Stefan Esser told vendor-sec about a buffer overflow in PHP's
htmlentities/htmlspecialchars internal routines. These flaws are triggered when
handling utf-8 data. The danger in this flaw is that these functions are
usually passed user input.
The patch for this issue can be found here:
This issue also affects RHEL2.1 and RHEL3
This issue is public:
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.
*** Bug 213870 has been marked as a duplicate of this bug. ***