Bug 20498

Summary: PHP "exif_read_data()" Denial of Service
Product: Sisyphus Reporter: Vladimir Lettiev <crux>
Component: php5-exifAssignee: Anton Farygin <rider>
Status: CLOSED FIXED QA Contact: qa-sisyphus
Severity: blocker    
Priority: P3 CC: rider
Version: unstableKeywords: security
Hardware: all   
OS: Linux   
URL: http://bugs.php.net/bug.php?id=48378

Description Vladimir Lettiev 2009-06-19 18:11:51 MSD 
There seems to be a problem in exif_read_data(), where some fields
representing offsets(?) are taken directly from the file without being
validated, resulting in a segmentation fault.

This bug fixed in 5.2.10: http://www.php.net/releases/5_2_10.php
Comment 1 Anton Farygin 2010-01-29 13:46:17 MSK 
php5-5.2.12 уже в Sisyphus.