php 5.2.14
PHP5 is an HTML-embedded scripting language. The goal of the language is to allow web developers to write dynamically generated pages quickly
Packager: Gökhan Özbulak
License: PHP
Actions
Binary packages
Release history
| Release | Release date | Version | Updater | Comment |
|---|---|---|---|---|
| 94 | 2011-06-14 | 5.2.14 | Gökhan Özbulak | Fix file path injection occurring when upload file with path including '/' at the very beginning (pb#18383) |
| 93 | 2011-05-27 | 5.2.14 | Gökhan Özbulak | Fix stack buffer overflow in socket_connect caused by too long address passing (pb#18212) |
| 92 | 2011-04-13 | 5.2.14 | Gökhan Özbulak | Fix use_after_free vulnerability in substr_replace function |
| 91 | 2011-04-04 | 5.2.14 | Gökhan Özbulak | Guard the usage of randomly initialized local variables in mt_rand function |
| 90 | 2011-03-24 | 5.2.14 | Gökhan Özbulak | Fix buffer overflow in strval function |
| 89 | 2011-03-23 | 5.2.14 | Gökhan Özbulak | Fix integer overflow in SdnToJulian function |
| 88 | 2011-03-14 | 5.2.14 | Gökhan Özbulak | Fix integer overflow in shmop_read function |
| 87 | 2011-02-16 | 5.2.14 | Gökhan Özbulak | Fix the security vulnerability - CVE-2011-0753 : denial of service caused by a race condition occurred in pcntl extension |
| 86 | 2011-02-08 | 5.2.14 | Gökhan Özbulak | Fix the security vulnerability - CVE-2011-0755 : integer overflow in mt_rand function |
| 85 | 2011-02-04 | 5.2.14 | Gökhan Özbulak | Fix the security vulnerability - CVE-2011-0752 : no overwrite $GLOBALS and $this when using EXTR_OVERWRITE in extract function |
| 84 | 2011-01-28 | 5.2.14 | Gökhan Özbulak | Fix the security vulnerability - CVE-2010-4697 : use-after-free in zend engine |
| 83 | 2011-01-27 | 5.2.14 | Gökhan Özbulak | Fix the security vulnerability - CVE-2010-4698 : stack buffer overflow in imagepstext |
| 82 | 2011-01-15 | 5.2.14 | Gökhan Özbulak | Fix the security vulnerability - CVE-2010-3709 : denial of service in getArchiveComment |
| 81 | 2010-12-22 | 5.2.14 | Gökhan Özbulak | Fix multiple security vulnerabilities - CVE-2010-4150 : double free in imap extension - CVE-2010-3710 : denial of service in filter_var() |
| 80 | 2010-10-31 | 5.2.14 | Erdem Bayer | Split cli and apache config file locations |
| 79 | 2010-08-03 | 5.2.14 | Eren Türkay | - Version bump to fix multiple vulnerabilities. (#13890) |
| 78 | 2010-05-07 | 5.2.13 | Eren Türkay | - Add patch to fix unsafe unserialize() remote code execution (CVE-2010-2225, #13644) - Enable OpenSSL support - Add autoconf-2.65 patch to fix configure error when using diversion |
| 77 | 2010-05-03 | 5.2.13 | Ahmet AYGÜN | Added PDO support for mysql and pgsql. |
| 76 | 2010-03-02 | 5.2.13 | Eren Türkay | * Version bump to fix 3 security vulnerabilities (#12363) - Fixed safe_mode validation inside tempnam() when the directory path does not end with a /). (Martin Jansen) - Fixed a possible open_basedir/safe_mode bypass in session extension identified by Grzegorz Stachowiak. (Ilia) - Improved LCG entropy. (Rasmus, Samy Kamkar) |
| 75 | 2009-12-21 | 5.2.12 | Eren Türkay | Version bump to fix 2 security vulnerabilities. (#11742) - Protection for $_SESSION from interrupt corruption and improved "session.save_path" check (CVE-2009-4143) - Insufficient input string validation of htmlspecialchars() (CVE-2009-4142) |
