-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 18 Mar 2011 18:34:11 -0600 Source: php5 Binary: php5 php5-common libapache2-mod-php5 libapache2-mod-php5filter php5-cgi php5-cli php5-dev php5-dbg php-pear php5-curl php5-gd php5-gmp php5-imap php5-interbase php5-ldap php5-mcrypt php5-mhash php5-mysql php5-odbc php5-pgsql php5-pspell php5-recode php5-snmp php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl Architecture: source i386 all Version: 5.2.6.dfsg.1-1+lenny10 Distribution: lenny-security Urgency: high Maintainer: Debian PHP Maintainers Changed-By: Raphael Geissert Description: libapache2-mod-php5 - server-side, HTML-embedded scripting language (Apache 2 module) libapache2-mod-php5filter - server-side, HTML-embedded scripting language (apache 2 filter mo php-pear - PEAR - PHP Extension and Application Repository php5 - server-side, HTML-embedded scripting language (metapackage) php5-cgi - server-side, HTML-embedded scripting language (CGI binary) php5-cli - command-line interpreter for the php5 scripting language php5-common - Common files for packages built from the php5 source php5-curl - CURL module for php5 php5-dbg - Debug symbols for PHP5 php5-dev - Files for PHP5 module development php5-gd - GD module for php5 php5-gmp - GMP module for php5 php5-imap - IMAP module for php5 php5-interbase - interbase/firebird module for php5 php5-ldap - LDAP module for php5 php5-mcrypt - MCrypt module for php5 php5-mhash - MHASH module for php5 php5-mysql - MySQL module for php5 php5-odbc - ODBC module for php5 php5-pgsql - PostgreSQL module for php5 php5-pspell - pspell module for php5 php5-recode - recode module for php5 php5-snmp - SNMP module for php5 php5-sqlite - SQLite module for php5 php5-sybase - Sybase / MS SQL Server module for php5 php5-tidy - tidy module for php5 php5-xmlrpc - XML-RPC module for php5 php5-xsl - XSL module for php5 Changes: php5 (5.2.6.dfsg.1-1+lenny10) lenny-security; urgency=high . [ Ondřej Surý ] * Include upstream's fix for CVE-2010-1128: Weak seed for the Linear Congruential Generator (LCG) * Fix CVE-2010-3709: NULL pointer dereference in ZipArchive::getArchiveComment * Fix CVE-2010-3710: stack consumption when using the FILTER_VALIDATE_EMAIL filter * Fix CVE-2010-3870: incorrect handling of ill-formed subsequences in UTF-8 data * Fix CVE-2010-4150: Double free in imap_do_open * Fix a NULL pointer dereference in the zip extract method . [ Raphael Geissert ] * Include a test for CVE-2010-4645 * Fix CVE-2011-0441: arbitrary files removal via cronjob (Closes #618489) Checksums-Sha1: dfdc7bc4c71d4284a3c1464cb922e70d84f7aec7 2533 php5_5.2.6.dfsg.1-1+lenny10.dsc 7a29d12cb5ef51d6974a74de5fabe52d2bbbdc12 180404 php5_5.2.6.dfsg.1-1+lenny10.diff.gz 2b697102b356211d9aee802e4935624d28587062 366070 php5-common_5.2.6.dfsg.1-1+lenny10_i386.deb 6351562ea2e31d2080dbe6cb9de235e86e49f51f 2484754 libapache2-mod-php5_5.2.6.dfsg.1-1+lenny10_i386.deb