Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-4142 The htmlspecialchars function does not properly handle invalid multi-byte sequences. CVE-2009-4143 Memory corruption via session interruption. In the stable distribution (lenny), this update also includes bug fixes (bug #529278, #556459, #565387, #523073) that were to be included in a stable point release as version 5.2.6.dfsg.1-1+lenny5. For the stable distribution (lenny), these problems have been fixed in version 5.2.6.dfsg.1-1+lenny6. For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 5.2.12.dfsg.1-1. We recommend that you upgrade your php5 packages.
Several remote vulnerabilities have been discovered in PHP 5, an hypertext preprocessor. The Common Vulnerabilities and Exposures project identifies the following problems:
The htmlspecialchars function does not properly handle invalid multi-byte sequences.
Memory corruption via session interruption.
In the stable distribution (lenny), this update also includes bug fixes (bug #529278, #556459, #565387, #523073) that were to be included in a stable point release as version 5.2.6.dfsg.1-1+lenny5.
For the stable distribution (lenny), these problems have been fixed in version 5.2.6.dfsg.1-1+lenny6.
For the testing distribution (squeeze) and the unstable distribution (sid), these problems have been fixed in version 5.2.12.dfsg.1-1.
We recommend that you upgrade your php5 packages.
MD5 checksums of the listed files are available in the original advisory.