Henri Salo wrote...
> I reported this issue to Debian BTS to notify package maintainers and in the
> long run trying to get security issues fixed. Maintainers are not always
> following security issues in upstream and so on (not saying this about PHP). I
This is appreciated but a short report abo
I reported this issue to Debian BTS to notify package maintainers and in the
long run trying to get security issues fixed. Maintainers are not always
following security issues in upstream and so on (not saying this about PHP). I
verified that the segfault condition occurred and did not do more deta
Processing commands for cont...@bugs.debian.org:
> tags 783099 -unreproducible
Bug #783099 [src:php5] php5: Fileinfo on specific file causes spurious OOM
and/or segfault
Bug #783107 [src:php5] php5: Fileinfo on specific file causes spurious OOM
and/or segfault
Removed tag(s) unreproducible.
Remo
tags 783099 unreproducible
thanks
Henri Salo wrote...
> When calling finfo::file() or finfo::buffer() with a crafted string, PHP will
> crash by either segfaulting or trying to allocate an large amount of memory
> (4GiB).
(...)
>
> https://git.php.net/?p=php-src.git;a=commitdiff;h=f938112c495b
Processing commands for cont...@bugs.debian.org:
> tags 783099 unreproducible
Bug #783099 [src:php5] php5: Fileinfo on specific file causes spurious OOM
and/or segfault
Bug #783107 [src:php5] php5: Fileinfo on specific file causes spurious OOM
and/or segfault
Added tag(s) unreproducible.
Added t
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Source: php5
Version: 5.6.7+dfsg-1
Severity: grave
Tags: security, upstream, fixed-upstream
Hi,
the following vulnerability was published for PHP5,
"""
When calling finfo::file() or finfo::buffer() with a crafted string, PHP will
crash by either seg
6 matches
Mail list logo
