** Changed in: php-imap (Ubuntu Dapper)
Status: Triaged => Won't Fix
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/485973
Title:
php5-cgi: IMAP toolkit crash
To manage notifications about th
I don't have time to work on dapper debdiff...
** Changed in: php-imap (Ubuntu Dapper)
Status: Incomplete => Triaged
** Changed in: php-imap (Ubuntu Dapper)
Assignee: Devid Antonio Filoni (d.filoni) => (unassigned)
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/4859
Per Marc's comment on 2010-01-12, the Dapper debdiff needs to be fixed
still. Adding 'patch-needswork' tag and leaving Dapper task as
Incomplete.
** Tags added: patch-needswork
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you a
** Branch linked: lp:ubuntu/hardy-security/php-imap
** Branch linked: lp:ubuntu/karmic-security/php-imap
** Branch linked: lp:ubuntu/jaunty-security/php-imap
** Branch linked: lp:ubuntu/intrepid-security/php-imap
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You receiv
This bug was fixed in the package php-imap - 5.2.3-0ubuntu3.1
---
php-imap (5.2.3-0ubuntu3.1) hardy-security; urgency=low
* SECURITY UPDATE: unsafe usage of deprecated imap functions (LP: #485973)
- php_imap.c: apply patch taken from Debian
- CVE-2008-2829
-- Devid Antonio
This bug was fixed in the package php-imap - 5.2.6-0ubuntu3.1
---
php-imap (5.2.6-0ubuntu3.1) intrepid-security; urgency=low
* SECURITY UPDATE: unsafe usage of deprecated imap functions (LP: #485973)
- php_imap.c: apply patch taken from Debian
- CVE-2008-2829
-- Devid Anton
This bug was fixed in the package php-imap - 5.2.6-0ubuntu5.1
---
php-imap (5.2.6-0ubuntu5.1) jaunty-security; urgency=low
* SECURITY UPDATE: unsafe usage of deprecated imap functions (LP: #485973)
- php_imap.c: apply patch taken from Debian
- CVE-2008-2829
-- Devid Antonio
This bug was fixed in the package php-imap - 5.2.6-0ubuntu6.1
---
php-imap (5.2.6-0ubuntu6.1) karmic-security; urgency=low
* SECURITY UPDATE: unsafe usage of deprecated imap functions (LP: #485973)
- php_imap.c: apply patch taken from Debian
- CVE-2008-2829
-- Devid Antonio
ACK for hardy - karmic
** Changed in: php-imap (Ubuntu Lucid)
Status: Incomplete => Fix Released
** Changed in: php-imap (Ubuntu Hardy)
Status: Incomplete => Fix Committed
** Changed in: php-imap (Ubuntu Intrepid)
Status: Incomplete => Fix Committed
** Changed in: php-imap
Luca, you are correct about the USN. The patch in the USN came from
Debian but the code in Ubuntu is not built since php-imap is broken out
(and therefore, unfortunately, not tested). Looking at the patch, a lot
of the differences can be attributed to changing the memory allocation
for 'string' fro
Sorry Jamie, but i'm not so expert with packaging and co. but, as far as
i can see, a package for Karmic built with the patch created by d.filoni
solves my problem and php does crashes no more. The bug IS fixed on php
and, as far as i can read on the USN, IS ALSO fixed on ubuntu's php
sources...
-
Based on my research the patch is incorrect. Lucid has the incorrect
patch in it and needs to be updated. You should be using
http://svn.php.net/viewvc?view=revision&revision=267399. If this is in
error, please resubmit the patches with the correct references for the
origin of the patch. Unsubscrib
** Patch removed: "php-imap_5.2.3-0ubuntu3.1.debdiff"
http://launchpadlibrarian.net/37509646/php-imap_5.2.3-0ubuntu3.1.debdiff
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed
Hardy debdiff
** Patch added: "php-imap_5.2.3-0ubuntu3.1.debdiff"
http://launchpadlibrarian.net/38312295/php-imap_5.2.3-0ubuntu3.1.debdiff
** Changed in: php-imap (Ubuntu Hardy)
Status: Incomplete => Confirmed
** Changed in: php-imap (Ubuntu Hardy)
Assignee: Devid Antonio Filoni (
I've tested the new package built by d.filoni on karmic on the same
environment i used to check the existence of the bug in 9.10. Now, if i
try to download the mbox file from horde i get it downloaded without
problems and errors on the php error log. So, as far as i can see the
bug is fixed.
--
p
The dapper debdiff also fails to build. Please re-submit a fixed dapper
debdiff also.
