A bug in the readfile() function of php4 could be used to to crash the httpd running the php4 code when accessing files with a multiple of the architectures page size leading to a denial of service. http://bugs.php.net/bug.php?id=27037&edit=3 http://cvs.php.net/diff.php/php-src/sapi/apache2handler/sapi_apache2.c?r1=1.1.2.24&r2=1.1.2.25&ty=u
We use the apache2filter SAPI in RHEL3, this only affected the apache2handler in old versions of PHP. This doesn't affect the version of the apache2handler shipped in either RHEL4 or any current FC releases either.