[php-maint] Bug#361853: This bug may not to be an issue for
php4-4.3.10
David Sterratt
david.c.sterratt at ed.ac.uk
Wed May 17 14:54:24 UTC 2006
There appears to have been some ambiguity with the vulnerability
announcements, with some sites saying PHP 5.1.2 and prior
PHP 4.4.2 and prior
(http://securityreason.com/achievement_securityalert/34) and others just
saying PHP 5.1.2 and 4.4.2
http://www.securityfocus.com/archive/1/archive/1/430449/100/0/threaded
However, in php_print_gpcse_array() in ext/standard/info.c in the debian
sarge package there is no reference to the 4096 byte buffer which seemed
to be the cause of the problem.
David.
More information about the pkg-php-maint
mailing list