An interruption vulnerability was discovered in strrchr() in PHP 5.2.x. A malicious script author could interrupt internal PHP function, leading to information leak. Upstream commit: http://svn.php.net/viewvc?view=revision&revision=300916 References: http://thread.gmane.org/gmane.comp.security.oss.general/3109 http://www.php.net/releases/5_2_14.php
More info on the impact of the interruption vulnerabilities - bug #617578, comment #3. *** This bug has been marked as a duplicate of bug 169857 ***
Statement: Red Hat does not consider interruption issues allowing safe_mode / open_basedir restriction bypass to be security sensitive. For more details see https://bugzilla.redhat.com/show_bug.cgi?id=169857#c1 and http://www.php.net/security-note.php