a443c39d132c4c91e461bace8cca3ac603ef7ebb 2483388 libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny10_i386.deb 9a91863ee573e2011ba7fffd213bdb013b124391 4912330 php5-cgi_5.2.6.dfsg.1-1+lenny10_i386.deb 8d1476760f02aff2e8946eee51d801543978e67e 2475228 php5-cli_5.2.6.dfsg.1-1+lenny10_i386.deb d09abd66009442159c831c4b31018e1985c21caf 365614 php5-dev_5.2.6.dfsg.1-1+lenny10_i386.deb 8fdacd611f04001378ac5e13dda1e8e1362d5caf 8472818 php5-dbg_5.2.6.dfsg.1-1+lenny10_i386.deb d2f99fd9b16c740ecb23d5662b900be34f63ee7a 23768 php5-curl_5.2.6.dfsg.1-1+lenny10_i386.deb 91fed477b456b20d8c253cc9db5a0d353563b635 32384 php5-gd_5.2.6.dfsg.1-1+lenny10_i386.deb 73c62764fe2d296f400d24c9e363a2f876ccb524 14194 php5-gmp_5.2.6.dfsg.1-1+lenny10_i386.deb 59b10da66da5055c0cb58010827684d3083f822b 34598 php5-imap_5.2.6.dfsg.1-1+lenny10_i386.deb 6e7153470e89852ff9783b95684d9ce13873b176 45156 php5-interbase_5.2.6.dfsg.1-1+lenny10_i386.deb 3fdd6b46ca8d1e533a660c4770b13b68bd9be21b 18234 php5-ldap_5.2.6.dfsg.1-1+lenny10_i386.deb 3b3d75fa46b953e99746cec2a4f81decc4f122e5 12914 php5-mcrypt_5.2.6.dfsg.1-1+lenny10_i386.deb a62944e59d1846a9ee403d66bd728563239aa69b 5152 php5-mhash_5.2.6.dfsg.1-1+lenny10_i386.deb 7116a3214b58a80eebc12c6918e3b53a61708d67 65742 php5-mysql_5.2.6.dfsg.1-1+lenny10_i386.deb 6204dca997bf0ab0e78d875be62356046c17164e 33542 php5-odbc_5.2.6.dfsg.1-1+lenny10_i386.deb 67d8bb5b904e074d56caebefae65602cb3f7ac4c 52358 php5-pgsql_5.2.6.dfsg.1-1+lenny10_i386.deb 0d71f0fbab801761d255891d0ca2dfe1ac209386 8462 php5-pspell_5.2.6.dfsg.1-1+lenny10_i386.deb 102bdbaaf0693f6ee7e1f7b219ffe09987a25dfa 4848 php5-recode_5.2.6.dfsg.1-1+lenny10_i386.deb 777af36827c20820f1d086de60d55be8e1271c2a 11594 php5-snmp_5.2.6.dfsg.1-1+lenny10_i386.deb 941cf406256f641ac1550d04348f36d55da69222 34516 php5-sqlite_5.2.6.dfsg.1-1+lenny10_i386.deb 6cb288635ba30034d021785b6b8595fcffd5ff6a 25956 php5-sybase_5.2.6.dfsg.1-1+lenny10_i386.deb 9f722d39da5398800afbcaaa37d53c7d0cd72fda 16604 php5-tidy_5.2.6.dfsg.1-1+lenny10_i386.deb 137156fa95b4c047c9b9175c3ba6f8552ee931ca 37710 php5-xmlrpc_5.2.6.dfsg.1-1+lenny10_i386.deb 26221d1d74ba53d4f23859f8dcf71239bdd48800 12814 php5-xsl_5.2.6.dfsg.1-1+lenny10_i386.deb e658a19e0a695a30d2ba25a15aa7d6c03f5b99d3 1086 php5_5.2.6.dfsg.1-1+lenny10_all.deb c4091390ae16ac54e3478afb7dccd4f60ea36f1a 334546 php-pear_5.2.6.dfsg.1-1+lenny10_all.deb Checksums-Sha256: a7283eb26dc6a549bfe808de31be197bbbf8dce247a2fd77591312921c883d05 2533 php5_5.2.6.dfsg.1-1+lenny10.dsc 7bb108f0a683e3bf1d2a98714facf60cf5d7c9a6da9a651ccd53659c4652a98d 180404 php5_5.2.6.dfsg.1-1+lenny10.diff.gz 7414b99dee235d6f59ec3bab6406880b14163efc48e8ddbc15392c1023370162 366070 php5-common_5.2.6.dfsg.1-1+lenny10_i386.deb 493d32727628d7c73b0583aff65b7847bc99f63f366720c897bacc9a26930cd1 2484754 libapache2-mod-php5_5.2.6.dfsg.1-1+lenny10_i386.deb 817f400dcfd5123983896b1a6055aaa3c3bb3a2436c960e40e182f291118b497 2483388 libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny10_i386.deb 