| 74 | 2009-11-22 | 5.2.11 | Eren Türkay | Fix 3 important security vulnerabilities: - It's possible to cause DOS with requests containing 160.000+ file uploads, limit max_uploads to 20. (#11580) - Safe_mode bypass in tempnam() (CVE-2009-3557) - Open_basedir bypass in posix_mkfifo() (CVE-2009-2558) |
| 73 | 2009-10-21 | 5.2.11 | Eren Türkay | Add patch to fix buffer overflow in _gdGetColors function, CVE-2009-3546 |
| 72 | 2009-09-23 | 5.2.11 | Taner Taş | Bugfix and security release for multiple vulnerabilities (CVE-2009-3291, CVE-2009-3292, CVE-2009-3293, Bug#11209) |
| 71 | 2009-09-04 | 5.2.10 | Taner Taş | Update suhosin patch (Bug#10303) |
| 70 | 2009-06-29 | 5.2.10 | Pınar Yanardağ | Update go-pear to 1.119. |
| 69 | 2009-06-22 | 5.2.10 | Pınar Yanardağ | Version bump to fix Denial of Service in exif_read_data() (#10062). |
| 68 | 2009-03-01 | 5.2.9 | Pınar Yanardağ | Version bump to fix multiple Denial of Service vulnerabilities (bug#9306). |
| 67 | 2008-12-12 | 5.2.8 | Pınar Yanardağ | Version bump to fix multiple vulnerabilities. |
| 66 | 2008-12-05 | 5.2.7 | Pınar Yanardağ | Version bump to fix multiple vulnerabilities (bug#8784) |
| 65 | 2008-08-11 | 5.2.6 | Pınar Yanardağ | Security fixes for imageloadfont() and memnstr() which might allow for arbitrary code execution. |
| 64 | 2008-07-12 | 5.2.6 | Gökmen Görgen | Enable mcrypt support. |
| 63 | 2008-07-09 | 5.2.6 | Eren Türkay | Enable cgi/fastcgi support. |
| 62 | 2008-05-24 | 5.2.6 | Eren Türkay | Edit libxml2 dependency. PHP should depend on the latest one. |
| 61 | 2008-05-05 | 5.2.6 | Eren Türkay | Version bump and enable ctypes module. This release includes 5 security fixes: http://www.php.net/ChangeLog-5.php |
| 60 | 2008-03-21 | 5.2.5 | Gökçen Eraslan | Fix for printf() integer overflow |
| 59 | 2008-02-20 | 5.2.5 | Bahadır Kandemir | Add go-pear application. |
| 58 | 2007-12-23 | 5.2.5 | İsmail Dönmez | Update to Suhosin 0.9.22 |
| 57 | 2007-11-11 | 5.2.5 | İsmail Dönmez | Stable update |
| 56 | 2007-11-05 | 5.2.4 | İsmail Dönmez | Fix PHP bug #43121 |
| 55 | 2007-08-31 | 5.2.4 | İsmail Dönmez | Stable update to fix multiple vulnerabilities |
| 54 | 2007-07-10 | 5.2.3 | İsmail Dönmez | Add proper fix for MOPB-29-2007 |
| 53 | 2007-06-09 | 5.2.3 | İsmail Dönmez | Fix multiple holes |
| 52 | 2007-06-03 | 5.2.3 | İsmail Dönmez | Fix CVE-2007-2872 |
| 51 | 2007-06-01 | 5.2.3 | İsmail Dönmez | Stable update |
| 50 | 2007-05-30 | 5.2.2 | İsmail Dönmez | Fix integer overflow in chunk_split() |
| 49 | 2007-05-27 | 5.2.2 | İsmail Dönmez | Fix open_basedir/safe_mode bypass inside realpath() |
| 48 | 2007-05-22 | 5.2.2 | İsmail Dönmez | Fix CVE-2007-2756 |
| 47 | 2007-05-20 | 5.2.2 | İsmail Dönmez | Update suhosin extension |
| 46 | 2007-05-10 | 5.2.2 | İsmail Dönmez | Fix security weakness in SOAP extension |
| 45 | 2007-05-05 | 5.2.2 | İsmail Dönmez | Fix MOPB-2007-45 |
| 44 | 2007-05-04 | 5.2.2 | İsmail Dönmez | Stable update |
| 43 | 2007-04-01 | 5.2.1 | Ahmet AYGÜN | Dependency fix. |
| 42 | 2007-03-30 | 5.2.1 | İsmail Dönmez | Fix MOPB-34-2007 |
| 41 | 2007-03-27 | 5.2.1 | İsmail Dönmez | Fix MOPB-33-2007 |
| 40 | 2007-03-23 | 5.2.1 | İsmail Dönmez | Fix http://www.securityfocus.com/archive/1/463596 |
| 39 | 2007-03-23 | 5.2.1 | İsmail Dönmez | Fix MOPB-29-2007 |
| 38 | 2007-03-18 | 5.2.1 | İsmail Dönmez | Fix MOPB-26-2007 |
| 37 | 2007-03-16 | 5.2.1 | İsmail Dönmez | Fix MOPB-24-2007 |
| 36 | 2007-03-15 | 5.2.1 | İsmail Dönmez | Fix MOPB-22-2007 |
