Thanks for reporting this issue. It has been addressed in Ubuntu 10.10 (maverick) and newer. For Ubuntu 10.04 LTS (lucid), I'll be applying the upstream fix for it. For Ubuntu 8.04 LTS (hardy), upstream never fixed this issue in the php 5.2 branch, and backporting the fix is non-trivial and thus has a non-trivial amount of risk to it, while the issue in question is of relatively low risk; it requires a malicious php script in place on the server. Thus this will not be fixed for 8.04.
-- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to php5 in Ubuntu. https://bugs.launchpad.net/bugs/852871 Title: PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/852871/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs