Hi, Dustin Kirkland from the Ubuntu Server Team tracked down commits that map to these issues.
On Tue, May 06, 2008 at 10:16:25AM +0000, Moritz Naumann wrote: > * Fixed possible stack buffer overflow in FastCGI SAPI. (Andrei > Nigmatulin) > --> CVE-2008-2050 (acc. to > http://marc.info/?l=oss-security&m=120974347717937) > --> not tracked by Debian yet http://marc.info/?l=php-cvs&m=120721829703242&w=2 > * Properly address incomplete multibyte chars inside escapeshellcmd() > (Ilia, Stefan Esser) > --> CVE-2008-2051 (acc. to > http://marc.info/?l=oss-security&m=120974347717937) > --> not tracked yet http://marc.info/?l=php-cvs&m=120579496007399&w=2 > * Fixed security issue detailed in CVE-2008-0599. (Rasmus) > --> CVE-2008-0599 (acc. to http://www.php.net/ChangeLog-5.php) > --> already tracked at > http://security-tracker.debian.net/tracker/CVE-2008-0599 http://marc.info/?l=php-cvs&m=120415902925033&w=2 > * Fixed a safe_mode bypass in cURL identified by Maksymilian > Arciemowicz. (Ilia) > --> CVE-2007-4850 (acc. to > http://securityreason.com/achievement_securityalert/51) > --> already tracked at > http://security-tracker.debian.net/tracker/CVE-2007-4850 > --> missing source package reference at > http://security-tracker.debian.net/tracker/source-package/php5 http://marc.info/?l=php-cvs&m=119963956428826&w=2 > * Upgraded PCRE to version 7.6 (Nuno) > --> CVE-2008-0674 (best match, no reference found) > --> not tracked yet > --> possibly missing reference at > http://security-tracker.debian.net/tracker/CVE-2008-0674 > (but should really be tracked seperately) > --> local code execution through buffer overflow http://marc.info/?l=php-cvs&m=120163838831816&w=2 php links against the system pcre, though, correct? So I think this can be ignored? Ah, yes, Thijs confirmed this in the bug report. On Tue, May 06, 2008 at 04:47:32PM +0200, Moritz Muehlenhoff wrote: > > http://www.php.net/ChangeLog-5.php lists several security fixes which are > > included in upstream PHP 5.2.6: > > Thanks, there are two more, which I found and which I just commited to > the tracker: > > +CVE-2008-XXXX [php integer overflow in printf] > + - php5 <unfixed> > + NOTE: http://www.php.net/ChangeLog-5.php > + NOTE: Needs further details or digging in SVN http://marc.info/?l=php-cvs&m=120579485607237&w=2 > +CVE-2008-XXXX [php suboptimal seeding] > + - php5 <unfixed> (low) > + - php4 <unfixed> (low) > + NOTE: http://www.sektioneins.de/advisories/SE-2008-02.txt > + NOTE: I don't believe we need to address this, likely no-dsa, but > needs further checking http://marc.info/?l=php-cvs&m=117601921106002&w=2 "However, the last one is from Sun Apr 8 08:04:31 2007 UTC, which seems like ages ago. We might already have that one?" -- Kees Cook @outflux.net -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
