Your message dated Wed, 27 Apr 2011 10:28:24 +0200
with message-id <[email protected]>
and subject line Closing segfaults (and some other minor bugs) for version
older than squeeze (5.3.3)
has caused the Debian Bug report #576147,
regarding memory corruption in PHP
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
576147: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576147
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: php5-cgi
Version: 5.2.6.dfsg.1-1+lenny8
Severity: normal
Hi,
I've written to the TYPO3 folks in order to get the problem described
below fixed, but they say I should turn to you instead. FWIW, I'm
running a pretty vanilla TYPO3 4.2.12 from upstream's source code,
along with some add-ons that the customer implemented (but I don't know
which, some are his creation).
On Thu, 01.04.2010 at 05:20:39 +0200, TYPO3 Security Team <[email protected]>
wrote:
> Toni Mueller <[email protected]> wrote:
> > I forgot to send another error message that makes me feel uneasy. So
> > here goes:
> > > Mar 23 14:19:29 debian suhosin[15099]: ALERT - canary mismatch on efree()
> > > - heap overflow detected (attacker '80.142.175.180', file
> > > '/webserverroot/typo3_src-4.2.12/t3lib/class.t3lib_htmlmail.php', line
> > > 718)
>
> According to a blog post [1] this is caused by a memory corruption of PHP or
> one of its extension. This is not related to TYPO3 Security.
>
> > Mar 29 13:15:47 debian suhosin[11070]: ALERT - linked list corrupt on efree
> > ()
> > - heap corruption detected (attacker '88.116.33.10', file
> > '/webserverroot/www.example.com/index.php')
>
> This again seems to be a bug in PHP or its extension (memory related). This is
> not related to any kind of TYPO3 attack.
> Both "events" seem to be unable to trigger by intention from remote - so
> there's no real "attacker".
>
> These bugs aren't causes by or able to mitigate by TYPO3 source code.
>
> To fix these bugs, you have to use bug infrastructure of your OS distributor!
It would be great if someone could fix the problem, and/or backport PHP
5.2.13 to Lenny. If you want to discuss the issue with the TYPO3 folks,
their ticket number for this issue is [Ticket#2010033110000014].
I leave the severity as "normal" because the TYPO3 folks claim that the
error occurs at random, and cannot be provoked by a user, and that this
is not really a security problem (see [1] for details), although I'm
not quite sure about that because there are only exactly these two
locations where the error occurs, often several times a day.
Kind regards,
--Toni++
[1]
http://www.suspekt.org/2008/10/12/suhosin-canary-mismatch-on-efree-heap-overflow-detected/
--- End Message ---
--- Begin Message ---
Version: 5.3.3-7
Hi,
since lenny is oldstable it will not get any updates now (except
security)[1], I am closing all segfault bugs filled against php5 in
lenny. (This is kind of saying that we don't care much about php5 in
lenny anymore).
If you believe the bug is still there, please provide evidence[2] and
a (preferably complete) test case with up-to-date squeeze (and/or
testing or unstable) version of php5 and reopen the bug.
O.
1. http://wiki.debian.org/PHP#Notes_on_PHP_and_security
2. Install php5-dbg and provide backtrace:
http://bugs.php.net/bugs-generating-backtrace.php
--
Ondřej Surý <[email protected]>
--- End Message ---