| 35 | 2007-03-14 | 5.2.1 | İsmail Dönmez | Fix MOPB-20-2007 and MOPB-21-2007 |
| 34 | 2007-03-10 | 5.2.1 | İsmail Dönmez | Fix CVE-2007-1001 and improve last two patches |
| 33 | 2007-03-09 | 5.2.1 | İsmail Dönmez | Fix http://www.wisec.it/vulns.php?id=10 |
| 32 | 2007-03-07 | 5.2.1 | İsmail Dönmez | Fix MOPB-14-2007 |
| 31 | 2007-03-06 | 5.2.1 | İsmail Dönmez | Provide php-cli package again |
| 30 | 2007-03-05 | 5.2.1 | İsmail Dönmez | Put suhosin inside as an extension |
| 29 | 2007-03-05 | 5.2.1 | İsmail Dönmez | Use suhosin as an extension |
| 28 | 2007-02-13 | 5.2.1 | İsmail Dönmez | Fix http://marc.theaimsgroup.com/?l=php-dev&m=117104930526516&w=2 |
| 27 | 2007-02-10 | 5.2.1 | Eren Türkay | Add postgresql-lib dependency |
| 26 | 2007-02-09 | 5.2.1 | İsmail Dönmez | Stable update to fix multiple vulnerabilities |
| 25 | 2007-02-07 | 5.2.0 | İsmail Dönmez | Fix CVE-2007-0455 |
| 24 | 2007-01-20 | 5.2.0 | Bahadır Kandemir | PostgreSQL support |
| 23 | 2006-12-20 | 5.2.0 | İsmail Dönmez | Fix session.save_path open_basedir bypass |
| 22 | 2006-11-20 | 5.2.0 | Bahadır Kandemir | Fixed PEAR path and dependencies, removed XPM support. |
| 21 | 2006-11-04 | 5.2.0 | Bahadır Kandemir | Fixed extension path |
| 20 | 2006-11-04 | 5.2.0 | Bahadır Kandemir | Fixed php.ini path |
| 19 | 2006-11-04 | 5.2.0 | Bahadır Kandemir | New release |
| 18 | 2006-11-02 | 5.1.6 | İsmail Dönmez | Fix CVE-2006-5465 |
| 17 | 2006-10-10 | 5.1.6 | Bahadır Kandemir | Suhosin Patch |
| 16 | 2006-10-09 | 5.1.6 | Ahmet AYGÜN | fix mail() function |
| 15 | 2006-10-09 | 5.1.6 | İsmail Dönmez | Fix CVE-2006-4625 |
| 14 | 2006-10-04 | 5.1.6 | İsmail Dönmez | Prevent possible overflow in _ecalloc (CVE-2006-4812) |
| 13 | 2006-09-26 | 5.1.6 | Ahmet AYGÜN | Add ldap support, #3611. |
| 12 | 2006-08-26 | 5.1.6 | Ahmet AYGÜN | Version bump. |
| 11 | 2006-08-23 | 5.1.5 | Ahmet AYGÜN | Version bump. |
| 10 | 2006-08-07 | 5.1.4 | Bahadır Kandemir | Fix for sccanf arbitary code execution vulnerablity. |
| 9 | 2006-07-10 | 5.1.4 | Bahadır Kandemir | Fixed wrong dep. |
| 8 | 2006-06-13 | 5.1.4 | İsmail Dönmez | Fix CVE-2006-2660 |
| 7 | 2006-05-27 | 5.1.4 | İsmail Dönmez | Fix CVE-2006-2563 |
| 6 | 2006-05-06 | 5.1.4 | İsmail Dönmez | Bugfix update |
| 5 | 2006-05-04 | 5.1.3 | İsmail Dönmez | Bugfix update |
| 4 | 2006-04-18 | 5.1.2 | İsmail Dönmez | Fix CVE-2006-0996,CVE-2006-1017,CVE-2006-1494 and CVE-2006-1608 |
| 3 | 2006-04-09 | 5.1.2 | Bahadır Kandemir | Fixed to install missing php.ini |
| 2 | 2006-03-25 | 5.1.2 | Ahmet AYGÜN | comar script added. |
| 1 | 2006-01-09 | 5.1.2 | Ahmet AYGÜN | First release. |
Patches
file_path_injection_in_rfc1867.patchstack_buffer_overflow_in_socket_connect.patch
use_after_free_in_substr_replace.patch
buffer_overflow_in_strval.patch
int_overflow_in_SdnToJulian.patch
int_overflow_in_shmop_read.patch
denial_of_service_in_pcntl_ext.patch
int_overflow_in_mt_rand.patch
use_of_uninitialized_vars_in_mt_rand.patch
no_overwrite_for_GLOBALS_and_this_in_extract.patch
use_after_free_in_zend.patch
stack_buffer_overflow_in_imagepstext.patch
denial_of_service_in_getArchiveComment.patch
denial_of_service_in_filter_var.patch
double_free_in_imap.patch
php5-imap-symlink.diff
php5.2.0-mysqli-readmycnf.patch
php5.2.0-mysql-readmycnf.patch
use-devurandom.patch
suhosin-patch-5.2.14-0.9.7.patch.gz
system-timezone.patch
autoconf-2.65.patch