-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.0 Source: php5 Binary: php5, php5-common, libapache2-mod-php5, libapache2-mod-php5filter, php5-cgi, php5-cli, php5-fpm, libphp5-embed, php5-dev, php5-dbg, php-pear, php5-curl, php5-enchant, php5-gd, php5-gmp, php5-imap, php5-interbase, php5-intl, php5-ldap, php5-mcrypt, php5-mysql, php5-mysqlnd, php5-odbc, php5-pgsql, php5-pspell, php5-recode, php5-snmp, php5-sqlite, php5-sybase, php5-tidy, php5-xmlrpc, php5-xsl Architecture: any all Version: 5.4.45-0+deb7u1 Maintainer: Debian PHP Maintainers <[email protected]> Uploaders: Ondřej Surý <[email protected]>, Sean Finney <[email protected]>, Thijs Kinkhorst <[email protected]>, Lior Kaplan <[email protected]>, William Dauchy <[email protected]> Homepage: http://www.php.net/ Standards-Version: 3.9.3 Vcs-Browser: http://git.debian.org/?p=pkg-php/php.git Vcs-Git: git://git.debian.org/pkg-php/php.git Build-Depends: apache2-prefork-dev, autoconf (>= 2.63), automake (>= 1.11) | automake1.11, bison, chrpath, debhelper (>= 5), firebird-dev [!hurd-any !m68k !hppa !ppc64] | firebird2.5-dev [!hurd-any !m68k !hppa !ppc64] | firebird2.1-dev [!hurd-any !m68k !hppa !ppc64], flex, freetds-dev, hardening-wrapper, libapr1-dev (>= 1.2.7-8), libbz2-dev, libc-client-dev, libcurl4-openssl-dev | libcurl-dev, libdb-dev, libenchant-dev, libevent-dev (>= 1.4.11), libexpat1-dev (>= 1.95.2-2.1), libfreetype6-dev, libgcrypt11-dev, libgd2-xpm-dev, libglib2.0-dev, libgmp3-dev, libicu-dev, libjpeg-dev | libjpeg62-dev, libkrb5-dev, libldap2-dev, libmagic-dev, libmcrypt-dev, libmhash-dev (>= 0.8.8), libmysqlclient-dev | libmysqlclient15-dev, libonig-dev, libpam0g-dev, libpcre3-dev (>= 6.6), libpng-dev | libpng12-dev, libpq-dev, libpspell-dev, libqdbm-dev, librecode-dev, libsasl2-dev, libsnmp-dev, libsqlite3-dev, libssl-dev, libtidy-dev, libtool (>= 2.2), libwrap0-dev, libxmltok1-dev, libxml2-dev, libxslt1-dev (>= 1.0.18), locales-all | language-pack-de, mysql-server, netbase, netcat-traditional, quilt, re2c, unixodbc-dev, zlib1g-dev, tzdata Build-Conflicts: bind-dev Package-List: libapache2-mod-php5 deb httpd optional libapache2-mod-php5filter deb httpd extra libphp5-embed deb php optional php-pear deb php optional php5 deb php optional php5-cgi deb php optional php5-cli deb php optional php5-common deb php optional php5-curl deb php optional php5-dbg deb debug extra php5-dev deb php optional php5-enchant deb php optional php5-fpm deb php optional php5-gd deb php optional php5-gmp deb php optional php5-imap deb php optional php5-interbase deb php optional php5-intl deb php optional php5-ldap deb php optional php5-mcrypt deb php optional php5-mysql deb php optional php5-mysqlnd deb php extra php5-odbc deb php optional php5-pgsql deb php optional php5-pspell deb php optional php5-recode deb php optional php5-snmp deb php optional php5-sqlite deb php optional php5-sybase deb php optional php5-tidy deb php optional php5-xmlrpc deb php optional php5-xsl deb php optional Checksums-Sha1: 06ece3f8b53d6f4209d414a95f288771ff8f9247 15879453 php5_5.4.45.orig.tar.gz 193e7b9100de6cc494312c79197bdbcbc2d73508 147736 php5_5.4.45-0+deb7u1.diff.gz Checksums-Sha256: 25bc4723955f4e352935258002af14a14a9810b491a19400d76fcdfa9d04b28f 15879453 php5_5.4.45.orig.tar.gz c1d2f751dba8b08214f0feef5a6215d337bf1585cf8144dbcd0cac3a2017a9b0 147736 php5_5.4.45-0+deb7u1.diff.gz Files: ba580e774ed1ab256f22d1fa69a59311 15879453 php5_5.4.45.orig.tar.gz 31b4dbc7fb7687cf61179409e23a6a84 147736 php5_5.4.45-0+deb7u1.diff.gz -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iQJ8BAEBCgBmBQJV8URGXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQzMEI5MzNEODBGQ0UzRDk4MUEyRDM4RkIw Qzk5QjcwRUY0RkNCQjA3AAoJEAyZtw70/LsHsB8P/1EF8fgSUmVkh+QodanGVywu VX42AGfoayjHB9EQb6ijL7i3iTi18bCDJeFYkW4U6XP0qBbyo6Y6lnB53tAr4LOt 5bYyBxPkRmh8yr9Q4gJ4veCy7I/JrHJHOGmYQzq93Mgtwb7EMl9hPrEk2NTmMjNO XlldvhmgNTNbNFGKHwjd0MaLxuVb9H9KoCoylVq4IqxmUYvkrKZtXuLp2q24HwFf 7X16oS3sy7N/36dF90fE0go5ig+c06bkHe9tQES3crTF2bvHTOy2wfdG52e/A65P zYUNcHtYihP3jvTb2jzPrj2Je1Vmcbsu0eBU12X+Zjb+kU9eTPwavo86cqlq0Jh3 fokJ/X/LvUQGHzlo7XpBSUO7Uffe0aEpYxduzBFwrZv+mC2Lo+/CM6A0f3lh5QOl mzNvx33OdAfDIWMOMncOyxiPW0SKRTlGaxqmq678BItw170i0i8kLCqghacQYnLr knqsD1xAlvGqEiw/q/9a5h6M+9GSJsU+FfP1eSKF9rqXL9HWhkDXcjZtT6oek74X r3H19hjK9y7afN5fTu5tmh2XWBHHMg+hWC9obsmATf6fj0Dvl8kZyocoT0bNLp5R U9B9S2f6HNvTDVE7AYKP7ZKIv/04LYh+mqVLcGRSaElYgHJWvZ00JR+VatHk+FTi PBEUSA16gW/+9xHp8/Sp =A1Hj -----END PGP SIGNATURE----- Changes: php5 (5.4.45-0+deb7u1) wheezy-security; urgency=medium * New upstream version 5.4.45 - Core: . Fixed bug #70172 (Use After Free Vulnerability in unserialize()). . Fixed bug #70219 (Use after free vulnerability in session deserializer). - EXIF: . Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes). - hash: . Fixed bug #70312 (HAVAL gives wrong hashes in specific cases). - PCRE: . Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). - SOAP: . Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). - SPL: . Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectStorage). . Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLinkedList). - XSLT: . Fixed bug #69782 (NULL pointer dereference). - ZIP: . Fixed bug #70350 (ZipArchive::extractTo allows for directory traversal when creating directories). * Rebase patches on top of 5.4.45 release -- Ondřej Surý <[email protected]> Mon, 07 Sep 2015 13:44:03 +0200
