-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Mon, 30 Apr 2007 14:20:00 +0200
Source: php5
Binary: php5-gd php5-ldap php5 php5-xmlrpc php5-pspell libapache2-mod-php5 php5-xsl php5-cgi php-pear php5-tidy php5-pgsql php5-cli php5-recode php5-mhash php5-sybase php5-curl php5-odbc php5-mcrypt php5-mysql php5-common php5-imap php5-snmp php5-dev php5-sqlite libapache-mod-php5 php5-interbase
Architecture: source i386 all
Version: 5.2.0-8+etch3~bpo.1
Distribution: sarge-backports
Urgency: high
Maintainer: Debian PHP Maintainers <pkg-php-maint@lists.alioth.debian.org>
Changed-By: Jan Wagner <waja@cyconet.org>
Description: 
 libapache-mod-php5 - server-side, HTML-embedded scripting language (apache 1.3 module)
 libapache2-mod-php5 - server-side, HTML-embedded scripting language (apache 2 module)
 php-pear   - PEAR - PHP Extension and Application Repository
 php5       - server-side, HTML-embedded scripting language (meta-package)
 php5-cgi   - server-side, HTML-embedded scripting language (CGI binary)
 php5-cli   - command-line interpreter for the php5 scripting language
 php5-common - Common files for packages built from the php5 source
 php5-curl  - CURL module for php5
 php5-dev   - Files for PHP5 module development
 php5-gd    - GD module for php5
 php5-imap  - IMAP module for php5
 php5-interbase - interbase/firebird module for php5
 php5-ldap  - LDAP module for php5
 php5-mcrypt - MCrypt module for php5
 php5-mhash - MHASH module for php5
 php5-mysql - MySQL module for php5
 php5-odbc  - ODBC module for php5
 php5-pgsql - PostgreSQL module for php5
 php5-pspell - pspell module for php5
 php5-recode - recode module for php5
 php5-snmp  - SNMP module for php5
 php5-sqlite - SQLite module for php5
 php5-sybase - Sybase / MS SQL Server module for php5
 php5-tidy  - tidy module for php5
 php5-xmlrpc - XML-RPC module for php5
 php5-xsl   - XSL module for php5
Changes: 
 php5 (5.2.0-8+etch3~bpo.1) sarge-backports; urgency=low
 .
   * rebuild for sarge
   * removed libcurl3-openssl-dev and libpq-dev from build-dependencies.
   * changed depencies for libapache2-mod-php5 to apache2-common
   * changed build depency from libsnmp9-dev to libsnmp5-dev
   * removed build depency for libmysqlclient15-dev and linked against
     libmysqlclient12-dev
   * changed build depency from libapr1-dev to libapr0-dev
   * changed build depency from libdb4.4-dev to libdb4.2-dev
   * added build depency for libsqlite3-dev
   * set build depency version for firebird2-dev to (>=1.5.3.4870-1)
   * disabled LFSs, caused segfaults on sarge:
     - modified rules
     - modified 053-extension_api.patch and 006-debian_quirks.patch
     - removed 019-z_off_t_as_long.patch
   * disabled mysqli support
   * leave a hint in README.Debian of php5-common about mysql
 .
 php5 (5.2.0-8+etch3) stable-security; urgency=high
 .
   [ sean finney ]
   * The following security issues are addressed with this update:
     - CVE-2007-0910/MOPB-32 session_decode() Double Free Vulnerability
       * note that this is an update to the previous version of the upstream
         fix for CVE-2007-0910, which introduced a seperate exploit path.
     - CVE-2007-1286/MOPB-04 unserialize() ZVAL Reference Counter Overflow
     - CVE-2007-1380/MOPB-10 php_binary Session Deserialization Information Leak
     - CVE-2007-1375/MOPB-14 substr_compare() Information Leak Vulnerability
     - CVE-2007-1376/MOPB-15 shmop Functions Resource Verification Vulnerability
     - CVE-2007-1453/MOPB-18 ext/filter HTML Tag Stripping Bypass Vulnerability
     - CVE-2007-1453/MOPB-19 ext/filter Space Trimming Buffer Underflow Vuln.
     - CVE-2007-1521/MOPB-22 session_regenerate_id() Double Free Vulnerability
     - CVE-2007-1583/MOPB-26 mb_parse_str() register_globals Activation Vuln.
