Bugtraq mailing list archives
Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service
From: John GALLET <john.gallet () wanadoo fr>
Date: Fri, 27 May 2005 10:24:43 +0200 (CEST)
Hi there,
An iDEFENSE researcher discovered two problems in the image processing functions of PHP, a server-side, HTML-embedded scripting language, of which one is present in woody as well. When reading a JPEG image, PHP can be tricked into an endless loop due to insufficient input validation.
I don't see anything in the latest change logs, could anyone please point me to more information about this error ? Is it located in the GD php extension ? Sincerely, JG
Current thread:
- [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service Martin Schulze (May 26)
- Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service John GALLET (May 27)