Bug#535148: marked as done (heap overflows after upgrade to 5.2.10)

Debian Bug Tracking System Thu, 22 Oct 2009 10:40:26 -0700

Your message dated Thu, 22 Oct 2009 17:44:43 +0200
with message-id <[email protected]>
and subject line Fixed in 5.2.11.dfsg.1-1
has caused the Debian Bug report #535148,
regarding heap overflows after upgrade to 5.2.10
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
535148: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=535148
Debian Bug Tracking System
Contact [email protected] with problems

--- Begin Message ---

Package: php5-cgi
Version: 5.2.10.dfsg.1-1
Severity: important

Just after upgrade from 5.2.9 to 5.2.10, php-cgi started to segfault and
suhosin complains about heap overflow:

suhosin[22305]: ALERT - canary mismatch on efree() - heap overflow
detected

Downgrading back to 5.2.9 fixes this issue.

-- 
        Michal Čihař | http://cihar.com | http://blog.cihar.com


-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-2-vserver-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages php5-cgi depends on:
ii  libbz2-1.0             1.0.5-3           high-quality block-sorting file co
ii  libc6                  2.9-18            GNU C Library: Shared libraries
ii  libcomerr2             1.41.6-1          common error description library
ii  libdb4.7               4.7.25-7          Berkeley v4.7 Database Libraries [
ii  libgssapi-krb5-2       1.7dfsg~beta3-1   MIT Kerberos runtime libraries - k
ii  libk5crypto3           1.7dfsg~beta3-1   MIT Kerberos runtime libraries - C
ii  libkrb5-3              1.7dfsg~beta3-1   MIT Kerberos runtime libraries
ii  libmagic1              5.03-1            File type determination library us
ii  libpcre3               7.8-2             Perl 5 Compatible Regular Expressi
ii  libssl0.9.8            0.9.8k-3          SSL shared libraries
ii  libxml2                2.7.3.dfsg-1      GNOME XML library
ii  mime-support           3.46-1            MIME files 'mime.types' & 'mailcap
ii  php5-common            5.2.10.dfsg.1-1   Common files for packages built fr
ii  tzdata                 2009j-1           time zone and daylight-saving time
ii  ucf                    3.0018            Update Configuration File: preserv
ii  zlib1g                 1:1.2.3.3.dfsg-14 compression library - runtime

php5-cgi recommends no packages.

Versions of packages php5-cgi suggests:
pn  php-pear                      <none>     (no description available)

-- no debconf information

--- End Message ---

--- Begin Message ---
Version: 5.2.11.dfsg.1-1

This problem does not appear in 5.2.11.dfsg.1-1 anymore.

-- 
        Michal Čihař | http://cihar.com | http://blog.cihar.com
signature.asc
Description: PGP signature

--- End Message ---

Bug#535148: marked as done (heap overflows after upgrade to 5.2.10)

Reply via email to