Univention Bugzilla – Full Text Bug Listing |
Summary: | php5: Multiple issues (4.2) | ||
---|---|---|---|
Product: | UCS | Reporter: | Quality Assurance <qa> |
Component: | Security updates | Assignee: | Quality Assurance <qa> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P3 | ||
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.2-5-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 8.1 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) Debian RedHat |
Description
Quality Assurance
2018-12-18 08:45:17 CET
--- mirror/ftp/4.2/unmaintained/component/4.2-5-errata/source/php5_5.6.38+dfsg-0+deb8u1.dsc +++ apt/ucs_4.2-0-errata4.2-5/source/php5_5.6.39+dfsg-0+deb8u1.dsc @@ -1,3 +1,14 @@ +5.6.39+dfsg-0+deb8u1 [Sun, 16 Dec 2018 16:28:06 -0500] Roberto C. Sanchez <roberto@debian.org>: + + * Non-maintainer upload by the LTS Team. + * New upstream version 5.6.39 + - [CVE-2018-19518] An argument injection vulnerability in imap_open() + may allow a remote attacker to execute arbitrary OS commands on the IMAP + server. + - [CVE-2018-19935] A NULL pointer dereference leads to an application + crash and a denial of service via an empty string in the message + argument to the imap_mail function of ext/imap/php_imap.c. + 5.6.38+dfsg-0+deb8u1 [Wed, 19 Sep 2018 22:05:16 -0400] Roberto C. Sanchez <roberto@debian.org>: * Non-maintainer upload by the LTS Team. <http://10.200.17.11/4.2-5/#1141819270630398691> OK: yaml OK: announce_errata OK: patch ~OK: piuparts some files are not purged and some from Apache2 are. > 0m36.4s INFO: Warning: Package purging left files on system: > /etc/apache2/mods-enabled/mpm_prefork.conf -> ../mods-available/mpm_prefork.conf not owned > /etc/apache2/mods-enabled/mpm_prefork.load -> ../mods-available/mpm_prefork.load not owned > /var/lib/apache2/module/disabled_by_admin/ not owned > /var/lib/apache2/module/disabled_by_maint/ not owned > /var/lib/apache2/module/disabled_by_maint/mpm_event not owned > /var/lib/apache2/module/enabled_by_maint/mpm_prefork not owned > /var/lib/php5/modules/apache2filter/ not owned > /var/lib/php5/modules/apache2filter/disabled_by_maint/ not owned > /var/lib/php5/modules/apache2filter/disabled_by_maint/json not owned > /var/lib/php5/modules/apache2filter/disabled_by_maint/opcache not owned > /var/lib/php5/modules/apache2filter/disabled_by_maint/pdo not owned > /var/lib/php5/modules/apache2filter/enabled_by_maint/ not owned > > 0m36.4s ERROR: FAIL: After purging files have disappeared: > /etc/apache2/mods-enabled/mpm_event.conf -> ../mods-available/mpm_event.conf not owned > /etc/apache2/mods-enabled/mpm_event.load -> ../mods-available/mpm_event.load not owned > /var/lib/apache2/module/enabled_by_maint/mpm_event not owned [4.2-5] b0090896c5 Bug #48365: php5 5.6.39+dfsg-0+deb8u1 doc/errata/staging/php5.yaml | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) [4.2-5] 13517e6692 Bug #48365: php5 5.6.39+dfsg-0+deb8u1 doc/errata/staging/php5.yaml | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) |