     - CVE-2007-1700/MOPB-30 _SESSION unset() Vulnerability
     - CVE-2007-1718/MOPB-34 mail() Header Injection
     - CVE-2007-1777/MOPB-35 zip_entry_read() Integer Overflow Vulnerability
     - CVE-2007-1887-1888/MOPB-41 sqlite_udf_decode_binary() Buffer Overflow
     - CVE-2007-1824/MOPB-42 php_stream_filter_create() Off By One Vulnerablity
     - CVE-2007-1889/MOPB-44 Memory Manager Signed Comparision Vulnerability
     - CVE-2007-1900/MOPB-45 ext/filter Email Validation Vulnerability
   * The other security issues resulting from the "Month of PHP bugs" either
     did not affect the version of php5 shipped in etch, or did not merit
     a security update according to the established security policy for php
     in debian.  You are encouraged to verify that your configuration is not
     affected by any of the other vulnerabilities by visiting:
         http://www.php-security.org/
Files: 
 515a6c57aafcb1effc58efdea8d73c21 1950 web optional php5_5.2.0-8+etch3~bpo.1.dsc
 52d7e8b3d8d7573e75c97340f131f988 8583491 web optional php5_5.2.0.orig.tar.gz
 1a390ea192802a2a62c7f0c04b16c2b3 610690 web optional php5_5.2.0-8+etch3~bpo.1.diff.gz
 82e1a1da80ea361def186282e581b083 214878 web optional php5-common_5.2.0-8+etch3~bpo.1_i386.deb
 912d12b1af20c1f0b852e028645b1d64 2405244 web optional libapache-mod-php5_5.2.0-8+etch3~bpo.1_i386.deb
 f534a61fb56dabfbac7af94d197cb615 2405728 web optional libapache2-mod-php5_5.2.0-8+etch3~bpo.1_i386.deb
 3bdf54a492fdeaf5a7b3980014f1586d 4743958 web optional php5-cgi_5.2.0-8+etch3~bpo.1_i386.deb
 6b5f4e858db50330612d31f56cdb1eef 2389008 web optional php5-cli_5.2.0-8+etch3~bpo.1_i386.deb
 c3de14dde379aec9e931a1652263fe0c 342074 devel optional php5-dev_5.2.0-8+etch3~bpo.1_i386.deb
 691297e239c24cfedfa56530b604d134 24194 web optional php5-curl_5.2.0-8+etch3~bpo.1_i386.deb
 76ca0377f42e450213eb3a1e27c237cc 32968 web optional php5-gd_5.2.0-8+etch3~bpo.1_i386.deb
 8cf89ea4643f61a557290b39211667db 35306 web optional php5-imap_5.2.0-8+etch3~bpo.1_i386.deb
 8352da5f0d35dd2be4ecabd16191d802 43586 web optional php5-interbase_5.2.0-8+etch3~bpo.1_i386.deb
 000620c0283d526b982c8cc976aabfff 17194 web optional php5-ldap_5.2.0-8+etch3~bpo.1_i386.deb
 71633c0476fa023861654242c3ecbb02 13024 web optional php5-mcrypt_5.2.0-8+etch3~bpo.1_i386.deb
 c6308f42072afdd45636c09f559bdd58 5252 web optional php5-mhash_5.2.0-8+etch3~bpo.1_i386.deb
 73d8f4c4e39146b8d450362e30b2e481 27164 web optional php5-mysql_5.2.0-8+etch3~bpo.1_i386.deb
 0979f2ee0111a3fcde97061da9ccf3be 33532 web optional php5-odbc_5.2.0-8+etch3~bpo.1_i386.deb
 4ebb320e9281cdc1e5863f6cbf6c672f 48962 web optional php5-pgsql_5.2.0-8+etch3~bpo.1_i386.deb
 a3f638f78525f769d9134e5c2a6becb2 8650 web optional php5-pspell_5.2.0-8+etch3~bpo.1_i386.deb
 a30bb804e032720152d38c44fb293e40 4920 web optional php5-recode_5.2.0-8+etch3~bpo.1_i386.deb
 399c416b33d6095716bf362006ff8791 11398 web optional php5-snmp_5.2.0-8+etch3~bpo.1_i386.deb
 fc944552052a50de87551dbd723c0d36 34660 web optional php5-sqlite_5.2.0-8+etch3~bpo.1_i386.deb
 fa2080fbe1a3904ce4df43c1119e7239 18674 web optional php5-sybase_5.2.0-8+etch3~bpo.1_i386.deb
 f12c255e6adc355d21e552f59d5b43be 16910 web optional php5-tidy_5.2.0-8+etch3~bpo.1_i386.deb
 4968c45004f252c5eabdcb8e86a9ba41 36452 web optional php5-xmlrpc_5.2.0-8+etch3~bpo.1_i386.deb
 644cffdfad4d5352aa502076850a58a0 12514 web optional php5-xsl_5.2.0-8+etch3~bpo.1_i386.deb
 509bb46ca7ddd6e8eed1d655dfee3b5c 1050 web optional php5_5.2.0-8+etch3~bpo.1_all.deb
 dcfa47c6d10aae099e5f33bf5705d1bd 307028 web optional php-pear_5.2.0-8+etch3~bpo.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGNfs29u6Dud+QFyQRAhCXAJsFTnpp5uiaArfDWER7FAg42/kqiACfa/7K
xAk63iYBy9ThcYsPnVu6hLI=
=jy0H
-----END PGP SIGNATURE-----