This bug was fixed in the package php5 - 5.4.6-1ubuntu1
---
php5 (5.4.6-1ubuntu1) quantal; urgency=low
* Merge from Debian experimental (LP: #1006738 , LP: #1040212)
Remaining changes:
- d/rules: Simplify apache config settings since we never build
interbase or firebird.
- debian/rules: export DEB_HOST_MULTIARCH properly.
- Add build-dependency on lemon, which we now need.
- Dropped firebird2.1-dev, libc-client-dev, libmcrypt-dev as it is
in universe.
- Dropped libcurl-dev not in the archive.
- debian/control: replace build-depends on mysql-server with
mysql-server-core-5.5 and mysql-client-5.5 to avoid upstart and
mysql-server-5.5 postinst confusion with starting up multiple
mysqlds listening on the same port.
- Dropped php5-imap, php5-interbase, php5-mcrypt since we have
versions already in universe.
- Dropped libonig-dev and libqgdbm since its in universe. (libonig
MIR has been declined due to an inactive upstream. So this is
probably a permanent change).
- modulelist: Drop imap, interbase, sybase, and mcrypt.
- debian/rules:
- Dropped building of mcrypt, imap, and interbase.
- Install apport hook for php5.
- stop mysql instance on clean just in case we failed in tests
- debian/control, debian/rules: Re-enable libedit-dev.
* Dropped Changes:
- debian/rules: change memory limits on example .ini files.
php5 (5.4.6-1) experimental; urgency=low
* Imported Upstream version 5.4.6
* Apply another fix to compile --without-system-tzdata
(Courtesy of Michael Heimpold)
* Get rid of empty examples directory (Closes: #684108), but
keep parent directory to store test-results.txt among others
* Provide sensible default configuration for PHP-CGI files
(Closes: #685340)
* Add NEWS text about default extension configuration
* Update NEWS and README.Debian based on debian-l10n-english review
(Courtesy of Justing B Rye)
php5 (5.4.5-1) experimental; urgency=low
* Imported Upstream version 5.4.5
* Update patches for PHP 5.4.5 release
* Compile with system libzip (upstream has added support for that)
php5 (5.4.4-4) unstable; urgency=low
* Fix php5-fpm segfault (PHP#62205)
* CVE-2012-2688: potential overflow in _php_stream_scandir
(Closes: #683274)
* Improve security in CGI section in README.Debian (Closes: #674205)
-- Clint ByrumWed, 22 Aug 2012 13:40:18 -0700
** Changed in: php5 (Ubuntu)
Status: New => Fix Released
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-2688
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1040212
Title:
PHP CGI configuration fundamentally changed
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu-release-notes/+bug/1040212/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
