[Bug 1335652] Re: phpinfo() Type Confusion Information Leak Vulnerability
Ondřej Surý
ondrej at sury.org
Tue Jul 1 08:32:58 UTC 2014
Seth, I don't think that mod_php has functions to access random memory
chunks under normal conditions...
Thus I don't think that TLS private keys are available to PHP scripts if
the permissions are correctly set in the apache2.
I believe this is worth fixing anyway.
--
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to php5 in Ubuntu.
https://bugs.launchpad.net/bugs/1335652
Title:
phpinfo() Type Confusion Information Leak Vulnerability
To manage notifications about this bug go to:
https://bugs.launchpad.net/php/+bug/1335652/+subscriptions
More information about the Ubuntu-server-bugs
mailing list