According to this issue it is not yet released for Hardy nor Precise, but the announcement for 5.2.4-2ubuntu5.22 says it is: https://launchpad.net/ubuntu/+source/php5/5.2.4-2ubuntu5.22
Was that tracked somewhere else and this issue just needs to be updated? Related question: I searched for the bug for the remote arbitrary code execution that this fix introduced (PHP 5.3.10, CVE-2012-0830) and couldn't find it -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/910296 Title: Please backport the upstream patch to prevent attacks based on hash collisions To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs