[php-maint] Bug#609315: Upstream bug CVE-2010-4645 / bug #53632, critical: conversion string>double might hang PHP interpreter
Jort Koopmans
jort.koopmans at gmail.com
Sat Jan 8 14:23:44 UTC 2011
Update:
My x64 testsystem running php5.2.6dfsg.1-1+lenny9 does not seem to be
affected when using this script from CLI:
http://www.php.net/distributions/test_bug53632.txt
but php -v shows:
/# php -v
PHP 5.3.3-6 with Suhosin-Patch (cli) (built: Dec 7 2010 12:47:03)
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH
while phpinfo displays 5.2.6
so probably this testsystem is no good for reproducing the bug since its
no vanilla install, and also a x64 build (which seems unaffected).
More information about the pkg-php-maint
mailing list