Thanks for your great investigations. Candidates for the offending patches are debian/patches/CVE-2006-1990.patch and debian/patches/CVE-2006-3017.patch. Building a debugging version of php4, and removing either of those patches (and see which is the responsible one) would be great!
You can build a debugging version like this: sudo apt-get build-dep php4 sudo apt-get install devscripts fakeroot apt-get source php4 cd php4-* DEB_BUILD_OPTIONS=nostrip,noopt debuild -us -uc -b cd .. sudo dpkg -i php4-common*.deb php4-cgi*.deb php4-cli*.deb libapache2-mod-php4*.deb In the meantime I will scrutinize the patches again and try to write a reproducer based on the stack traces above. Thank you! -- hoary: intermittent SIGSEGV from php pages after upgrade to 4.3.10-10ubuntu4.5 https://launchpad.net/bugs/53581 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
