<<< Date Index >>>     <<< Thread Index >>>

Re: [SECURITY] [DSA 729-1] New PHP4 packages fix denial of service



Hi there,


> An iDEFENSE researcher discovered two problems in the image processing
> functions of PHP, a server-side, HTML-embedded scripting language, of
> which one is present in woody as well.  When reading a JPEG image, PHP
> can be tricked into an endless loop due to insufficient input
> validation.

I don't see anything in the latest change logs, could anyone please point
me to more information about this error ? Is it located in the GD php
extension ?

Sincerely,
JG