subject:"\[Bug 697181\] Re\: DoS\: Infinite loop processing 2.2250738585072011e\-308"

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2012-02-16 Thread Launchpad Bug Tracker

** Branch linked: lp:ubuntu/hardy-updates/php5

** Branch linked: lp:ubuntu/php5

** Branch linked: lp:ubuntu/dapper-updates/php5

** Branch linked: lp:ubuntu/maverick-security/php5

** Branch linked: lp:ubuntu/karmic-security/php5

** Branch linked: lp:ubuntu/lucid-security/php5

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

To manage notifications about this bug go to:
https://bugs.launchpad.net/php/+bug/697181/+subscriptions

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-11 Thread Launchpad Bug Tracker

This bug was fixed in the package php5 - 5.3.3-1ubuntu9.2

---
php5 (5.3.3-1ubuntu9.2) maverick-security; urgency=low

  * SECURITY UPDATE: open_basedir bypass
- debian/patches/php5-CVE-2010-3436.patch: more strict checking in
  php_check_specific_open_basedir()
- CVE-2010-3436
  * SECURITY UPDATE: NULL pointer dereference crash
- debian/patches/php5-CVE-2010-3709.patch: check for NULL when
  getting zip comment
- CVE-2010-3709
  * SECURITY UPDATE: memory consumption denial of service
- debian/patches/php5-CVE-2010-3710.patch: check for email address
  longer than RFC 2821 allows
- CVE-2010-3710
  * SECURITY UPDATE: xml decode bypass
- debian/patches/php5-CVE-2010-3870.patch: improve utf8 decoding
- CVE-2010-3870
  * SECURITY UPDATE: memory disclosure
- debian/patches/php5-CVE-2010-4156.patch: check for excessive
  length in mb_strcut()
- CVE-2010-4156
  * SECURITY UPDATE: integer overflow can cause an application crash
- debian/patches/php5-CVE-2010-4409.patch: fix invalid args in
  NumberFormatter::getSymbol()
- CVE-2010-4409
  * SECURITY UPDATE: infinite loop/denial of service when dealing with
certain textual forms of MAX_FLOAT (LP: #697181)
- debian/patches/php5-CVE-2010-4645.patch: treat local doubles
  as volatile to avoid x87 registers in zend_strtod()
- CVE-2010-4645
 -- Steve Beattie sbeat...@ubuntu.com   Wed, 05 Jan 2011 22:45:19 -0800

** Changed in: php5 (Ubuntu Maverick)
   Status: Confirmed = Fix Released

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3436

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3709

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3710

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-3870

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4156

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2010-4409

** Changed in: php5 (Ubuntu Lucid)
   Status: Confirmed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-11 Thread Launchpad Bug Tracker

This bug was fixed in the package php5 - 5.3.2-1ubuntu4.6

---
php5 (5.3.2-1ubuntu4.6) lucid-security; urgency=low

  * SECURITY UPDATE: open_basedir bypass
- debian/patches/php5-CVE-2010-3436.patch: more strict checking in
  php_check_specific_open_basedir()
- CVE-2010-3436
  * SECURITY UPDATE: NULL pointer dereference crash
- debian/patches/php5-CVE-2010-3709.patch: check for NULL when
  getting zip comment
- CVE-2010-3709
  * SECURITY UPDATE: memory consumption denial of service
- debian/patches/php5-CVE-2010-3710.patch: check for email address
  longer than RFC 2821 allows
- CVE-2010-3710
  * SECURITY UPDATE: xml decode bypass
- debian/patches/php5-CVE-2010-3870.patch: improve utf8 decoding
- CVE-2010-3870
  * SECURITY UPDATE: integer overflow can cause an application crash
- debian/patches/php5-CVE-2010-4409.patch: fix invalid args in
  NumberFormatter::getSymbol()
- CVE-2010-4409
  * SECURITY UPDATE: infinite loop/denial of service when dealing with
certain textual forms of MAX_FLOAT (LP: #697181)
- debian/patches/php5-CVE-2010-4645.patch: treat local doubles
  as volatile to avoid x87 registers in zend_strtod()
- CVE-2010-4645
 -- Steve Beattie sbeat...@ubuntu.com   Fri, 07 Jan 2011 10:56:23 -0800

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-10 Thread Bug Watch Updater

