This bug was fixed in the package php5 - 5.3.2-1ubuntu4.5
---
php5 (5.3.2-1ubuntu4.5) lucid-security; urgency=low
* SECURITY UPDATE: denial of service and possible memory corruption via
negative size in HTTP chunked encoding stream
- debian/patches/CVE-2010-1866.patch:
Now that a fix has been released for Ubuntu 10.04, what needs to happen
to get this fixed in the PHP 5 code base? PHP bug
http://bugs.php.net/bug.php?id=52102 was closed out as a duplicate of
http://bugs.php.net/bug.php?id=44522 , which it isn't an exact
duplicate? How do we get the PHP5 code
Marc,
Now that this has been verified, would it be possible to fold this fix
into the security update, to avoid yet another upload?
** Tags added: verification-done
** Tags removed: verification-needed
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
I can officially move this version to -updates on Monday morning or
Sunday if that would help.
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is
Martin,
No problem, I will incorporate the fix into the security updates. No
need to move the version currently in -proposed.
Thanks!
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a
Accepted php5 into lucid-proposed, the package will build now and be
available in a few hours. Please test and give feedback here. See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to
enable and use -proposed. Thank you in advance!
** Changed in: php5 (Ubuntu Lucid)
** Branch linked: lp:ubuntu/lucid-proposed/php5
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
FYI, on monday we will be releasing security updates for php that will
have versioning newer than the package currently in -proposed. I will
upload an updated package to -proposed once the security updates come
out.
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
Marc:
Will the next version have the proper support for handling large files
( 2^32 bytes) in it?
Test case for this is listed above.
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a
The security update coming out monday will not. Monday, a new package
that does contain the fix will be uploaded to -proposed for the required
testing waiting period.
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug
The proposed fix (in lucid-proposed as 5.3.2-1ubuntu4.3.) corrects this
bug. I have now tested version 5.3.2-1ubuntu4.3 and successfully
downloaded a large file ( 2^32 bytes) via a dynamic PHP script on a 64
bit Ubuntu 10.04.1 based system.
--
PHP5 under Apache2 on 64 bit system is not
The proposed fix (in lucid-proposed as 5.3.2-1ubuntu4.3.) corrects this
bug. I have now tested version 5.3.2-1ubuntu4.3 and successfully
downloaded a large file ( 2^32 bytes) via a dynamic PHP script on a 64
bit Ubuntu 10.04.1 based system.
Just to add details:
Test was with the PHP script (
Thanks for testing it!
The packages that will get pushed to -proposed on monday will contain
the same bug fix, on top of the security updates. Once the one week
waiting period is up, they will get pushed to -updates. Since it's the
same fix you've already tested, I don't think the SRU team will
** Changed in: php5 (Ubuntu Lucid)
Importance: Undecided = Medium
** Changed in: php5 (Ubuntu Lucid)
Status: Confirmed = In Progress
** Changed in: php5 (Ubuntu Lucid)
Assignee: (unassigned) = Thierry Carrez (ttx)
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
Uploaded to lucid-proposed
** Changed in: php5 (Ubuntu Lucid)
Status: In Progress = Confirmed
** Changed in: php5 (Ubuntu Lucid)
Assignee: Thierry Carrez (ttx) = (unassigned)
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You
Regarding the SRU to lucid:
https://code.launchpad.net/~clint-fewbar/ubuntu/lucid/php5/lucid-sru-lp564920/+merge/32803
IMPACT:
This bug fix is intended to make it possible to access/download large
files. Users who attempt it now are given a file of the wrong size
(silently) as the pointer
** Also affects: php5 (Ubuntu Lucid)
Importance: Undecided
Status: New
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5
** Branch linked: lp:~clint-fewbar/ubuntu/lucid/php5/lucid-sru-lp564920
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in
** Changed in: php5 (Ubuntu Lucid)
Status: New = Confirmed
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
** Changed in: php5 (Ubuntu)
Assignee: Chuck Short (zulcss) = Thierry Carrez (ttx)
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed
This bug was fixed in the package php5 - 5.3.3-1ubuntu3
---
php5 (5.3.3-1ubuntu3) maverick; urgency=low
* debian/patches/lp564920-fix-big-files.patch: Fix downloading of large
files (LP: #564920)
-- Clint Byrum cl...@ubuntu.com Fri, 06 Aug 2010 13:10:17 -0700
** Changed in:
** Changed in: php5 (Ubuntu)
Status: Confirmed = In Progress
** Changed in: php5 (Ubuntu)
Assignee: Chuck Short (zulcss) = Clint Byrum (clint-fewbar)
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug
** Branch linked: lp:~clint-fewbar/ubuntu/maverick/php5/fix-lp564920
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
attaching debdiff of same thing as linked merge proposal
** Patch added: debdiff-533ubuntu2-to-533ubuntu3.diff
http://launchpadlibrarian.net/53198415/debdiff-533ubuntu2-to-533ubuntu3.diff
** Changed in: php5 (Ubuntu)
Assignee: Clint Byrum (clint-fewbar) = Chuck Short (zulcss)
--
PHP5
I've now had a chance to install the PHP5 build from ppa:zulcss/server-
lucid-bug-fixes. With that build, I was able to download a file 2^32
bytes (over the 4.2Gb boundary) successfully. I still need to test the
scripts I have running under Apache2 / PHP5 / Mysql 5.0 from Ubuntu 8.04
LTS to see
I tested this and confirmed that the entire test ISO was properly
downloaded.
