thd=0x8aea8a8
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
Cannot determine thread, fp=0xb038d7ec, backtrace may not be correct.
Stack range sanity check OK, backtrace follows:
0x8187393
0xb7be8afb
0x8208dc4
0x81a55e2
0x81a58b7
5.2.11 does not properly perform certificate validation, which has
unknown impact and attack vectors, probably related to an ability to
spoof certificates (CVE-2009-3291).
Unspecified vulnerability in PHP before 5.2.11 has unknown impact
and attack vectors related to missing sanity checks around exif
processing. (CVE-2009-3292)
Unspecified vulnerability in the imagecolortransparent function in
PHP before 5.2.11 has unknown impact and attack vectors related to
an incorrect sanity check for the color index. (CVE-2009-3293)
5.2.11 does not properly perform certificate validation, which has
unknown impact and attack vectors, probably related to an ability to
spoof certificates (CVE-2009-3291).
Unspecified vulnerability in PHP before 5.2.11 has unknown impact
and attack vectors related to missing sanity checks around exif
processing. (CVE-2009-3292)
Unspecified vulnerability in the imagecolortransparent function in
PHP before 5.2.11 has unknown impact and attack vectors related to an
incorrect sanity check for the color index. (CVE-2009-3293). However
5.2.11 does not properly perform certificate validation, which has
unknown impact and attack vectors, probably related to an ability to
spoof certificates (CVE-2009-3291).
Unspecified vulnerability in PHP before 5.2.11 has unknown impact
and attack vectors related to missing sanity checks around exif
processing. (CVE-2009-3292)
Unspecified vulnerability in the imagecolortransparent function in
PHP before 5.2.11 has unknown impact and attack vectors related to
an incorrect sanity check for the color index. (CVE-2009-3293)
> to bypass directory permissions for where the file is located.
> Thankfully, file permissions still apply so you need an app which has
> silly file perms in a bolted down directory for this.
>
> Symlinking the same file to a link on a normal ext3 or nfs filesystem as
> a sanity check shows correct permission behaviour. If you try to write
> to that symlink you get permission denied so the permissions on the fs
> actually work.
>
> No need to be root, nothing. It is not a case of "forget to drop EID or
> something else like that either". It looks like what it says on the tin
c.name = zend_strndup(const_name, c.name_len);
efree(const_name);
c.name_len++; /* include NUL */
SysFreeString(bstr_ids);
/* sanity check for the case where the constant is already defined */
if (zend_get_constant(c.name, c.name_len - 1, &exists TSRMLS_CC)) {
if (COMG(autoreg_verbose) && !compare_function(&results, &c.value, &exists TSRMLS_CC)) {
php_error_docref(NULL TSRMLS_CC, E_WARNING, "Type library constant %s is already defined", c.name);
}
free(c.name);
to bypass directory permissions for where the file is located.
Thankfully, file permissions still apply so you need an app which has
silly file perms in a bolted down directory for this.
Symlinking the same file to a link on a normal ext3 or nfs filesystem as
a sanity check shows correct permission behaviour. If you try to write
to that symlink you get permission denied so the permissions on the fs
actually work.
No need to be root, nothing. It is not a case of "forget to drop EID or
something else like that either". It looks like what it says on the tin
5.2.11 does not properly perform certificate validation, which has
unknown impact and attack vectors, probably related to an ability to
spoof certificates (CVE-2009-3291).
Unspecified vulnerability in PHP before 5.2.11 has unknown impact
and attack vectors related to missing sanity checks around exif
processing. (CVE-2009-3292)
Unspecified vulnerability in the imagecolortransparent function in
PHP before 5.2.11 has unknown impact and attack vectors related to an
incorrect sanity check for the color index. (CVE-2009-3293). However