207e9f28c75e30cb1137eab0050ebfeeae3ee7a2efbfde83e4c07a978751c769 4912330 php5-cgi_5.2.6.dfsg.1-1+lenny10_i386.deb 5ada3baf610c443fabb7e39a1fcec9a8baa8d9b272e128b245c4920bafdebbe5 2475228 php5-cli_5.2.6.dfsg.1-1+lenny10_i386.deb 53d6c0265132acde38d19943f8c306e258e057913003df2f845e241f81427c2a 365614 php5-dev_5.2.6.dfsg.1-1+lenny10_i386.deb 7544f3b456491505c6238010fbc337f39ead2a79c26e4737b87773177a8c996d 8472818 php5-dbg_5.2.6.dfsg.1-1+lenny10_i386.deb a5ca637360cbb96d871115a3c55535650b009df813bd212d5576814b1b0f9cf6 23768 php5-curl_5.2.6.dfsg.1-1+lenny10_i386.deb fd727a2606e2563d72f5a7eb1dca4baaff4ae5a20034bb158bf05b440e7b4899 32384 php5-gd_5.2.6.dfsg.1-1+lenny10_i386.deb 1543daf084a2a8ce00f7f7d34ace329d9febbffc80c774d58db1035ac02f8dc6 14194 php5-gmp_5.2.6.dfsg.1-1+lenny10_i386.deb 6b4ac3981dbc0bd1c2946ee857782640a89a57fa8a7e4c51f067a194658589b7 34598 php5-imap_5.2.6.dfsg.1-1+lenny10_i386.deb f5df431d9bbf5f89af14ef860c5f3f6358101d6137affdcfc53026d8d1996da4 45156 php5-interbase_5.2.6.dfsg.1-1+lenny10_i386.deb f03da00b06e70a2b51c85f04b75c9623070759f40f52a2cd041a279738b4400c 18234 php5-ldap_5.2.6.dfsg.1-1+lenny10_i386.deb 8227e11e6ff8ccbda3cc4c1cbdc0ae6ccb8481e6afb662b483c8c4c3c8b8909c 12914 php5-mcrypt_5.2.6.dfsg.1-1+lenny10_i386.deb f328dba6257ce96d883115bd607c88c31a639cf989b097c3823896be348d5058 5152 php5-mhash_5.2.6.dfsg.1-1+lenny10_i386.deb 433e2f3d92704fa9a62e12232b8e1d01a86062b0608ca31ea1e14ee399042312 65742 php5-mysql_5.2.6.dfsg.1-1+lenny10_i386.deb b0e3f9f08f65dd1cd9ffd3313d7c7fb73c85d23bfe411430613c732f4e16905a 33542 php5-odbc_5.2.6.dfsg.1-1+lenny10_i386.deb 645b456de5db851eae727c7279d86fa03675ee6a87c4620aaff2cf385290d549 52358 php5-pgsql_5.2.6.dfsg.1-1+lenny10_i386.deb a84f98b5dcd98cc722975888de0e0754b6738286242d0ad5c803791de68bf34f 8462 php5-pspell_5.2.6.dfsg.1-1+lenny10_i386.deb 4ef1c411c872d5d07bb0bee8d20be77a8951bd2bfb0280f5e997b4047e1150bc 4848 php5-recode_5.2.6.dfsg.1-1+lenny10_i386.deb 58786af9d46a2720f5a7e17954435210f94cd96bd5608ec68187623f2ae04474 11594 php5-snmp_5.2.6.dfsg.1-1+lenny10_i386.deb a1954aa28b6ad74e443aff451fbcd82ef7be0c37f10ff3578f12fdc077f274d8 34516 php5-sqlite_5.2.6.dfsg.1-1+lenny10_i386.deb cf6e241344a8959dc76b58624421461be5c28d05543d88f48443ec4eebb7ef7d 25956 php5-sybase_5.2.6.dfsg.1-1+lenny10_i386.deb acafc8582a75a5abe256291b9a29a0a642f3ec8821203e2c3cae67c4c0038417 16604 php5-tidy_5.2.6.dfsg.1-1+lenny10_i386.deb feb17091cb7de0580b2b7c40af599b2d1baddbf5cf5cc2463f12a270e8160ad2 37710 php5-xmlrpc_5.2.6.dfsg.1-1+lenny10_i386.deb cf715ed77322ac447b4a87d7e99ead665519ae2be0f577313974829abc5dca14 12814 php5-xsl_5.2.6.dfsg.1-1+lenny10_i386.deb 549ca60c5868ee9f199d6bad111202892a943a9d380a19b784934996ba34df74 1086 php5_5.2.6.dfsg.1-1+lenny10_all.deb 146fba50af229578175b75d5e8426838adaf1eaa73559044a58ba953511edd04 334546 php-pear_5.2.6.dfsg.1-1+lenny10_all.deb Files: afa655d7653ce441bb0f01e5b7d0884d 2533 web optional php5_5.2.6.dfsg.1-1+lenny10.dsc 