Debian Security Advisory

DLA-145-2 php5 -- LTS security update

Date Reported:
02 Feb 2015
Affected Packages:
Security database references:
No other external database security references currently available.
More information:

Brief introduction

The DLA-145-1 security update included a fix for PHP bug 68739 which was a null pointer dereference.

Unfortunately this fix broke cookie handling. For more details see the email.

This patch has been removed to restore functionality.

For Debian 6 Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze25