[php-maint] Bug#609315: php5: Upstream bug CVE-2010-4645 / bug #53632, critical: conversion string>double might hang PHP interpreter
Jort Koopmans
jort.koopmans at gmail.com
Sat Jan 8 13:26:50 UTC 2011
Package: php5
Version: 5.2.6.dfsg.1-1+lenny9
Severity: critical
>From upstream; http://bugs.php.net/bug.php?id=53632
followed by release 5.3.5 and 5.2.17:
http://www.php.net/archive/2011.php#id2011-01-06-1
Short description;
Conversions from string to double might cause the PHP interpreter to
hang on systems using x87 FPU registers.
The problem is known to only affect x86 32-bit PHP processes, regardless
of whether the system hosting PHP is 32-bit or 64-bit.
-- System Information:
Debian Release: 5.0.7
APT prefers stable
APT policy: (990, 'stable'), (500, 'testing')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages php5 depends on:
ii libapache2-mod-php5 5.3.3-6 server-side, HTML-embedded scripti
ii php5-common 5.3.3-6 Common files for packages built fr
php5 recommends no packages.
php5 suggests no packages.
-- no debconf information
More information about the pkg-php-maint
mailing list