[Bug 910296] Re: Please backport the upstream patch to prevent attacks based on hash collisions
Ted Reed
ted.reed at gmail.com
Sat Jan 14 06:02:01 UTC 2012
You actually need two commits for this fix.
This one is the 5.3 branch commit for the first commit:
http://svn.php.net/viewvc?view=revision&revision=321038
There was a fix to that commit later:
http://svn.php.net/viewvc?view=revision&revision=321335
I've combined both of these patches into one patch that can be applied
to 5.3.2-1ubuntu4.11:
https://gist.github.com/1610477
Should just be able to drop it into debian/patches and add it to the end
of debian/patches/series.
I'm still confirming if that patch fixes the DoS.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/910296
Title:
Please backport the upstream patch to prevent attacks based on hash
collisions
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/910296/+subscriptions
More information about the Ubuntu-server-bugs
mailing list