This bug was fixed in the package php5 - 5.3.6-13ubuntu3.9
---
php5 (5.3.6-13ubuntu3.9) oneiric-security; urgency=low
* SECURITY UPDATE: HTTP response-splitting issue with %0D sequences
- debian/patches/CVE-2011-1398.patch: properly handle %0D and NUL in
main/SAPI.c, added
This bug was fixed in the package php5 - 5.3.5-1ubuntu7.11
---
php5 (5.3.5-1ubuntu7.11) natty-security; urgency=low
* SECURITY UPDATE: HTTP response-splitting issue with %0D sequences
- debian/patches/CVE-2011-1398.patch: properly handle %0D and NUL in
main/SAPI.c, added t
This bug was fixed in the package php5 - 5.3.2-1ubuntu4.18
---
php5 (5.3.2-1ubuntu4.18) lucid-security; urgency=low
* SECURITY UPDATE: HTTP response-splitting issue with %0D sequences
- debian/patches/CVE-2011-1398.patch: properly handle %0D and NUL in
main/SAPI.c, added t
This bug was fixed in the package php5 - 5.2.4-2ubuntu5.26
---
php5 (5.2.4-2ubuntu5.26) hardy-security; urgency=low
* SECURITY UPDATE: HTTP response-splitting issue with %0D sequences
- debian/patches/CVE-2011-1398.patch: properly handle %0D and NUL in
main/SAPI.c.
- C
This bug was fixed in the package php5 - 5.3.10-1ubuntu3.4
---
php5 (5.3.10-1ubuntu3.4) precise-security; urgency=low
* SECURITY UPDATE: HTTP response-splitting issue with %0D sequences
- debian/patches/CVE-2011-1398.patch: properly handle %0D and NUL in
main/SAPI.c, added
** Also affects: php5 (Ubuntu Lucid)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Oneiric)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: php5 (Ubuntu Quantal)
Importanc
Thanks for taking the time to report this bug and helping to make Ubuntu
better. This CVE is being tracked in the Ubuntu CVE tracker:
http://people.ubuntu.com/~ubuntu-security/cve/CVE-2012-2688.html
** Changed in: php5 (Ubuntu)
Status: New => Triaged
** Visibility changed to: Public
--