[php-maint] Bug#609315: php5: Upstream bug CVE-2010-4645 / bug #53632, critical: conversion string>double might hang PHP interpreter
Julien Cristau
jcristau at debian.org
Sat Jan 8 15:31:58 UTC 2011
tag 609315 moreinfo
severity 609315 grave
kthxbye
On Sat, Jan 8, 2011 at 14:26:50 +0100, Jort Koopmans wrote:
> Package: php5
> Version: 5.2.6.dfsg.1-1+lenny9
> Severity: critical
>
>
> >From upstream; http://bugs.php.net/bug.php?id=53632
> followed by release 5.3.5 and 5.2.17:
> http://www.php.net/archive/2011.php#id2011-01-06-1
>
> Short description;
>
> Conversions from string to double might cause the PHP interpreter to
> hang on systems using x87 FPU registers.
>
> The problem is known to only affect x86 32-bit PHP processes, regardless
> of whether the system hosting PHP is 32-bit or 64-bit.
>
Did you actually reproduce this with php 5.2.6.dfsg.1-1+lenny9? AFAIK
people tried and couldn't.
Cheers,
Julien
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-php-maint/attachments/20110108/5efcb8fa/attachment.pgp>
More information about the pkg-php-maint
mailing list