3c35625494125fd1436d929c78b3e1d5 180404 web optional php5_5.2.6.dfsg.1-1+lenny10.diff.gz 0c45c412309dc8f1a45edc8e6d1b957d 366070 web optional php5-common_5.2.6.dfsg.1-1+lenny10_i386.deb c1a599af51e8a6e43bd248940ee41a3d 2484754 web optional libapache2-mod-php5_5.2.6.dfsg.1-1+lenny10_i386.deb 08c2093b802ae6c2da5c4d6349e8ac5e 2483388 web optional libapache2-mod-php5filter_5.2.6.dfsg.1-1+lenny10_i386.deb 23eae1d5753b21bfd40199c5b75c1805 4912330 web optional php5-cgi_5.2.6.dfsg.1-1+lenny10_i386.deb 7b6ffb32e7488f50b5172e809b596a33 2475228 web optional php5-cli_5.2.6.dfsg.1-1+lenny10_i386.deb 7674d43970b33d5943b18eef73e57158 365614 devel optional php5-dev_5.2.6.dfsg.1-1+lenny10_i386.deb afb5c86894c2d64c4f2c695cc69dd38f 8472818 devel extra php5-dbg_5.2.6.dfsg.1-1+lenny10_i386.deb c88790b1c3b1b47a8b01d575a25fb2c2 23768 web optional php5-curl_5.2.6.dfsg.1-1+lenny10_i386.deb e3fc9f791944200199b20dee6d048cf2 32384 web optional php5-gd_5.2.6.dfsg.1-1+lenny10_i386.deb 7306d47832bb789e300ee4d60769fb99 14194 web optional php5-gmp_5.2.6.dfsg.1-1+lenny10_i386.deb 262acd843b874681c2c42d1801b2c4e3 34598 web optional php5-imap_5.2.6.dfsg.1-1+lenny10_i386.deb 1f184d5ade10d5d5cceee08caa814794 45156 web optional php5-interbase_5.2.6.dfsg.1-1+lenny10_i386.deb ccd7e71bd9a53ad77cfc71c5f07e4ed7 18234 web optional php5-ldap_5.2.6.dfsg.1-1+lenny10_i386.deb fa8f99544b1e207d144dc2a97489b806 12914 web optional php5-mcrypt_5.2.6.dfsg.1-1+lenny10_i386.deb 4dd6de9b154b121805bd5a68bc5fd600 5152 web optional php5-mhash_5.2.6.dfsg.1-1+lenny10_i386.deb 18bb9e1e3193e6e3b1383c2dd582a836 65742 web optional php5-mysql_5.2.6.dfsg.1-1+lenny10_i386.deb bdbdd48bb3f7b278ef0e717663610daf 33542 web optional php5-odbc_5.2.6.dfsg.1-1+lenny10_i386.deb 71f1272e070a159e6973ddb570d1c31a 52358 web optional php5-pgsql_5.2.6.dfsg.1-1+lenny10_i386.deb 4b96b807c409155bd7f0dfe86a27ec56 8462 web optional php5-pspell_5.2.6.dfsg.1-1+lenny10_i386.deb 88d811ce73435e33fb95be2db3245f0e 4848 web optional php5-recode_5.2.6.dfsg.1-1+lenny10_i386.deb 7cdd10e565da4c68186b01e67ddeb5b9 11594 web optional php5-snmp_5.2.6.dfsg.1-1+lenny10_i386.deb 234e8c50828604f0270771d82667d405 34516 web optional php5-sqlite_5.2.6.dfsg.1-1+lenny10_i386.deb 86baab7f55d864d368bd776a0eaea5c2 25956 web optional php5-sybase_5.2.6.dfsg.1-1+lenny10_i386.deb b15dcb94c006271c2a74eddaa0f37f50 16604 web optional php5-tidy_5.2.6.dfsg.1-1+lenny10_i386.deb 8552a5d727737ebf35b285aa5a20f54e 37710 web optional php5-xmlrpc_5.2.6.dfsg.1-1+lenny10_i386.deb 13d4233f78c4358cf2f4c5adadaee1f9 12814 web optional php5-xsl_5.2.6.dfsg.1-1+lenny10_i386.deb 8a6311736490eaf7690177322b339247 1086 web optional php5_5.2.6.dfsg.1-1+lenny10_all.deb f9b7d5a5a457319741b2bfd54c5b42e5 334546 web optional php-pear_5.2.6.dfsg.1-1+lenny10_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk2EEqQACgkQYy49rUbZzlp2BACdE5q7Qm7FZlIh4KWjYJTlyOfD FcAAniW3uT0PqkMvSFGbO3ANLRubnKer =Wbe6 -----END PGP SIGNATURE-----