[php-maint] Bug#609315: Upstream bug CVE-2010-4645 / bug #53632, critical: conversion string>double might hang PHP interpreter

Jort Koopmans jort.koopmans at gmail.com
Sat Jan 8 14:23:44 UTC 2011


My x64 testsystem running php5.2.6dfsg.1-1+lenny9 does not seem to be
affected when using this script from CLI:

but php -v shows:

/# php -v
PHP 5.3.3-6 with Suhosin-Patch (cli) (built: Dec  7 2010 12:47:03) 
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
    with Suhosin v0.9.32.1, Copyright (c) 2007-2010, by SektionEins GmbH

while phpinfo displays 5.2.6

so probably this testsystem is no good for reproducing the bug since its
no vanilla install, and also a x64 build (which seems unaffected).

More information about the pkg-php-maint mailing list