Debian Security Advisory
DSA-1444-2 php5 -- several vulnerabilities
- Date Reported:
- 23 Jan 2008
- Affected Packages:
- php5
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2007-3799, CVE-2007-3998, CVE-2007-4657, CVE-2007-4658, CVE-2007-4660, CVE-2007-4662, CVE-2007-5898, CVE-2007-5899.
- More information:
-
It was discovered that the patch for CVE-2007-4659 could lead to regressions in some scenarios. The fix has been reverted for now, a revised update will be provided in a future PHP DSA.
For reference the original advisory below:
Several remote vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems:
- CVE-2007-3799
It was discovered that the session_start() function allowed the insertion of attributes into the session cookie.
- CVE-2007-3998
Mattias Bengtsson and Philip Olausson discovered that a programming error in the implementation of the wordwrap() function allowed denial of service through an infinite loop.
- CVE-2007-4658
Stanislav Malyshev discovered that a format string vulnerability in the money_format() function could allow the execution of arbitrary code.
- CVE-2007-4659
Stefan Esser discovered that execution control flow inside the zend_alter_ini_entry() function is handled incorrectly in case of a memory limit violation.
- CVE-2007-4660
Gerhard Wagner discovered an integer overflow inside the chunk_split() function.
- CVE-2007-5898
Rasmus Lerdorf discovered that incorrect parsing of multibyte sequences may lead to disclosure of memory contents.
- CVE-2007-5899
It was discovered that the output_add_rewrite_var() function could leak session ID information, resulting in information disclosure.
This update also fixes two bugs from the PHP 5.2.4 release which don't have security impact according to the Debian PHP security policy (CVE-2007-4657 and CVE-2007-4662), but which are fixed nonetheless.
The old stable distribution (sarge) doesn't contain php5.
For the stable distribution (etch), these problems have been fixed in version 5.2.0-8+etch10.
For the unstable distribution (sid), these problems have been fixed in version 5.2.4-1, with the exception of CVE-2007-5898 and CVE-2007-5899, which will be fixed soon. Please note that Debian's version of PHP is hardened with the Suhosin patch beginning with version 5.2.4-1, which renders several vulnerabilities ineffective.
We recommend that you upgrade your php5 packages.
- CVE-2007-3799
- Fixed in:
-
Debian GNU/Linux 4.0 (stable)
- Source:
- http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0-8+etch10.diff.gz
- http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0-8+etch10.dsc
- http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0.orig.tar.gz
- http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0-8+etch10.dsc
- Architecture-independent component:
- http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.0-8+etch10_all.deb
- http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0-8+etch10_all.deb
- http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0-8+etch10_all.deb
- Alpha:
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_alpha.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_alpha.deb
- AMD64:
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_amd64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_amd64.deb
- ARM:
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_arm.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_arm.deb
- HP Precision:
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_hppa.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_hppa.deb
- Intel IA-32:
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_i386.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_i386.deb
- Intel IA-64:
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_ia64.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_ia64.deb
- Big-endian MIPS:
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_mips.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_mips.deb
- Little-endian MIPS:
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_mipsel.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_mipsel.deb
- PowerPC:
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_powerpc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_powerpc.deb
- IBM S/390:
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_s390.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_s390.deb
- Sun Sparc:
- http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch10_sparc.deb
- http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch10_sparc.deb
MD5 checksums of the listed files are available in the original advisory.