php5 5.2.3-1ubuntu6.1 introduced segfault regression
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
php5 (Ubuntu) |
Fix Released
|
High
|
Kees Cook |
Bug Description
Binary package hint: php5
Since installing the latest security update for PHP (5.2.3-1ubuntu6.1) I am seeing segfaults when accessing some PHP CGI scripts:
Nov 30 13:20:41 pip kernel: [2049612.462000] php5-cgi[3740]: segfault at ffffffffa0239a60 rip 00002aee99db8b50 rsp 00007fff13250558 error 4
Nov 30 13:20:44 pip kernel: [2049615.858235] php5-cgi[3828]: segfault at 000000007cee2a48 rip 00002b0a7f3feb50 rsp 00007fff2dc0a478 error 4
Nov 30 13:20:46 pip kernel: [2049617.016314] php5-cgi[3838]: segfault at 00000000267a65c8 rip 00002b0928cd3b50 rsp 00007fff8433d1b8 error 4
I am not yet sure exactly what is causing the segfault. I can confirm however that the same issue definitely does not occur on 5.2.3-1ubuntu6.
The set of PHP packages I have installed is:
13:20:56 1006 mas90-adm@pip:~$ dpkg --get-selections | grep ^php5
php5 install
php5-cgi install
php5-cli install
php5-common install
php5-curl install
php5-dev install
php5-gd install
php5-imap install
php5-ldap install
php5-mcrypt install
php5-mysql install
php5-pgsql install
php5-xmlrpc install
php5-xsl install
I will attempt to find out what is causing the problem and will update this bug report if I have any more information. Meanwhile if there's anything you would like me to try, please let me know.
On Fri, Nov 30, 2007 at 01:31:54PM -0000, Malcolm Scott wrote:
> The set of PHP packages I have installed is:
>
> 13:20:56 1006 mas90-adm@pip:~$ dpkg --get-selections | grep ^php5
> php5 install
> php5-cgi install
> php5-cli install
> php5-common install
> php5-curl install
> php5-dev install
> php5-gd install
> php5-imap install
> php5-ldap install
> php5-mcrypt install
> php5-mysql install
> php5-pgsql install
> php5-xmlrpc install
> php5-xsl install
>
Are these the standard debs from the repository ? Did you recompile any
of these from the source deb ?
Are you able to figure which script crashes ?
status incomplete
--
Mathias