php5 -- several vulnerabilities

2012-08-13T00:00:00
ID DSA-2527
Type debian
Reporter Debian
Modified 2012-08-13T00:00:00

Description

Several vulnerabilities have been discovered in PHP, the web scripting language. The Common Vulnerabilities and Exposures project identifies the following issues:

A buffer overflow in the scandir() function could lead to denial of service or the execution of arbitrary code.

It was discovered that inconsistent parsing of PDO prepared statements could lead to denial of service.

For the stable distribution (squeeze), this problem has been fixed in version 5.3.3-7+squeeze14.

For the unstable distribution (sid), this problem has been fixed in version 5.4.4-4.

We recommend that you upgrade your php5 packages.