** Changed in: php-imap (Ubuntu Dapper)
Status: Confirmed => Incomplete
** Changed in: php-imap (Ubuntu Dapper)
Assignee: (unassigned) => Devid Antonio Filoni (d.filoni)
--
php5-cgi: IMAP toolkit c
Thanks for the debdiffs Devid.
The hardy debdiff is wrong and doesn't compile. Please submit a
corrected one. Also, please describe the testing you've performed on
these debdiffs.
I have unsubscribed ubuntu-security-sponsors from this bug. Once you've
completed the new hardy debdiff and have desc
** Changed in: php-imap (Ubuntu Dapper)
Importance: Undecided => High
** Changed in: php-imap (Ubuntu Hardy)
Importance: Undecided => High
** Changed in: php-imap (Ubuntu Intrepid)
Importance: Undecided => High
** Changed in: php-imap (Ubuntu Jaunty)
Importance: Undecided => High
**
** Changed in: php-imap (Ubuntu Dapper)
Status: New => Confirmed
** Changed in: php-imap (Ubuntu Hardy)
Status: New => Confirmed
** Changed in: php-imap (Ubuntu Intrepid)
Status: New => Confirmed
** Changed in: php-imap (Ubuntu Jaunty)
Status: New => Confirmed
** Cha
debdiff for dapper-security.
** Attachment added: "php-imap_5.1.2-1ubuntu0.1.debdiff"
http://launchpadlibrarian.net/37509909/php-imap_5.1.2-1ubuntu0.1.debdiff
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of
debdiff for hardy-security.
** Attachment added: "php-imap_5.2.3-0ubuntu3.1.debdiff"
http://launchpadlibrarian.net/37509646/php-imap_5.2.3-0ubuntu3.1.debdiff
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of U
debdiff for intrepid-security.
** Changed in: php-imap (Ubuntu Dapper)
Status: Invalid => New
** Attachment added: "php-imap_5.2.6-0ubuntu3.1.debdiff"
http://launchpadlibrarian.net/37506994/php-imap_5.2.6-0ubuntu3.1.debdiff
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bu
** Branch linked: lp:ubuntu/php-imap
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.co
** Changed in: php-imap (Ubuntu Dapper)
Status: New => Invalid
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.u
debdiff for jaunty-proposed.
** Attachment added: "php-imap_5.2.6-0ubuntu5.1.debdiff"
http://launchpadlibrarian.net/37506578/php-imap_5.2.6-0ubuntu5.1.debdiff
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of
Debdiff for karmic-security.
** Attachment added: "php-imap_5.2.6-0ubuntu6.1.debdiff"
http://launchpadlibrarian.net/37506352/php-imap_5.2.6-0ubuntu6.1.debdiff
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of
** Also affects: php-imap (Ubuntu Dapper)
Importance: Undecided
Status: New
** Also affects: php-imap (Ubuntu Hardy)
Importance: Undecided
Status: New
** Also affects: php-imap (Ubuntu Jaunty)
Importance: Undecided
Status: New
** Also affects: php-imap (Ubuntu Intre
This bug was fixed in the package php-imap - 5.2.6-0ubuntu7
---
php-imap (5.2.6-0ubuntu7) lucid; urgency=low
* Add quilt support.
* SECURITY UPDATE: unsafe usage of deprecated imap functions (LP: #485973)
- add debian/patches/CVE-2008-2829.diff, patch taken from Debian
- C
In Ubuntu, the php imap plugin is in a separate php-imap source package.
Although USN-628-1 says CVE-2008-2829 was fixed, it was a mistake. The
actual binary isn't built from the php5 source package.
CVE-2008-2829 needs to be fixed in the php-imap source package that's in
universe.
** Package ch
no one looking at this bug? :-(
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mai
The problem still exists with latest ubuntu php upgrade
r...@posta1:~# grep php /var/log/syslog | grep crash
Nov 27 19:42:35 posta1 php5-cgi: IMAP toolkit crash: rfc822.c legacy routine
buffer overflow
Nov 27 19:44:11 posta1 php5-cgi: IMAP toolkit crash: rfc822.c legacy routine
buffer overflow
r
Jamie, mind having a look at this?
** Package changed: ubuntu => php5 (Ubuntu)
** Changed in: php5 (Ubuntu)
Importance: Undecided => High
** Changed in: php5 (Ubuntu)
Status: New => Confirmed
** This bug has been flagged as a security vulnerability
--
php5-cgi: IMAP toolkit crash
ht
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2008-2829
--
php5-cgi: IMAP toolkit crash
https://bugs.launchpad.net/bugs/485973
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@li
33 matches
Mail list logo
