Ubuntu
php7.4 package

Bug #2057576
Activity log

Activity log for bug #2057576

Date	Who	What changed	Old value	New value	Message
2024-03-12 11:48:14	Lars-Göran Karlstedt	bug			added bug
2024-03-12 12:09:01	Lars-Göran Karlstedt	description	Like the title says, we do run fpm_get_status a lot. We're trying to get metrics about our systems performance this way. lsb_release -rd: Description: Ubuntu 20.04.6 LTS Release: 20.04 apt-cache policy pkgname php-fpm: Installed: 2:7.4+75 Candidate: 2:7.4+75 Version table: *** 2:7.4+75 500 500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages 100 /var/lib/dpkg/status I expected it to return fpm status, instead it crashes and kills the process.	Like the title says, we do run fpm_get_status a lot. We're trying to get metrics about our systems performance this way. lsb_release -rd: Description: Ubuntu 20.04.6 LTS Release: 20.04 apt-cache policy php-fpm php-fpm: Installed: 2:7.4+75 Candidate: 2:7.4+75 Version table: *** 2:7.4+75 500 500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages 100 /var/lib/dpkg/status I expected it to return fpm status, instead it crashes and kills the process.
2024-03-12 13:58:40	Athos Ribeiro	php7.4 (Ubuntu): status	New	Incomplete
2024-03-12 13:58:47	Athos Ribeiro	bug			added subscriber Athos Ribeiro
2024-03-12 16:36:03	Lars-Göran Karlstedt	php7.4 (Ubuntu): status	Incomplete	New
2024-03-14 13:22:26	Athos Ribeiro	php7.4 (Ubuntu): status	New	Triaged
2024-03-14 13:22:30	Athos Ribeiro	php7.4 (Ubuntu): assignee		Athos Ribeiro (athos-ribeiro)
2024-03-14 13:22:45	Athos Ribeiro	bug			added subscriber Ubuntu Server
2024-03-14 13:22:56	Athos Ribeiro	tags		server-todo
2024-03-20 15:25:50	Athos Ribeiro	nominated for series		Ubuntu Focal
2024-03-20 15:25:50	Athos Ribeiro	bug task added		php7.4 (Ubuntu Focal)
2024-03-20 15:25:50	Athos Ribeiro	nominated for series		Ubuntu Jammy
2024-03-20 15:25:50	Athos Ribeiro	bug task added		php7.4 (Ubuntu Jammy)
2024-03-20 15:25:50	Athos Ribeiro	nominated for series		Ubuntu Mantic
2024-03-20 15:25:50	Athos Ribeiro	bug task added		php7.4 (Ubuntu Mantic)
2024-03-20 15:26:13	Athos Ribeiro	bug task deleted	php7.4 (Ubuntu Jammy)
2024-03-20 15:26:17	Athos Ribeiro	bug task deleted	php7.4 (Ubuntu Mantic)
2024-03-20 15:26:23	Athos Ribeiro	php7.4 (Ubuntu Focal): status	New	Triaged
2024-03-20 15:26:52	Athos Ribeiro	bug task added		php8.1 (Ubuntu)
2024-03-20 15:27:05	Athos Ribeiro	bug task added		php8.2 (Ubuntu)
2024-03-20 15:27:14	Athos Ribeiro	bug task deleted	php8.1 (Ubuntu Focal)
2024-03-20 15:27:24	Athos Ribeiro	bug task deleted	php8.2 (Ubuntu Focal)
2024-03-20 15:27:29	Athos Ribeiro	bug task deleted	php7.4 (Ubuntu Focal)
2024-03-20 15:28:00	Athos Ribeiro	php8.1 (Ubuntu): status	New	Triaged
2024-03-20 15:28:03	Athos Ribeiro	php8.2 (Ubuntu): status	New	Triaged
2024-03-25 14:55:41	Athos Ribeiro	nominated for series		Ubuntu Jammy
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php7.4 (Ubuntu Jammy)
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php8.1 (Ubuntu Jammy)
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php8.2 (Ubuntu Jammy)
2024-03-25 14:55:41	Athos Ribeiro	nominated for series		Ubuntu Mantic
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php7.4 (Ubuntu Mantic)
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php8.1 (Ubuntu Mantic)
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php8.2 (Ubuntu Mantic)
