Your message dated Sun, 04 Mar 2007 13:17:09 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#400306: fixed in php4 6:4.4.4-9
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libapache2-mod-php4
Version: 6:4.4.4-8
Severity: minor
The package description contains "This package provides the PHP4 module for
the Apache 2.0 webserver" which is outdated.
Please s/2.0/2.
This also affects php5.
--- End Message ---
--- Begin Message ---
Source: php4
Source-Version: 6:4.4.4-9
We believe that the bug you reported is fixed in the latest version of
php4, which is due to be installed in the Debian FTP archive:
libapache-mod-php4_4.4.4-9_i386.deb
to pool/main/p/php4/libapache-mod-php4_4.4.4-9_i386.deb
libapache2-mod-php4_4.4.4-9_i386.deb
to pool/main/p/php4/libapache2-mod-php4_4.4.4-9_i386.deb
php4-cgi_4.4.4-9_i386.deb
to pool/main/p/php4/php4-cgi_4.4.4-9_i386.deb
php4-cli_4.4.4-9_i386.deb
to pool/main/p/php4/php4-cli_4.4.4-9_i386.deb
php4-common_4.4.4-9_i386.deb
to pool/main/p/php4/php4-common_4.4.4-9_i386.deb
php4-curl_4.4.4-9_i386.deb
to pool/main/p/php4/php4-curl_4.4.4-9_i386.deb
php4-dev_4.4.4-9_i386.deb
to pool/main/p/php4/php4-dev_4.4.4-9_i386.deb
php4-domxml_4.4.4-9_i386.deb
to pool/main/p/php4/php4-domxml_4.4.4-9_i386.deb
php4-gd_4.4.4-9_i386.deb
to pool/main/p/php4/php4-gd_4.4.4-9_i386.deb
php4-imap_4.4.4-9_i386.deb
to pool/main/p/php4/php4-imap_4.4.4-9_i386.deb
php4-interbase_4.4.4-9_i386.deb
to pool/main/p/php4/php4-interbase_4.4.4-9_i386.deb
php4-ldap_4.4.4-9_i386.deb
to pool/main/p/php4/php4-ldap_4.4.4-9_i386.deb
php4-mcal_4.4.4-9_i386.deb
to pool/main/p/php4/php4-mcal_4.4.4-9_i386.deb
php4-mcrypt_4.4.4-9_i386.deb
to pool/main/p/php4/php4-mcrypt_4.4.4-9_i386.deb
php4-mhash_4.4.4-9_i386.deb
to pool/main/p/php4/php4-mhash_4.4.4-9_i386.deb
php4-mysql_4.4.4-9_i386.deb
to pool/main/p/php4/php4-mysql_4.4.4-9_i386.deb
php4-odbc_4.4.4-9_i386.deb
to pool/main/p/php4/php4-odbc_4.4.4-9_i386.deb
php4-pear_4.4.4-9_all.deb
to pool/main/p/php4/php4-pear_4.4.4-9_all.deb
php4-pgsql_4.4.4-9_i386.deb
to pool/main/p/php4/php4-pgsql_4.4.4-9_i386.deb
php4-pspell_4.4.4-9_i386.deb
to pool/main/p/php4/php4-pspell_4.4.4-9_i386.deb
php4-recode_4.4.4-9_i386.deb
to pool/main/p/php4/php4-recode_4.4.4-9_i386.deb
php4-snmp_4.4.4-9_i386.deb
to pool/main/p/php4/php4-snmp_4.4.4-9_i386.deb
php4-sybase_4.4.4-9_i386.deb
to pool/main/p/php4/php4-sybase_4.4.4-9_i386.deb
php4-xslt_4.4.4-9_i386.deb
to pool/main/p/php4/php4-xslt_4.4.4-9_i386.deb
php4_4.4.4-9.diff.gz
to pool/main/p/php4/php4_4.4.4-9.diff.gz
php4_4.4.4-9.dsc
to pool/main/p/php4/php4_4.4.4-9.dsc
php4_4.4.4-9_all.deb
to pool/main/p/php4/php4_4.4.4-9_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
sean finney <[EMAIL PROTECTED]> (supplier of updated php4 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Tue, 27 Feb 2007 00:51:22 +0100
Source: php4
Binary: php4-sybase php4-recode php4-pspell php4-cgi libapache-mod-php4
php4-interbase php4-mcrypt php4-cli php4-dev php4-snmp libapache2-mod-php4
php4-odbc php4-xslt php4-mysql php4-domxml php4-gd php4-ldap php4-imap
php4-common php4 php4-curl php4-pear php4-mcal php4-pgsql php4-mhash
Architecture: source i386 all
Version: 6:4.4.4-9
Distribution: unstable
Urgency: high
Maintainer: Debian PHP Maintainers <[EMAIL PROTECTED]>
Changed-By: sean finney <[EMAIL PROTECTED]>
Description:
libapache-mod-php4 - server-side, HTML-embedded scripting language (apache 1.3
module)
libapache2-mod-php4 - server-side, HTML-embedded scripting language (apache 2
module)
php4 - server-side, HTML-embedded scripting language (meta-package)
php4-cgi - server-side, HTML-embedded scripting language (CGI binary)
php4-cli - command-line interpreter for the php4 scripting language
php4-common - Common files for packages built from the php4 source
php4-curl - CURL module for php4
php4-dev - Files for PHP4 module development
php4-domxml - XMLv2 module for php4
php4-gd - GD module for php4
php4-imap - IMAP module for php4
php4-interbase - interbase/firebird module for php4
php4-ldap - LDAP module for php4
php4-mcal - MCAL calendar module for php4
php4-mcrypt - MCrypt module for php4
php4-mhash - MHASH module for php4
php4-mysql - MySQL module for php4
php4-odbc - ODBC module for php4
php4-pear - PHP Extension and Application Repository (transitional package)
php4-pgsql - PostgreSQL module for php4
php4-pspell - pspell module for php4
php4-recode - Character recoding module for php4
php4-snmp - SNMP module for php4
php4-sybase - Sybase / MS SQL Server module for php4
php4-xslt - XSLT module for php4
Closes: 400306
Changes:
php4 (6:4.4.4-9) unstable; urgency=high
.
