Vulnerability in php < 5.3.9 may allow remote denial of service
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4885
Solutions:
- Upgrade to 5.3.9
or
- Patch available in revision 321003 of 5.3 branch (Added max_input_vars directive to prevent attacks based on hash collision)
(from redmine: issue id 918, created on 2012-01-06, closed on 2012-01-19)
- Changesets:
- Revision 048cf16b by Natanael Copa on 2012-01-10T15:55:45Z:
main/php: security fix (CVE-2011-4885)
fixes #918