PHP security update breaks IMP

Thomas Gebhardt gebhardt@HRZ.Uni-Marburg.DE
Fri, 20 Oct 2000 08:57:28 +0200

Previous message: [imp] "Invalid SQL" error cause
Next message: [imp] PHP security update breaks IMP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

just want to report an observation that we made (sorry that I
cannot track down the details more precisely):

When upgrading from PHP 3.0.16 to PHP 3.0.17 (which fixes the
recently found format string security bug) I found that I cannot
send attachments any more (the apache error log mentions a
segfault when I try to upload an attachment). Downgrading
to PHP 3.0.16 fixes the flaw.

Namely I run a Debian GNU/Linux system (potato) with
apache-ssl 1.3.9.13-2 and imp 2.2.3-1. The upgrade that
breaks imp was php3 3.0.16-2potato -> 3.0.17-0potato2.

Kind regards, Thomas

Previous message: [imp] "Invalid SQL" error cause
Next message: [imp] PHP security update breaks IMP
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]