Package: php5-cgi Version: 5.2.6.dfsg.1-1+lenny8 Severity: normal
Hi, I've written to the TYPO3 folks in order to get the problem described below fixed, but they say I should turn to you instead. FWIW, I'm running a pretty vanilla TYPO3 4.2.12 from upstream's source code, along with some add-ons that the customer implemented (but I don't know which, some are his creation). On Thu, 01.04.2010 at 05:20:39 +0200, TYPO3 Security Team <secur...@typo3.org> wrote: > Toni Mueller <supp...@oeko.net> wrote: > > I forgot to send another error message that makes me feel uneasy. So > > here goes: > > > Mar 23 14:19:29 debian suhosin[15099]: ALERT - canary mismatch on efree() > > > - heap overflow detected (attacker '80.142.175.180', file > > > '/webserverroot/typo3_src-4.2.12/t3lib/class.t3lib_htmlmail.php', line > > > 718) > > According to a blog post [1] this is caused by a memory corruption of PHP or > one of its extension. This is not related to TYPO3 Security. > > > Mar 29 13:15:47 debian suhosin[11070]: ALERT - linked list corrupt on efree > > () > > - heap corruption detected (attacker '88.116.33.10', file > > '/webserverroot/www.example.com/index.php') > > This again seems to be a bug in PHP or its extension (memory related). This is > not related to any kind of TYPO3 attack. > Both "events" seem to be unable to trigger by intention from remote - so > there's no real "attacker". > > These bugs aren't causes by or able to mitigate by TYPO3 source code. > > To fix these bugs, you have to use bug infrastructure of your OS distributor! It would be great if someone could fix the problem, and/or backport PHP 5.2.13 to Lenny. If you want to discuss the issue with the TYPO3 folks, their ticket number for this issue is [Ticket#2010033110000014]. I leave the severity as "normal" because the TYPO3 folks claim that the error occurs at random, and cannot be provoked by a user, and that this is not really a security problem (see [1] for details), although I'm not quite sure about that because there are only exactly these two locations where the error occurs, often several times a day. Kind regards, --Toni++ [1] http://www.suspekt.org/2008/10/12/suhosin-canary-mismatch-on-efree-heap-overflow-detected/ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org