Debian Long Term Support / LTS Security Information / 2015 / Security Information -- DLA-145-2 php5

Debian Security Advisory

DLA-145-2 php5 -- LTS security update

Date Reported:

02 Feb 2015

Affected Packages:

php5

Vulnerable:

Yes

Security database references:

No other external database security references currently available.

More information:

Brief introduction

The DLA-145-1 security update included a fix for PHP bug 68739 which was a null pointer dereference.

Unfortunately this fix broke cookie handling. For more details see the email.

This patch has been removed to restore functionality.

For Debian 6 Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze25