From the release notes: "This release provides the following security fixes: Added missing safe_mode/open_basedir checks inside the error_log(), file_exists(), imap_open() and imap_reopen() functions. Fixed overflows inside str_repeat() and wordwrap() functions on 64bit systems. Fixed possible open_basedir/safe_mode bypass in cURL extension and with realpath cache. Fixed overflow in GD extension on invalid GIF images. Fixed a buffer overflow inside sscanf() function. Fixed an out of bounds read inside stripos() function. Fixed memory_limit restriction on 64 bit system."
Although Luca can probably better comment on this, but we already have these security fixes in our PHP 4.4.3 and PHP 5.1.4 packages, respectively.
Yes all of those are already fixed in our 4.4.3-r1 and 5.1.4-r6 releases. Only little thing still open is the open_basedir/safe_mode bypass in imap_reopen(), the fix for that was added after we released our updated PHP packages, but we have the fix for imap_open(). Since safe_mode/open_basedir stuff is not treated by security, de-CCing you guys. ;) 5.1.5 and 4.4.4 should be available in Portage between monday and wednesday, depends on when I have time. :) It's not particularly urgent, as there is no critical outstanding security stuff or bugs. Best regards, CHTEKK.
Always miss those boxes... Best regards, CHTEKK.
(In reply to comment #2) > Yes all of those are already fixed in our 4.4.3-r1 and 5.1.4-r6 releases. > Since safe_mode/open_basedir stuff is not > treated by security, de-CCing you guys. ;) Perfect, thanks Luca.
Don't hurry with 5.1.5, there is a 5.1.6 now :-)
Again: There is no hurry to add these new UPSTREAM versions to the tree as our current packages for both PHP 4 and PHP 5 already have all the security fixes backported, thanks to the effort of Luca.
What is with the issue, the hardened Guys mentioned on http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html?
(In reply to comment #7) > What is with the issue, the hardened Guys mentioned on > http://www.hardened-php.net/hphp/zend_hash_del_key_or_index_vulnerability.html? That was fixed upstream in 4.4.3 and 5.1.4, our stable packages thus reflect that and include the fix. Our 4.4.2 packages also had the fix for that bug since a long time now, as well as the previous 5.1.4 revisions (since 5.1.4 was released in May). Best regards, CHTEKK.
Ah, ok. Thanks for the information.
It would be nice to see PHP 5.1.6 in Portage ;)
*** Bug 145208 has been marked as a duplicate of this bug. ***
PHP 4.4.4 and 5.1.6 with Hardened-PHP 0.4.14 are in the tree now, enjoy! Best regards, CHTEKK.
