Bug 10492

Summary: PHP 5.3.26
Product: Mageia Reporter: David Walser <luigiwalser>
Component: RPM PackagesAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: davidwhodgins, oe, sysadmin-bugs
Version: 2Keywords: Security, validated_update
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard: mga2-32-ok MGA2-64-OK
Source RPM: php CVE:
Status comment:

Description David Walser 2013-06-11 18:51:47 CEST 
Advisory:
========================

This update provides PHP 5.3.26, which fixes several issues.

References:
http://www.php.net/ChangeLog-5.php
========================

Updated packages in core/updates_testing:
========================
php-ini-5.3.26-1.mga2
php-cli-5.3.26-1.mga2
php-cgi-5.3.26-1.mga2
php-fpm-5.3.26-1.mga2
apache-mod_php-5.3.26-1.mga2
libphp5_common5-5.3.26-1.mga2
php-devel-5.3.26-1.mga2
php-openssl-5.3.26-1.mga2
php-zlib-5.3.26-1.mga2
php-bcmath-5.3.26-1.mga2
php-bz2-5.3.26-1.mga2
php-calendar-5.3.26-1.mga2
php-ctype-5.3.26-1.mga2
php-curl-5.3.26-1.mga2
php-dba-5.3.26-1.mga2
php-dom-5.3.26-1.mga2
php-enchant-5.3.26-1.mga2
php-exif-5.3.26-1.mga2
php-fileinfo-5.3.26-1.mga2
php-filter-5.3.26-1.mga2
php-ftp-5.3.26-1.mga2
php-gd-5.3.26-1.mga2
php-gettext-5.3.26-1.mga2
php-gmp-5.3.26-1.mga2
php-hash-5.3.26-1.mga2
php-iconv-5.3.26-1.mga2
php-imap-5.3.26-1.mga2
php-intl-5.3.26-1.mga2
php-json-5.3.26-1.mga2
php-ldap-5.3.26-1.mga2
php-mbstring-5.3.26-1.mga2
php-mcrypt-5.3.26-1.mga2
php-mssql-5.3.26-1.mga2
php-mysql-5.3.26-1.mga2
php-mysqli-5.3.26-1.mga2
php-mysqlnd-5.3.26-1.mga2
php-odbc-5.3.26-1.mga2
php-pcntl-5.3.26-1.mga2
php-pdo-5.3.26-1.mga2
php-pdo_dblib-5.3.26-1.mga2
php-pdo_mysql-5.3.26-1.mga2
php-pdo_odbc-5.3.26-1.mga2
php-pdo_pgsql-5.3.26-1.mga2
php-pdo_sqlite-5.3.26-1.mga2
php-pgsql-5.3.26-1.mga2
php-phar-5.3.26-1.mga2
php-posix-5.3.26-1.mga2
php-readline-5.3.26-1.mga2
php-recode-5.3.26-1.mga2
php-session-5.3.26-1.mga2
php-shmop-5.3.26-1.mga2
php-snmp-5.3.26-1.mga2
php-soap-5.3.26-1.mga2
php-sockets-5.3.26-1.mga2
php-sqlite3-5.3.26-1.mga2
php-sqlite-5.3.26-1.mga2
php-sybase_ct-5.3.26-1.mga2
php-sysvmsg-5.3.26-1.mga2
php-sysvsem-5.3.26-1.mga2
php-sysvshm-5.3.26-1.mga2
php-tidy-5.3.26-1.mga2
php-tokenizer-5.3.26-1.mga2
php-xml-5.3.26-1.mga2
php-xmlreader-5.3.26-1.mga2
php-xmlrpc-5.3.26-1.mga2
php-xmlwriter-5.3.26-1.mga2
php-xsl-5.3.26-1.mga2
php-wddx-5.3.26-1.mga2
php-zip-5.3.26-1.mga2
php-apc-3.1.13-1.8.mga2
php-apc-admin-3.1.13-1.8.mga2
php-eaccelerator-0.9.6.1-10.10.mga2
php-eaccelerator-admin-0.9.6.1-10.10.mga2
php-gd-bundled-5.3.26-1.mga2
php-timezonedb-2013.3-1.mga2
php-firebird-5.3.26-1.mga2
php-pdo_firebird-5.3.26-1.mga2

from SRPMS:
php-5.3.26-1.mga2.src.rpm
php-apc-3.1.13-1.8.mga2.src.rpm
php-eaccelerator-0.9.6.1-10.10.mga2.src.rpm
php-gd-bundled-5.3.26-1.mga2.src.rpm
php-timezonedb-2013.3-1.mga2.src.rpm
php-firebird-5.3.26-1.mga2.src.rpm
php-pdo_firebird-5.3.26-1.mga2.src.rpm

Reproducible: 

Steps to Reproduce:
David Walser 2013-06-11 18:51:56 CEST

CC: (none) => oe

Comment 1 claire robinson 2013-06-12 12:51:26 CEST 
Testing mga2 32
Comment 2 claire robinson 2013-06-12 15:25:04 CEST 
Testing complete mga2 32

Whiteboard: (none) => mga2-32-ok

Comment 3 Dave Hodgins 2013-06-14 01:33:13 CEST 
Testing complete, Mageia 2 x86_64.

Could someone from the sysadmin team push the srpms
php-5.3.26-1.mga2.src.rpm
php-apc-3.1.13-1.8.mga2.src.rpm
php-eaccelerator-0.9.6.1-10.10.mga2.src.rpm
php-gd-bundled-5.3.26-1.mga2.src.rpm
php-timezonedb-2013.3-1.mga2.src.rpm
php-firebird-5.3.26-1.mga2.src.rpm
php-pdo_firebird-5.3.26-1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: This update provides PHP 5.3.26, which fixes several issues.

https://bugs.mageia.org/show_bug.cgi?id=10492

Keywords: (none) => validated_update
Whiteboard: mga2-32-ok => mga2-32-ok MGA2-64-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 4 David Walser 2013-06-14 02:36:55 CEST 
Thanks :o)   Don't forget the references.

References:
http://www.php.net/ChangeLog-5.php
Comment 5 Dave Hodgins 2013-06-19 02:37:30 CEST 
Advisory ready to push

Keywords: (none) => Security

Comment 6 David Walser 2013-06-19 03:35:04 CEST 
Keywords = Security, even though it's not a security update?
Comment 7 Nicolas Vigier 2013-06-19 12:16:03 CEST 
According to the description and changelog, it fixes a CVE.

CC: (none) => boklm

Comment 8 Nicolas Vigier 2013-06-19 12:38:54 CEST 
http://advisories.mageia.org/MGASA-2013-0176.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 9 David Walser 2013-06-19 19:48:40 CEST 
In Bug 10456, it was determined that PHP 5.3 was not vulnerable to that CVE.
Comment 10 David Walser 2013-07-16 19:34:54 CEST 
This update also fixes CVE-2013-4635:
http://lwn.net/Vulnerabilities/559055/
Comment 11 claire robinson 2013-07-17 08:37:46 CEST 
Advisory updated.
Nicolas Vigier 2014-05-08 18:04:42 CEST

CC: boklm => (none)