10492 – PHP 5.3.26

Bug 10492 - PHP 5.3.26

Summary: PHP 5.3.26

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	RPM Packages (show other bugs)
Version:	2
Hardware:	i586 Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:

URL:
Whiteboard:	mga2-32-ok MGA2-64-OK
Keywords:	Security, validated_update

Depends on:
Blocks:

Reported:	2013-06-11 18:51 CEST by David Walser
Modified:	2014-05-08 18:04 CEST (History)
CC List:	3 users (show)

See Also:
Source RPM:	php
CVE:
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2013-06-11 18:51:47 CEST

Advisory:
========================

This update provides PHP 5.3.26, which fixes several issues.

References:
http://www.php.net/ChangeLog-5.php
========================

Updated packages in core/updates_testing:
========================
php-ini-5.3.26-1.mga2
php-cli-5.3.26-1.mga2
php-cgi-5.3.26-1.mga2
php-fpm-5.3.26-1.mga2
apache-mod_php-5.3.26-1.mga2
libphp5_common5-5.3.26-1.mga2
php-devel-5.3.26-1.mga2
php-openssl-5.3.26-1.mga2
php-zlib-5.3.26-1.mga2
php-bcmath-5.3.26-1.mga2
php-bz2-5.3.26-1.mga2
php-calendar-5.3.26-1.mga2
php-ctype-5.3.26-1.mga2
php-curl-5.3.26-1.mga2
php-dba-5.3.26-1.mga2
php-dom-5.3.26-1.mga2
php-enchant-5.3.26-1.mga2
php-exif-5.3.26-1.mga2
php-fileinfo-5.3.26-1.mga2
php-filter-5.3.26-1.mga2
php-ftp-5.3.26-1.mga2
php-gd-5.3.26-1.mga2
php-gettext-5.3.26-1.mga2
php-gmp-5.3.26-1.mga2
php-hash-5.3.26-1.mga2
php-iconv-5.3.26-1.mga2
php-imap-5.3.26-1.mga2
php-intl-5.3.26-1.mga2
php-json-5.3.26-1.mga2
php-ldap-5.3.26-1.mga2
php-mbstring-5.3.26-1.mga2
php-mcrypt-5.3.26-1.mga2
php-mssql-5.3.26-1.mga2
php-mysql-5.3.26-1.mga2
php-mysqli-5.3.26-1.mga2
php-mysqlnd-5.3.26-1.mga2
php-odbc-5.3.26-1.mga2
php-pcntl-5.3.26-1.mga2
php-pdo-5.3.26-1.mga2
php-pdo_dblib-5.3.26-1.mga2
php-pdo_mysql-5.3.26-1.mga2
php-pdo_odbc-5.3.26-1.mga2
php-pdo_pgsql-5.3.26-1.mga2
php-pdo_sqlite-5.3.26-1.mga2
php-pgsql-5.3.26-1.mga2
php-phar-5.3.26-1.mga2
php-posix-5.3.26-1.mga2
php-readline-5.3.26-1.mga2
php-recode-5.3.26-1.mga2
php-session-5.3.26-1.mga2
php-shmop-5.3.26-1.mga2
php-snmp-5.3.26-1.mga2
php-soap-5.3.26-1.mga2
php-sockets-5.3.26-1.mga2
php-sqlite3-5.3.26-1.mga2
php-sqlite-5.3.26-1.mga2
php-sybase_ct-5.3.26-1.mga2
php-sysvmsg-5.3.26-1.mga2
php-sysvsem-5.3.26-1.mga2
php-sysvshm-5.3.26-1.mga2
php-tidy-5.3.26-1.mga2
php-tokenizer-5.3.26-1.mga2
php-xml-5.3.26-1.mga2
php-xmlreader-5.3.26-1.mga2
php-xmlrpc-5.3.26-1.mga2
php-xmlwriter-5.3.26-1.mga2
php-xsl-5.3.26-1.mga2
php-wddx-5.3.26-1.mga2
php-zip-5.3.26-1.mga2
php-apc-3.1.13-1.8.mga2
php-apc-admin-3.1.13-1.8.mga2
php-eaccelerator-0.9.6.1-10.10.mga2
php-eaccelerator-admin-0.9.6.1-10.10.mga2
php-gd-bundled-5.3.26-1.mga2
php-timezonedb-2013.3-1.mga2
php-firebird-5.3.26-1.mga2
php-pdo_firebird-5.3.26-1.mga2

from SRPMS:
php-5.3.26-1.mga2.src.rpm
php-apc-3.1.13-1.8.mga2.src.rpm
php-eaccelerator-0.9.6.1-10.10.mga2.src.rpm
php-gd-bundled-5.3.26-1.mga2.src.rpm
php-timezonedb-2013.3-1.mga2.src.rpm
php-firebird-5.3.26-1.mga2.src.rpm
php-pdo_firebird-5.3.26-1.mga2.src.rpm

Reproducible: 

Steps to Reproduce:

David Walser 2013-06-11 18:51:56 CEST

CC: (none) => oe

Comment 1 claire robinson 2013-06-12 12:51:26 CEST

Testing mga2 32

Comment 2 claire robinson 2013-06-12 15:25:04 CEST

Testing complete mga2 32

Whiteboard: (none) => mga2-32-ok

Comment 3 Dave Hodgins 2013-06-14 01:33:13 CEST

Testing complete, Mageia 2 x86_64.

Could someone from the sysadmin team push the srpms
php-5.3.26-1.mga2.src.rpm
php-apc-3.1.13-1.8.mga2.src.rpm
php-eaccelerator-0.9.6.1-10.10.mga2.src.rpm
php-gd-bundled-5.3.26-1.mga2.src.rpm
php-timezonedb-2013.3-1.mga2.src.rpm
php-firebird-5.3.26-1.mga2.src.rpm
php-pdo_firebird-5.3.26-1.mga2.src.rpm
from Mageia 2 Core Updates Testing to Core Updates.

Advisory: This update provides PHP 5.3.26, which fixes several issues.

https://bugs.mageia.org/show_bug.cgi?id=10492

Keywords: (none) => validated_update
Whiteboard: mga2-32-ok => mga2-32-ok MGA2-64-OK
CC: (none) => davidwhodgins, sysadmin-bugs

Comment 4 David Walser 2013-06-14 02:36:55 CEST

Thanks :o)   Don't forget the references.

References:
http://www.php.net/ChangeLog-5.php

Comment 5 Dave Hodgins 2013-06-19 02:37:30 CEST

Advisory ready to push

Keywords: (none) => Security

Comment 6 David Walser 2013-06-19 03:35:04 CEST

Keywords = Security, even though it's not a security update?

Comment 7 Nicolas Vigier 2013-06-19 12:16:03 CEST

According to the description and changelog, it fixes a CVE.

CC: (none) => boklm

Comment 8 Nicolas Vigier 2013-06-19 12:38:54 CEST

http://advisories.mageia.org/MGASA-2013-0176.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Comment 9 David Walser 2013-06-19 19:48:40 CEST

In Bug 10456, it was determined that PHP 5.3 was not vulnerable to that CVE.

Comment 10 David Walser 2013-07-16 19:34:54 CEST

This update also fixes CVE-2013-4635:
http://lwn.net/Vulnerabilities/559055/

Comment 11 claire robinson 2013-07-17 08:37:46 CEST

Advisory updated.

Nicolas Vigier 2014-05-08 18:04:42 CEST

CC: boklm => (none)

Note You need to log in before you can comment on or make changes to this bug.