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in
Hi,
You can install the PPA manually as documented at
https://help.launchpad.net/Packaging/PPA/InstallingSoftware, see the
section On older (pre 9.10) Ubuntu systems. After following the steps
you should be able to install it without a problem.
chuck
--
PHP5 under Apache2 on 64 bit system is
Can you try the version in ppa:zulcss/server-lucid-bug-fixes ?
thanks
chuck
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in
Is ppa:zulcss/server-lucid-bug-fixes different from what is pointed at
by https://launchpad.net/~zulcss/+archive/ppa ? The later is still
showing a 2010/06/28 build date which is broken for trying to run PHP
scripts under apache2. It is missing libapache2-mod-php5{a} and
php5-intl{a} from the
So this is caused by a regression by the fix for php bug #48309. Marc
patch does work but the side effect of the fix is that it re-introduces
the same bug, so we need to find a better fix for bug #48309.
The plan going forward is the following:
- Make a PHP version with the patch available in a
Here a patch that should fix this. It will stop php from mmaping large
files. It may not be the approach upstream would like.
** Patch added: fix-big-files.patch
http://launchpadlibrarian.net/51984002/fix-big-files.patch
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
** Tags added: patch
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
Ubuntu-server-bugs mailing list
Marc, 4*1024*1024 (4MB) seems rather arbitrary. An ini setting would be
a natural choice there. Upstream may or may not like it, but I think
limiting mmap to a certain size actually makes sense.
I haven't tried the patch yet, does it solve the issue?
--
PHP5 under Apache2 on 64 bit system is
Well, it's not completely arbitrary. It's the size that was used
previous to php 5.2.10. See _php_stream_mmap_range() in
main/streams/mmap.c.
In my limited testing, it does solve the issue. Unfortunately, it also
has the side effect of re-introducing php bug #48309 for files over 4MB.
Maybe
FYI, this is probably what caused the regression, but reverting it
wouldn't be a proper fix:
http://svn.php.net/viewvc?view=revisionrevision=280678
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because
** Changed in: php5 (Ubuntu)
Assignee: (unassigned) = Chuck Short (zulcss)
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5
@R. Jones
Go to
https://launchpad.net/~zulcss/+archive/ppa
and follow instructions under Adding this PPA to your system.
Install
php5 5.3.2-1ubuntu4.3
I tested this myself and the results were unsatisfactory (Apache error
after about 10% download of the test ISO file). Can you confirm
Ok. I'm back to trying to test this fix. I think I have lucid-proposed
added to my test configuration. I'm not seeing the build. A pointer to
a web page documenting what I need to do next to access your ppa area
and use it would be useful.
Thanks.
--
PHP5 under Apache2 on 64 bit system is
This turned out to be a duplicate of
http://bugs.php.net/bug.php?id=44522
Submitted: 2008-03-24 18:21 UTC
** Bug watch added: bugs.php.net/ #44522
http://bugs.php.net/bug.php?id=44522
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
Actually, http://bugs.php.net/bug.php?id=44522 is concerned with
uploading data to the server, which according to 44522 breaks at the 2G
byte mark (a signed 32 bit int issue). This bug (564920, php # 52102)
is an issue with downloading data from the server, which breaks at the
4G byte mark. Both
Yes, we are doing just that.
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
Ubuntu-server-bugs mailing list
I sent this bug upstream.
http://bugs.php.net/bug.php?id=52102
** Bug watch added: bugs.php.net/ #52102
http://bugs.php.net/bug.php?id=52102
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you
I have confirmed this.
A 64-bit Lucid Apache server hosting a file of size
4697126912 bytes
and a client (happens to be Lucid also) downloading the file via the
above test.php script only gets
402159616 bytes
** Changed in: php5 (Ubuntu)
Status: New = Confirmed
--
PHP5 under Apache2
Attached requested script to reproduce bug.
** Changed in: php5 (Ubuntu)
Status: Incomplete = New
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team,
Bug does not exist in Debian 5.04 release (with updates).
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in ubuntu.
--
Please provide a sample php script so I can try to replicate this.
Regards
chuck
** Changed in: php5 (Ubuntu)
Importance: Undecided = Low
** Changed in: php5 (Ubuntu)
Status: New = Incomplete
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
Bug also exists in current Ubuntu 9.10 release.
Tested using the test.php script previously attached, and using the
suggested debian dvd .iso image as the input file (listed as test.txt in
test.php script). .iso image is 4,697,126,912 bytes. Download socket
is closed after 402,159,616 bytes,
** Attachment added: System generated bug report attached.
http://launchpadlibrarian.net/44462618/apport.php5.m0o9Zn.apport
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of
Was php5 compiled with -D_LARGEFILE_SOURCE and -D_FILE_OFFSET_BITS=64 on
64 bit systems?
--
PHP5 under Apache2 on 64 bit system is not completely 64 bit
https://bugs.launchpad.net/bugs/564920
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed
49 matches
Mail list logo