** Changed in: php5 (Debian)
   Status: Unknown = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-07 Thread Jamie Strandboge

** Changed in: php5 (Ubuntu Maverick)
 Assignee: (unassigned) = Steve Beattie (sbeattie)

** Changed in: php5 (Ubuntu Lucid)
 Assignee: (unassigned) = Steve Beattie (sbeattie)

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-07 Thread Steve Beattie

I've confirmed that marking the double variables as volatile in
maverick's php causes the infinite loop not to get triggered on i386
(and think I understand why that's the case). However, attempts to
reproduce the issue with php from 9.10 (karmic), 8.04 (hardy), and 6.06
(dapper) fail for no apparent reason -- the zend_strtod.c code is nearly
identical between karmic and lucid's versions. Does anyone have an
indication as to what's different that woul cause this issue not to be
triggered on older releases? Thanks.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-07 Thread Daniel Hahler

Maybe it is related to some compiler flags? (e.g. it can be worked around by 
using -ffloat-store in CFLAGS).
See http://news.ycombinator.com/item?id=2066084 for more discussion.

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-07 Thread Daniel Hahler

** Description changed:

  Binary package hint: php5
  
  Processing certain textual forms of MAX_FLOAT leads to an infinite
  loop/hang/DoS:
  
    php -r print 2.2250738585072011e-308;
  
  hangs indefinitely, whereas:
  
    php -r print 2.2250738585072010e-308;
  
  returns immediately.
  
  Confirmed for natty/php5-cli=5.3.3-1ubuntu11
  
  Fixed in new upstream releases:
  
-   http://www.php.net/ChangeLog-5.php#5.3.4
-   http://www.php.net/releases/5_2_17.php
+   http://www.php.net/ChangeLog-5.php#5.3.5
+   http://www.php.net/releases/5_2_17.php

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-07 Thread Launchpad Bug Tracker

This bug was fixed in the package php5 - 5.3.3-1ubuntu12

---
php5 (5.3.3-1ubuntu12) natty; urgency=low

  * debian/patches/fix-upstream-bug53632.patch: Fix infinite loop bug (php bug 
#53632)
(LP: #697181)
 -- Chuck Short zul...@ubuntu.com   Fri, 07 Jan 2011 12:57:59 -0500

** Changed in: php5 (Ubuntu Natty)
   Status: Confirmed = Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-05 Thread Steven van der Vegt

And there's a patch:

Fix: http://svn.php.net/viewvc?view=revisionrevision=307095
Test case: http://svn.php.net/viewvc?view=revisionrevision=307097

See:
http://bugs.php.net/bug.php?id=53632

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-05 Thread John Edwards

Confirmed in Ubuntu 10.04 lucid using:
echo '?php $d = 2.2250738585072011e-308; ?' | time -p php5
which hangs.

Ubuntu 8.04 hardy does not hang.


** Changed in: php5 (Ubuntu Lucid)
   Status: Incomplete = Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-04 Thread UndiFineD

Confirmed on Ubuntu 10.10+ 32bit

php --version
PHP 5.3.3-1ubuntu9.1 with Suhosin-Patch (cli) (built: Oct 15 2010 14:17:04) 
Copyright (c) 1997-2009 The PHP Group
Zend Engine v2.3.0, Copyright (c) 1998-2010 Zend Technologies
with Suhosin v0.9.31, Copyright (c) 2007-2010, by SektionEins GmbH

see also:
http://www.exploringbinary.com/php-hangs-on-numeric-value-2-2250738585072011e-308/

** Changed in: php5 (Ubuntu)
   Status: New = Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

2011-01-04 Thread Paul Sladen

** Also affects: php5 (Ubuntu Lucid)
   Importance: Undecided
   Status: New

** Also affects: php5 (Ubuntu Maverick)
   Importance: Undecided
   Status: New

** Also affects: php5 (Ubuntu Natty)
   Importance: Undecided
   Status: Confirmed

** Changed in: php5 (Ubuntu Maverick)
   Status: New = Confirmed

** Changed in: php5 (Ubuntu Lucid)
   Status: New = Incomplete

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
https://bugs.launchpad.net/bugs/697181

Title:
  DoS: Infinite loop processing 2.2250738585072011e-308

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

[Bug 697181] Re: DoS: Infinite loop processing 2.2250738585072011e-308

13 matches

Site Navigation

Mail list logo

Footer information