Debian Security Advisory

DSA-1647-1 php5 -- several vulnerabilities

Date Reported:

07 Oct 2008

Affected Packages:

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 499987, Bug 499988, Bug 499989.
In Mitre's CVE dictionary: CVE-2008-3658, CVE-2008-3659, CVE-2008-3660.

More information:

Several vulnerabilities have been discovered in PHP, a server-side, HTML-embedded scripting language. The Common Vulnerabilities and Exposures project identifies the following problems:

CVE-2008-3658
Buffer overflow in the imageloadfont function allows a denial of service or code execution through a crafted font file.
CVE-2008-3659
Buffer overflow in the memnstr function allows a denial of service or code execution via a crafted delimiter parameter to the explode function.
CVE-2008-3660
Denial of service is possible in the FastCGI module by a remote attacker by making a request with multiple dots before the extension.

For the stable distribution (etch), these problems have been fixed in version 5.2.0-8+etch13.

For the testing (lenny) and unstable distribution (sid), these problems have been fixed in version 5.2.6-4.

We recommend that you upgrade your php5 package.

Fixed in:

Debian GNU/Linux 4.0 (etch)

Source:: http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0.orig.tar.gz; http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0-8+etch13.diff.gz; http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0-8+etch13.dsc
Architecture-independent component:: http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.0-8+etch13_all.deb; http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0-8+etch13_all.deb
Alpha:: http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_alpha.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0-8+etch13_amd64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_amd64.deb
ARM:: http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_arm.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_arm.deb
HP Precision:: http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_hppa.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-interbase_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_i386.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_ia64.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_ia64.deb
Big-endian MIPS:: http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_mips.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_mips.deb
Little-endian MIPS:: http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_mipsel.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_mipsel.deb
PowerPC:: http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_powerpc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_s390.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-tidy_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sybase_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-snmp_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-curl_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xsl_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-dev_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-pspell_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-mcrypt_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-recode_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-imap_5.2.0-8+etch13_sparc.deb; http://security.debian.org/pool/updates/main/p/php5/php5-odbc_5.2.0-8+etch13_sparc.deb

MD5 checksums of the listed files are available in the original advisory.