Red Hat Bugzilla – Bug 60855
Buffer overrun and crasher
Last modified: 2007-04-18 12:40:47 EDT
php-4.1.2-2 is missing fixes for a crasher bug in session.c and potential
exploit in rfc1867.c that are in PHP's CVS.
The branch for PHP 4.1.x is very stable, but has had a couple of important bug
fixes since 4.1.2. It would be nice if the patch was included in the errata.
Created attachment 47801 [details]
changes on the 4.1.x branch
Fixed in 4.1.2-5