Thanks for reporting this issue. It has been addressed in Ubuntu 10.10 (maverick) and newer. For Ubuntu 10.04 LTS (lucid), I'll be applying the upstream fix for it. For Ubuntu 8.04 LTS (hardy), upstream never fixed this issue in the php 5.2 branch, and backporting the fix is non-trivial and thus has a non-trivial amount of risk to it, while the issue in question is of relatively low risk; it requires a malicious php script in place on the server. Thus this will not be fixed for 8.04.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. https://bugs.launchpad.net/bugs/852871 Title: PHP ZEND_SL Opcode Interruption Address Information Leak Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/852871/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
