[php-maint] Bug#609315: php5: Upstream bug CVE-2010-4645 / bug #53632, critical: conversion string>double might hang PHP interpreter
jcristau at debian.org
Sat Jan 8 15:31:58 UTC 2011
tag 609315 moreinfo
severity 609315 grave
On Sat, Jan 8, 2011 at 14:26:50 +0100, Jort Koopmans wrote:
> Package: php5
> Version: 5.2.6.dfsg.1-1+lenny9
> Severity: critical
> >From upstream; http://bugs.php.net/bug.php?id=53632
> followed by release 5.3.5 and 5.2.17:
> Short description;
> Conversions from string to double might cause the PHP interpreter to
> hang on systems using x87 FPU registers.
> The problem is known to only affect x86 32-bit PHP processes, regardless
> of whether the system hosting PHP is 32-bit or 64-bit.
Did you actually reproduce this with php 5.2.6.dfsg.1-1+lenny9? AFAIK
people tried and couldn't.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 836 bytes
Desc: Digital signature
More information about the pkg-php-maint