[Bug 852871] Re: PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability
Steve Beattie
sbeattie at ubuntu.com
Mon Oct 17 16:37:07 UTC 2011
Thanks for reporting this issue. It has been addressed in Ubuntu 10.10
(maverick) and newer. For Ubuntu 10.04 LTS (lucid), I'll be applying the
upstream fix for it. For Ubuntu 8.04 LTS (hardy), upstream never fixed
this issue in the php 5.2 branch, and backporting the fix is non-trivial
and thus has a non-trivial amount of risk to it, while the issue in
question is of relatively low risk; it requires a malicious php script
in place on the server. Thus this will not be fixed for 8.04.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/852871
Title:
PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/852871/+subscriptions
More information about the Ubuntu-server-bugs
mailing list