| Name | CVE-2008-3660 |
| Description | PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI ... |
| Source | CVE (at NVD; oss-sec, OSVDB, EDB, Red Hat, Ubuntu, Gentoo, SuSE, more) |
| References | DSA-1647-1 |
| Debian/oldstable | not vulnerable. |
| Debian/stable | not vulnerable. |
| Debian/testing | not vulnerable. |
| Debian/unstable | not vulnerable. |
The table below lists information on source packages.
| Source Package | Release | Version | Status |
|---|---|---|---|
| php5 (PTS) | squeeze | 5.3.3-7+squeeze17 | fixed |
| squeeze (security) | 5.3.3-7+squeeze19 | fixed | |
| wheezy | 5.4.4-14+deb7u7 | fixed | |
| wheezy (security) | 5.4.4-14+deb7u8 | fixed | |
| jessie | 5.5.11+dfsg-2 | fixed | |
| sid | 5.5.11+dfsg-3 | fixed |
The information above is based on the following data on fixed versions.
| Package | Type | Release | Fixed Version | Urgency | Origin | Debian Bugs |
|---|---|---|---|---|---|---|
| php4 | source | (unstable) | (unfixed) | |||
| php5 | source | (unstable) | 5.2.6-4 | medium | ||
| php5 | source | etch | 5.2.0-8+etch13 | DSA-1647-1 |
*not* duplicate after all, needs review http://cvs.php.net/viewvc.cgi/php-src/sapi/cgi/cgi_main.c?r1=1.267.2.15.2.57&r2=1.267.2.15.2.58&view=patch
Home - Testing Security Team - Debian Security - Source (SVN)