Off-by-one error in the str_ireplace function in PHP 5.2.1 might allow context-dependent attackers to cause a denial of service (crash). Reproducible: Didn't try http://www.securityfocus.com/bid/22505
damn. PHP CVS fixed
/me snickers...this bug would matter if we had 5.2.1
I put this one in here because bug 153911 was about to cause a bump to 5.2.1, but it doesn't look like they've done it, so these two bugs can probably be merged or disregarded.
Please don't resolve security bugs (or any other bugs for that matter where nothing has been done in our CVS).
5.2.1 is not even packaged with gentoo
Here we'll handle the bugs for this month of PHP bugs that are not already fixed in 4.4.6, 5.1.6-r* and 5.2.1-r* at the same time. Status is [upstream] If you find bugs that are already fixed in those versions, please comment on bug 153911 instead (status [stable]) * CVE-2007-0911: php-5.2.1 str_ireplace Off by One * XSS in phpinfo()
sorry that str_ireplace off-by-one is already fixed in 5.2.1-r3 :) going to bug 169372 consequently
back to the off-by-one error... affects 5.2.1, but fixed in our 5.2.1-r3. There will be one stabilization process, of course. See bug 153911
*** This bug has been marked as a duplicate of bug 153911 ***