Hi,
march will be he day of php-bugs (http://www.php-security.org/). I`ll try to
follow this advisories and tell you if the php-version provided by arch is
affected and what could be done to solve the problems.
1) The destruction of deeply nested PHP arrays will exhaust all available
stack which leads to remotely triggerable crashes.
http://www.php-security.org/MOPB/MOPB-03-2007.html
2) A deep recursion of PHP userland code will exhaust all available stack
which leads to a sometimes remotely triggerable crash.
http://www.php-security.org/MOPB/MOPB-02-2007.html
Both problems will not be patched; the only solution is to use php-suhosin and
php-suhosin-extension from [community]
Pierre
--
http://www.archlinux.de
_______________________________________________
arch mailing list
[email protected]
http://www.archlinux.org/mailman/listinfo/arch
