-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.0 Source: php5 Binary: php5, php5-common, libapache2-mod-php5, libapache2-mod-php5filter, php5-cgi, php5-cli, php5-fpm, libphp5-embed, php5-dev, php5-dbg, php-pear, php5-curl, php5-enchant, php5-gd, php5-gmp, php5-imap, php5-interbase, php5-intl, php5-ldap, php5-mcrypt, php5-mysql, php5-mysqlnd, php5-odbc, php5-pgsql, php5-pspell, php5-recode, php5-snmp, php5-sqlite, php5-sybase, php5-tidy, php5-xmlrpc, php5-xsl Architecture: any all Version: 5.4.44-0+deb7u1 Maintainer: Debian PHP Maintainers <[email protected]> Uploaders: Ondřej Surý <[email protected]>, Sean Finney <[email protected]>, Thijs Kinkhorst <[email protected]>, Lior Kaplan <[email protected]>, William Dauchy <[email protected]> Homepage: http://www.php.net/ Standards-Version: 3.9.3 Vcs-Browser: http://git.debian.org/?p=pkg-php/php.git Vcs-Git: git://git.debian.org/pkg-php/php.git Build-Depends: apache2-prefork-dev, autoconf (>= 2.63), automake (>= 1.11) | automake1.11, bison, chrpath, debhelper (>= 5), firebird-dev [!hurd-any !m68k !hppa !ppc64] | firebird2.5-dev [!hurd-any !m68k !hppa !ppc64] | firebird2.1-dev [!hurd-any !m68k !hppa !ppc64], flex, freetds-dev, hardening-wrapper, libapr1-dev (>= 1.2.7-8), libbz2-dev, libc-client-dev, libcurl4-openssl-dev | libcurl-dev, libdb-dev, libenchant-dev, libevent-dev (>= 1.4.11), libexpat1-dev (>= 1.95.2-2.1), libfreetype6-dev, libgcrypt11-dev, libgd2-xpm-dev, libglib2.0-dev, libgmp3-dev, libicu-dev, libjpeg-dev | libjpeg62-dev, libkrb5-dev, libldap2-dev, libmagic-dev, libmcrypt-dev, libmhash-dev (>= 0.8.8), libmysqlclient-dev | libmysqlclient15-dev, libonig-dev, libpam0g-dev, libpcre3-dev (>= 6.6), libpng-dev | libpng12-dev, libpq-dev, libpspell-dev, libqdbm-dev, librecode-dev, libsasl2-dev, libsnmp-dev, libsqlite3-dev, libssl-dev, libtidy-dev, libtool (>= 2.2), libwrap0-dev, libxmltok1-dev, libxml2-dev, libxslt1-dev (>= 1.0.18), locales-all | language-pack-de, mysql-server, netbase, netcat-traditional, quilt, re2c, unixodbc-dev, zlib1g-dev, tzdata Build-Conflicts: bind-dev Package-List: libapache2-mod-php5 deb httpd optional libapache2-mod-php5filter deb httpd extra libphp5-embed deb php optional php-pear deb php optional php5 deb php optional php5-cgi deb php optional php5-cli deb php optional php5-common deb php optional php5-curl deb php optional php5-dbg deb debug extra php5-dev deb php optional php5-enchant deb php optional php5-fpm deb php optional php5-gd deb php optional php5-gmp deb php optional php5-imap deb php optional php5-interbase deb php optional php5-intl deb php optional php5-ldap deb php optional php5-mcrypt deb php optional php5-mysql deb php optional php5-mysqlnd deb php extra php5-odbc deb php optional php5-pgsql deb php optional php5-pspell deb php optional php5-recode deb php optional php5-snmp deb php optional php5-sqlite deb php optional php5-sybase deb php optional php5-tidy deb php optional php5-xmlrpc deb php optional php5-xsl deb php optional Checksums-Sha1: 86afedeb1bd212603cc5c8f4fa6630b7419da93d 15878182 php5_5.4.44.orig.tar.gz 81674b968578ce87adb2dad1a6be0e0df6be80fe 147909 php5_5.4.44-0+deb7u1.diff.gz Checksums-Sha256: 1799998e48da3d8f34722840628e18789e26ea21741d4e498ade6749b3266602 15878182 php5_5.4.44.orig.tar.gz 997d9563eb49385e6d276aeec04eb8942f4cf7fd6d6f1cc56f918a34762a3958 147909 php5_5.4.44-0+deb7u1.diff.gz Files: 9a6f79bc68eb926d230448905229dd1c 15878182 php5_5.4.44.orig.tar.gz dd0c49b51ee1c46c341e41f1c6cd8aa6 147909 php5_5.4.44-0+deb7u1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ7BAEBCgBmBQJV3YBEXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHF9UP+JlHUmMpwuGfMsVs1PUeasEC BB50cz02qXCj62D4nLDXg6yG5liEZL4Acsiwjn77c7+AxzD6tbxv0nTaQup78JLx YKhnJGDdor5u0FNa7RuKeNm7LhTdDvwfIgSBVEdDOFwBaFMNrb6HBMA4lKVfOq9i wzah49pOOL+OG894jnUCTCyzTAQgZswUgvzbIhGkJ2y5R/BbUQS1kcr27mhMZI94 nnuJONn9kwef9yD84pTnAQ7FnwTCIfMJz9Tj6gotxIyrTQjufrsTCgMFtex2srTk Fx3BOFRfaV4iXLiVfRkGU1dEBdH2SRu18vNWNEtyW1va59y1zaT2/kElT00ehD3R TpMpcbn+LiqBdthqnlgM4s2aDP3a4UQxnfB9R/CF6hBHEkvJhu4Qgj9sQZ0yzDi1 r2KFdNbkdJ20YVyOpkg2bUNGv9HuKteOrSSjrV051ob7hfid8Yf2j0uIClSyL0OI GumRqYcd4Jd8mHzfO3eTprXty2vXgo81RD1VyqA/dCYwOsbdjcsFKvKh94OuVERE F/0TbCdcffIsIvqRvW2Qz4v5B74GRCGiEhTWUwKvVG05FtG7NSUlGRocb7A64gGR LIvcmGgIvz1ksiukicGR6dAYmbLV1F80MzngEEzUVMSKNor+Lwi6g3fpBnqPraYs KGp0g7HiFwGbyZ2IEk0= =dges -----END PGP SIGNATURE----- Changes: php5 (5.4.44-0+deb7u1) wheezy-security; urgency=medium * New upstream version 5.4.44 - Core: . Fixed bug #69793 (Remotely triggerable stack exhaustion via recursive method calls). . Fixed bug #69892 (Different arrays compare indentical due to integer key truncation). . Fixed bug #70121 (unserialize() could lead to unexpected methods execution / NULL pointer deref). - OpenSSL: . Fixed bug #70014 (openssl_random_pseudo_bytes() is not cryptographically secure). - Phar: . Improved fix for bug #69441. . Fixed bug #70019 (Files extracted from archive may be placed outside of destination directory). - SOAP: . Fixed bug #70081 (SoapClient info leak / null pointer dereference via multiple type confusions). - SPL: . Fixed bug #70068 (Dangling pointer in the unserialization of ArrayObject items). . Fixed bug #70166 (Use After Free Vulnerability in unserialize() with SPLArrayObject). . Fixed bug #70168 (Use After Free Vulnerability in unserialize() with SplObjectStorage). . Fixed bug #70169 (Use After Free Vulnerability in unserialize() with SplDoublyLinkedList). * New upstream version 5.4.43 - Core: . Fixed bug #69768 (escapeshell*() doesn't cater to !). . Fixed bug #69874 (Can't set empty additional_headers for mail()), regression from fix to bug #68776. - Mysqlnd: . Fixed bug #69669 (mysqlnd is vulnerable to BACKRONYM) (CVE-2015-3152). - Phar: . Fixed bug #69958 (Segfault in Phar::convertToData on invalid file). . Fixed bug #69923 (Buffer overflow and stack smashing error in phar_fix_filepath). * Rebase patches on top of 5.4.44 release -- Ondřej Surý <[email protected]> Sun, 16 Aug 2015 11:44:10 +0200
