan LeVee
alan.levee at prometheus-designs.net
Sat May 5 16:48:50 UTC 2007
Package: php5
Version: 5.2.0-10
The PHP development team has released a new version of PHP 5 that fixes
numerous security holes that affected both 5.2.0 and 5.2.1 (some of
which I found no fixes for in the Debian packages).
The following has been resolved in PHP 5.2.2:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
http://www.php-security.org/MOPB/PMOPB-45-2007.html
http://www.php-security.org/MOPB/MOPB-34-2007.html
http://www.php-security.org/MOPB/MOPB-33-2007.html
http://www.php-security.org/MOPB/MOPB-29-2007.html
http://www.php-security.org/MOPB/MOPB-26-2007.html
http://www.php-security.org/MOPB/MOPB-24-2007.html
http://www.php-security.org/MOPB/MOPB-22-2007.html
http://www.php-security.org/MOPB/MOPB-21-2007.html
http://www.php-security.org/MOPB/MOPB-20-2007.html
http://www.php-security.org/MOPB/MOPB-14-2007.html
http://www.php-security.org/MOPB/MOPB-03-2007.html
Other fixes are available at:
http://www.php.net/ChangeLog-5.php#5.2.2
I would these bugs to be taken very seriously especially the ones at
php-security.org because they affect a great many web applications.
More information about the pkg-php-maint
mailing list