According to this changelog excerpt from the current package in Quantal
(as part of 5.4.6-1ubuntu1), the embed SAPI was enabled in that update:
php5 (5.4.1-1) unstable; urgency=low
* Imported Upstream version 5.4.1
+ Fixed insufficient validating of upload name leading to corrupted
$_FILES indices). (CVE-2012-1172).
+ Add open_basedir checks to readline_write_history and
readline_read_history.
+ Add Apache 2.4 support (.deb package in experimental comming soon)
+ Added debug info handler to DOM objects.
* Remove Breaks: on php applications on maintainer requests:
+ simplesamlphp
+ php-horde-auth
* Add better configuration snippet for CGI (Closes: #571795)
* Update a description of PHP language based on the text from upstream
web page (http://www.php.net/manual/en/intro-whatis.php)
* Enable embed SAPI (Closes: #380731)
* Add lintian override for libphp5-embed: embedded-library
usr/lib/libphp5.so: file
* Add ldconfig to libphp5-embed.{postinst,postrm}
* Fix #EXTRA# processing for SAPIs (extra ; at the end of sed cmd)
-- Ondrej SurĂ½ <ond...@debian.org> Thu, 03 May 2012 13:29:07 +0200
I'm going to mark this one as "Fix Released" now that this was fixed in
Quantal, as it is part of 5.4.6-1ubuntu1.
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2012-1172
** Changed in: php5 (Ubuntu)
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/191251
Title:
[needs-packaging] php5-embed
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/191251/+subscriptions
--
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
