diff options
| author | Ondřej Surý <ondrej@sury.org> | 2011-06-15 16:32:56 +0200 |
|---|---|---|
| committer | Ondřej Surý <ondrej@sury.org> | 2011-06-15 16:32:56 +0200 |
| commit | 6e7798ecfed963e81b4a94dca292e492d6b97af0 (patch) | |
| tree | 9acb2795f8236c1e602cd5889f607eabf99adee7 | |
| parent | f14d710b24c0a1b1e7afe452f852a7699571e832 (diff) | |
| download | php-debian/5.2.6.dfsg.1-1+lenny11.tar.gz | |
prepare 5.2.6.dfsg.1-1+lenny11 releasedebian/5.2.6.dfsg.1-1+lenny11
| -rw-r--r-- | debian/changelog | 14 |
1 files changed, 8 insertions, 6 deletions
diff --git a/debian/changelog b/debian/changelog index 353d180de..629b93a3d 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,11 +1,13 @@ php5 (5.2.6.dfsg.1-1+lenny11) oldstable-security; urgency=low - * Fix _zip_name_locate function in zip_name_locate.c (CVE-2011-0421) - * Fix integer overflow in the SdnToJulian (has CVE-2011-1466) - * Fix incorrect cast on 64-bit platforms in exif.c (CVE-2011-0708) - * Fix for integer signedness error in zip_stream.c (CVE-2011-1471) - * File path injection vulnerability in RFC1867 File upload filename - (CVE-2011-2202) + * Fix CVE-2011-0421: _zip_name_locate function in zip_name_locate.c + * Fix CVE-2011-1466: integer overflow in the SdnToJulian + * Fix CVE-2011-0708: incorrect cast on 64-bit platforms in exif.c + * Fix CVE-2011-1471: integer signedness error in zip_stream.c + * Fix CVE-2011-2202: file path injection vulnerability in RFC1867 file + upload filename + * Fix CVE-2010-2531: var_export() causes a fatal error that could + inadvertently display data due to flushing of the output buffer. -- Ondřej Surý <ondrej@debian.org> Wed, 15 Jun 2011 11:18:49 +0200 |