Bug 10492 - PHP 5.3.26
: PHP 5.3.26
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: RPM Packages
: 2
: i586 Linux
: Normal Severity: normal
: ---
Assigned To: QA Team
:
:
: mga2-32-ok MGA2-64-OK
: Security, validated_update
:
:
  Show dependency treegraph
 
Reported: 2013-06-11 18:51 CEST by David Walser
Modified: 2014-05-08 18:04 CEST (History)
3 users (show)

See Also:
Source RPM: php
CVE:
Status comment:


Attachments

Description David Walser 2013-06-11 18:51:47 CEST
Advisory:
========================

This update provides PHP 5.3.26, which fixes several issues.

References:
http://www.php.net/ChangeLog-5.php
========================

Updated packages in core/updates_testing:
========================
php-ini-5.3.26-1.mga2
php-cli-5.3.26-1.mga2
php-cgi-5.3.26-1.mga2
php-fpm-5.3.26-1.mga2
apache-mod_php-5.3.26-1.mga2
libphp5_common5-5.3.26-1.mga2
php-devel-5.3.26-1.mga2
php-openssl-5.3.26-1.mga2
php-zlib-5.3.26-1.mga2
php-bcmath-5.3.26-1.mga2
php-bz2-5.3.26-1.mga2
php-calendar-5.3.26-1.mga2
php-ctype-5.3.26-1.mga2
php-curl-5.3.26-1.mga2
php-dba-5.3.26-1.mga2
php-dom-5.3.26-1.mga2
php-enchant-5.3.26-1.mga2
php-exif-5.3.26-1.mga2
php-fileinfo-5.3.26-1.mga2
php-filter-5.3.26-1.mga2
php-ftp-5.3.26-1.mga2
php-gd-5.3.26-1.mga2
php-gettext-5.3.26-1.mga2
php-gmp-5.3.26-1.mga2
php-hash-5.3.26-1.mga2
php-iconv-5.3.26-1.mga2
php-imap-5.3.26-1.mga2
php-intl-5.3.26-1.mga2
php-json-5.3.26-1.mga2
php-ldap-5.3.26-1.mga2
php-mbstring-5.3.26-1.mga2
php-mcrypt-5.3.26-1.mga2
php-mssql-5.3.26-1.mga2
php-mysql-5.3.26-1.mga2
php-mysqli-5.3.26-1.mga2
php-mysqlnd-5.3.26-1.mga2
php-odbc-5.3.26-1.mga2
php-pcntl-5.3.26-1.mga2
php-pdo-5.3.26-1.mga2
php-pdo_dblib-5.3.26-1.mga2
php-pdo_mysql-5.3.26-1.mga2
php-pdo_odbc-5.3.26-1.mga2
php-pdo_pgsql-5.3.26-1.mga2
php-pdo_sqlite-5.3.26-1.mga2
php-pgsql-5.3.26-1.mga2
php-phar-5.3.26-1.mga2
php-posix-5.3.26-1.mga2
php-readline-5.3.26-1.mga2
php-recode-5.3.26-1.mga2
php-session-5.3.26-1.mga2
php-shmop-5.3.26-1.mga2
php-snmp-5.3.26-1.mga2
php-soap-5.3.26-1.mga2
php-sockets-5.3.26-1.mga2
php-sqlite3-5.3.26-1.mga2
php-sqlite-5.3.26-1.mga2
php-sybase_ct-5.3.26-1.mga2
php-sysvmsg-5.3.26-1.mga2
php-sysvsem-5.3.26-1.mga2
php-sysvshm-5.3.26-1.mga2
php-tidy-5.3.26-1.mga2
php-tokenizer-5.3.26-1.mga2
php-xml-5.3.26-1.mga2
php-xmlreader-5.3.26-1.mga2
php-xmlrpc-5.3.26-1.mga2
php-xmlwriter-5.3.26-1.mga2
php-xsl-5.3.26-1.mga2
php-wddx-5.3.26-1.mga2
php-zip-5.3.26-1.mga2
php-apc-3.1.13-1.8.mga2
php-apc-admin-3.1.13-1.8.mga2
php-eaccelerator-0.9.6.1-10.10.mga2
php-eaccelerator-admin-0.9.6.1-10.10.mga2
php-gd-bundled-5.3.26-1.mga2
php-timezonedb-2013.3-1.mga2
php-firebird-5.3.26-1.mga2
php-pdo_firebird-5.3.26-1.mga2

from SRPMS:
php-5.3.26-1.mga2.src.rpm
php-apc-3.1.13-1.8.mga2.src.rpm
php-eaccelerator-0.9.6.1-10.10.mga2.src.rpm
php-gd-bundled-5.3.26-1.mga2.src.rpm
php-timezonedb-2013.3-1.mga2.src.rpm
php-firebird-5.3.26-1.mga2.src.rpm
php-pdo_firebird-5.3.26-1.mga2.src.rpm

Reproducible: 

Steps to Reproduce:
Comment 1 claire robinson 2013-06-12 12:51:26 CEST
Testing mga2 32
Comment 2 claire robinson 2013-06-12 15:25:04 CEST
Testing complete mga2 32
Comment 3 Dave Hodgins 2013-06-14 01:33:13 CEST
Testing complete, Mageia 2 x86_64.

Could someone from the sysadmin team push the srpms
php-5.3.26-1.mga2.src.rpm
php-apc-3.1.13-1.8.mga2.src.rpm
php-eaccelerator-0.9.6.1-10.10.mga2.src.rpm
php-gd-bundled-5.3.26-1.mga2.src.rpm
php-timezonedb-2013.3-1.mga2.src.rpm
php-firebird-5.3.26-1.mga2.src.rpm
php-pdo_firebird-5.3.26-1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: This update provides PHP 5.3.26, which fixes several issues.

https://bugs.mageia.org/show_bug.cgi?id=10492
Comment 4 David Walser 2013-06-14 02:36:55 CEST
Thanks :o)   Don't forget the references.

References:
http://www.php.net/ChangeLog-5.php
Comment 5 Dave Hodgins 2013-06-19 02:37:30 CEST
Advisory ready to push
Comment 6 David Walser 2013-06-19 03:35:04 CEST
Keywords = Security, even though it's not a security update?
Comment 7 Nicolas Vigier 2013-06-19 12:16:03 CEST
According to the description and changelog, it fixes a CVE.
Comment 8 Nicolas Vigier 2013-06-19 12:38:54 CEST
http://advisories.mageia.org/MGASA-2013-0176.html
Comment 9 David Walser 2013-06-19 19:48:40 CEST
In Bug 10456, it was determined that PHP 5.3 was not vulnerable to that CVE.
Comment 10 David Walser 2013-07-16 19:34:54 CEST
This update also fixes CVE-2013-4635:
http://lwn.net/Vulnerabilities/559055/
Comment 11 claire robinson 2013-07-17 08:37:46 CEST
Advisory updated.

Note You need to log in before you can comment on or make changes to this bug.