Bug#584509: marked as done (php5-suhosin: Seeding doesn't produce identical sequences)

Thu, 19 Aug 2010 01:58:04 -0700 

Your message dated Thu, 19 Aug 2010 08:42:57 +0000
with message-id <[email protected]>
and subject line Bug#584509: fixed in php-suhosin 0.9.32.1-1
has caused the Debian Bug report #584509,
regarding php5-suhosin: Seeding doesn't produce identical sequences
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
584509: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584509
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: php5-suhosin
Version: 0.9.27-1
Severity: important

Hello,
the following script:

<?php
mt_srand(2010);
for($i=0;$i<10;$i++) echo mt_rand(0,10)."-";
?>

should output identical sequences on each run.

But it gives different sequences in this setup:
- lenny amd64
- php5-suhosin
- suhosin.mt_srand.ignore=off

The same problem is present using srand/rand instead of 
mt_srand/mt_rand with suhosin.srand.ignore=off.

The script works fine on lenny i386.

Best regards,
Massimo Modica


-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.18-5-xen-686 (SMP w/1 CPU core)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages php5-suhosin depends on:
ii  libapache2-mod-php 5.2.6.dfsg.1-1+lenny8 server-side, HTML-embedded scripti
ii  libc6              2.7-18lenny2          GNU C Library: Shared libraries
ii  php5-cli [phpapi-2 5.2.6.dfsg.1-1+lenny8 command-line interpreter for the p

php5-suhosin recommends no packages.

php5-suhosin suggests no packages.

-- no debconf information

--- End Message ---
--- Begin Message --- 
Source: php-suhosin
Source-Version: 0.9.32.1-1

We believe that the bug you reported is fixed in the latest version of
php-suhosin, which is due to be installed in the Debian FTP archive:

php-suhosin_0.9.32.1-1.diff.gz
  to main/p/php-suhosin/php-suhosin_0.9.32.1-1.diff.gz
php-suhosin_0.9.32.1-1.dsc
  to main/p/php-suhosin/php-suhosin_0.9.32.1-1.dsc
php-suhosin_0.9.32.1.orig.tar.gz
  to main/p/php-suhosin/php-suhosin_0.9.32.1.orig.tar.gz
php5-suhosin_0.9.32.1-1_i386.deb
  to main/p/php-suhosin/php5-suhosin_0.9.32.1-1_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Jan Wagner <[email protected]> (supplier of updated php-suhosin package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Thu, 19 Aug 2010 10:02:52 +0200
Source: php-suhosin
Binary: php5-suhosin
Architecture: source i386
Version: 0.9.32.1-1
Distribution: unstable
Urgency: low
Maintainer: php-suhosin maintainers <[email protected]>
Changed-By: Jan Wagner <[email protected]>
Description: 
 php5-suhosin - advanced protection module for php5
Closes: 584509
Changes: 
 php-suhosin (0.9.32.1-1) unstable; urgency=low
 .
   * New upstream version (Closes: #584509)
     - Improved random number seed generation more by adding /dev/urandom juice
     - Fixed missing header file resulting in wrong php_combined_lcg() prototype
       being used
     - Added support for memory_limit > 2GB
     - Fixed missing header file resulting in compile errors
   * Drop 10_fix_function_prototype, integrated upstream
   * Update watch file
   * Bump standards version to 3.9.1, no changes needed
Checksums-Sha1: 
 b6a1f897db756528e0fdad02cc1b43fca85eed8b 1327 php-suhosin_0.9.32.1-1.dsc
 93fcb1d5f96691c4c50808a14dd3d6d4bbfea451 119117 
php-suhosin_0.9.32.1.orig.tar.gz
 cf56ed04c6cf7a6ffe841d23257759b67abd357f 7758 php-suhosin_0.9.32.1-1.diff.gz
 7871474e8cfc91ae2c0e89973e782c02b8634cdd 80828 php5-suhosin_0.9.32.1-1_i386.deb
Checksums-Sha256: 
 eb6e684038d606825c4cdaf71cf2cee72745e70c0c8293369e79b69cc955ad59 1327 
php-suhosin_0.9.32.1-1.dsc
 d283abcbd1803eaa11bbd91cb5aae727b2bbab3a00a1de8510f85d8cc598e490 119117 
php-suhosin_0.9.32.1.orig.tar.gz
 5a215c023d6a13b582c2a929c9b313d38a7f10f0956e29665fad7ecb8ac9b83b 7758 
php-suhosin_0.9.32.1-1.diff.gz
 fa1b1a1d0a004338150c884480f2cf2f4bb3c9b3950d96e2a6d86fa9f4590a93 80828 
php5-suhosin_0.9.32.1-1_i386.deb
Files: 
 dbfdf81d8425d1978237bfd652df8672 1327 php optional php-suhosin_0.9.32.1-1.dsc
 26a86f0f684a656c3e789e3eb4ec1db3 119117 php optional 
php-suhosin_0.9.32.1.orig.tar.gz
 ee757e8eb1e0aa522dc472a136494ef3 7758 php optional 
php-suhosin_0.9.32.1-1.diff.gz
 0360b6c19bb274ca0d4bc8ad156d70e3 80828 php optional 
php5-suhosin_0.9.32.1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFMbOfE9u6Dud+QFyQRAqMaAKDLQr3gMrZ2BxxqxYFDXUcHunZUDwCgrajC
3uGx/kKn9TZZjNBDXIHf9R0=
=5dAY
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to