[ sean finney ]
* The following security issues are addressed with this update:
- CVE-2007-0906: Multiple buffer overflows in various code:
* session (addressed in patch for CVE-2007-0910 below)
* imap (062-CVE-2007-0906-imap.patch)
* str_replace: (064-CVE-2007-0906-strreplace.patch)
* interbase: (063-CVE-2007-0906-interbase.patch)
* the zip, sqlite, stream filters, and mail related vulnerabilities
in this CVE do not affect the debian sarge php4 source package.
- CVE-2007-0907: sapi_header_op buffer underflow (065-CVE-2007-0907.patch)
- CVE-2007-0908: wddx information disclosure (066-CVE-2007-0908.patch)
- CVE-2007-0909: More buffer overflows:
* the odbc_result_all function (067-CVE-2007-0909-odbc.patch)
* various formatted print functions (068-CVE-2007-0909-printf.patch)
- CVE-2007-0910: Clobbering of super-globals (069-CVE-2007-0910.patch)
- CVE-2007-0988: 64bit unserialize DoS (070-CVE-2007-0988.patch)
* The package maintainers would like to thank Joe Orton from redhat and
Martin Pitt from ubuntu for their help in preparation of this update.
* Update package information to say simply "Apache 2" instead
of "Apache 2.0" (closes: #400306).
* Update php4-gd Description to make more sense and mention
Freetype fonts.
* Add mention to README.Debian of needing to restart apache when
installing modules.
* high urgency due to numerous security fixes.
Files:
4df66e08083db0bf318752bbd664fa48 1989 web optional php4_4.4.4-9.dsc
cd51a123843da7e404a6a12a3651b83c 96890 web optional php4_4.4.4-9.diff.gz
e7ad2e5d9e4ee29f423d8af8d2a5724e 206400 web optional
php4-common_4.4.4-9_i386.deb
3324e7588316794f2d370f00c8580934 1595124 web optional
libapache-mod-php4_4.4.4-9_i386.deb
ff4ee923682862451cf7bf0d4ee6f1d6 1596746 web optional
libapache2-mod-php4_4.4.4-9_i386.deb
7288ba63428d2d7cf2c66f3e799af047 3175442 web optional php4-cgi_4.4.4-9_i386.deb
cca89ac23709c452eed7ba6b8e1b4c49 1596574 web optional php4-cli_4.4.4-9_i386.deb
b7bae56d6768dd4cc13eb40b3517881d 201152 devel optional
php4-dev_4.4.4-9_i386.deb
cb70a48c2670a8390bbf29985f4e14b3 15918 web optional php4-curl_4.4.4-9_i386.deb
ec33ba9c269607b6a04ee5e2f5890399 35028 web optional
php4-domxml_4.4.4-9_i386.deb
ef43a12c07a605888e87dc0fc3682019 29644 web optional php4-gd_4.4.4-9_i386.deb
be04a78ae6f3e21518df762e7a6c5220 33230 web optional php4-imap_4.4.4-9_i386.deb
8482780734360b6769415a2d3c4a032d 23144 web optional
php4-interbase_4.4.4-9_i386.deb
6a50093df53bfeff1f5c80ea2680c5f2 17046 web optional php4-ldap_4.4.4-9_i386.deb
c553a43f9c324dbadead36bbfdfc93e4 14054 web optional php4-mcal_4.4.4-9_i386.deb
159ad5a24fdaea83469b96e22eecc115 13150 web optional
php4-mcrypt_4.4.4-9_i386.deb
71d5db1290ab79d92d034617356be08c 5034 web optional php4-mhash_4.4.4-9_i386.deb
3802e9ccc127fab1315d618ce3cd069a 18540 web optional php4-mysql_4.4.4-9_i386.deb
35b6c885fa1fd2fa6e465abeb99f0dc5 24542 web optional php4-odbc_4.4.4-9_i386.deb
59da6c16196e9acfcb40002bd2d6b9e5 33828 web optional php4-pgsql_4.4.4-9_i386.deb
dd6f844e8de6edba2fb86785c9ada51b 8426 web optional php4-pspell_4.4.4-9_i386.deb
359bab9a544660fa726f5cdcc31146a8 4746 web optional php4-recode_4.4.4-9_i386.deb
ea78ed271642cb04cbd69cbecdca3ea3 10254 web optional php4-snmp_4.4.4-9_i386.deb
1d0c77c5d08815a2c21d046e6585698b 18040 web optional
php4-sybase_4.4.4-9_i386.deb
7f489876713c295c6a2a41da30940615 13194 web optional php4-xslt_4.4.4-9_i386.deb
d3b241f1b674e08de7a3b1c76a086643 1160 web optional php4_4.4.4-9_all.deb
3a7a283aca70efe0142aabc285258baf 1174 web optional php4-pear_4.4.4-9_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFF6sItynjLPm522B0RAgiTAKCEml4CYBAyUgqHdTkSFIT3IDw17ACdHMV9
5IqvgOCY324yU7q42iqwGIs=
=W/TF
-----END PGP SIGNATURE-----
--- End Message ---
