ID: 47828 Updated by: [email protected] Reported By: reinke at securityspace dot com Status: Closed Bug Type: OpenSSL related Operating System: Linux (Debian Lenny) PHP Version: 5.2.9 Assigned To: pajoye New Comment:
I fixed it about 10 minutes ago, the snapshot is from a few hours ago. Previous Comments: ------------------------------------------------------------------------ [2009-03-29 23:38:46] reinke at securityspace dot com Also reproduced on Lenny using snapshot php5.2-200903292230. ./configure --with-openssl make sapi/cli/php ~/core2.php -> segmentation fault. ------------------------------------------------------------------------ [2009-03-29 23:33:40] [email protected] This bug has been fixed in CVS. Snapshots of the sources are packaged every three hours; this change will be in the next snapshot. You can grab the snapshot at http://snaps.php.net/. Thank you for the report, and for helping us make PHP better. The string tried to decode one of the items to utf-8 and it failed, this wasn't properly checked resulting in a segfault. ------------------------------------------------------------------------ [2009-03-29 22:29:26] reinke at securityspace dot com With all due respect - we are using PHP's official release. On Debian. As provided by the distro. On Ubuntu. As provided by Ubuntu. On Fedora. As provided by... well, you get it. Like it or not, these vendors are your distribution channel, and what they provide IS defacto your official release. Simply by virtue of the fact that most people are using that channel for getting their binary version of PHP. If you are asking us to help TEST the bug, fine - that's not a problem. If you are suggesting what I think you suggested, that is upgrading to your "official off the www.php.net web site" release to solve the problem, that's not happening, for a large variety of reasons. Nor will it happen for a LOT of other users, either. FWIW - on a Fedora Core 10 system, fully updated, your snapshot (php5.2-200903292030) configured and compiled with ./configure --with-openssl make reproduces the problem. ------------------------------------------------------------------------ [2009-03-29 21:51:18] [email protected] Please try using this CVS snapshot: http://snaps.php.net/php5.2-latest.tar.gz For Windows: http://windows.php.net/snapshots/ ------------------------------------------------------------------------ [2009-03-29 21:51:04] [email protected] Thanks for testing all these distributions but it is not what I was asking. Please use PHP.net's sources, available in our downloads page, snapshots via cvs. See my next comment for the snapshot links. ------------------------------------------------------------------------ The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at http://bugs.php.net/47828 -- Edit this bug report at http://bugs.php.net/?id=47828&edit=1