2024-03-25 14:55:41	Athos Ribeiro	nominated for series		Ubuntu Focal
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php7.4 (Ubuntu Focal)
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php8.1 (Ubuntu Focal)
2024-03-25 14:55:41	Athos Ribeiro	bug task added		php8.2 (Ubuntu Focal)
2024-03-25 14:55:48	Athos Ribeiro	bug task deleted	php7.4 (Ubuntu Jammy)
2024-03-25 14:55:54	Athos Ribeiro	bug task deleted	php7.4 (Ubuntu Mantic)
2024-03-25 14:56:01	Athos Ribeiro	bug task deleted	php8.1 (Ubuntu Focal)
2024-03-25 14:56:07	Athos Ribeiro	bug task deleted	php8.1 (Ubuntu Mantic)
2024-03-25 14:56:21	Athos Ribeiro	bug task deleted	php8.2 (Ubuntu Focal)
2024-03-25 14:56:27	Athos Ribeiro	bug task deleted	php8.2 (Ubuntu Jammy)
2024-03-25 14:56:33	Athos Ribeiro	php8.2 (Ubuntu Mantic): status	New	Triaged
2024-03-25 14:56:37	Athos Ribeiro	php8.1 (Ubuntu Jammy): status	New	Triaged
2024-03-25 14:56:44	Athos Ribeiro	php8.2 (Ubuntu): status	Triaged	Invalid
2024-03-25 14:56:49	Athos Ribeiro	php8.1 (Ubuntu): status	Triaged	Invalid
2024-03-25 14:56:53	Athos Ribeiro	php7.4 (Ubuntu): status	Triaged	Invalid
2024-03-25 14:56:58	Athos Ribeiro	php7.4 (Ubuntu Focal): status	New	Triaged
2024-03-25 14:57:04	Athos Ribeiro	php7.4 (Ubuntu): assignee	Athos Ribeiro (athos-ribeiro)
2024-03-25 14:57:07	Athos Ribeiro	php7.4 (Ubuntu Focal): assignee		Athos Ribeiro (athos-ribeiro)
2024-03-25 14:57:10	Athos Ribeiro	php8.1 (Ubuntu Jammy): assignee		Athos Ribeiro (athos-ribeiro)
2024-03-25 14:57:14	Athos Ribeiro	php8.2 (Ubuntu Mantic): assignee		Athos Ribeiro (athos-ribeiro)
2024-03-26 15:36:48	Launchpad Janitor	merge proposal linked		https://code.launchpad.net/~athos-ribeiro/ubuntu/+source/php8.2/+git/php8.2/+merge/463141
2024-03-26 15:50:00	Athos Ribeiro	description	Like the title says, we do run fpm_get_status a lot. We're trying to get metrics about our systems performance this way. lsb_release -rd: Description: Ubuntu 20.04.6 LTS Release: 20.04 apt-cache policy php-fpm php-fpm: Installed: 2:7.4+75 Candidate: 2:7.4+75 Version table: *** 2:7.4+75 500 500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages 100 /var/lib/dpkg/status I expected it to return fpm status, instead it crashes and kills the process.	[ Impact ] Running fpm_get_status may result in a segmentation fault. [ Test Plan ] WIP [ Where problems could occur ] The change in question is straightforward: We are replacing a string interpolation for a string literal because the variables being substituted could result in a null pointer dereference. Unless some other software components are parsing the logs, which are being changed (which would result in chained failures across components), issues could occur due to unrelated issues with possible new dependencies after a full PHP rebuild. [ Other Info ] This is fixed upstream in php-8.3.1, php-8.2.14, and php-8.1.27. Hence, this should be fixed in noble, but needs fixing in mantic, jammy, and focal. [ Original report ] Like the title says, we do run fpm_get_status a lot. We're trying to get metrics about our systems performance this way. lsb_release -rd: Description: Ubuntu 20.04.6 LTS Release: 20.04 apt-cache policy php-fpm php-fpm: Installed: 2:7.4+75 Candidate: 2:7.4+75 Version table: *** 2:7.4+75 500 500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages 100 /var/lib/dpkg/status I expected it to return fpm status, instead it crashes and kills the process.
2024-03-27 14:20:37	Athos Ribeiro	description	[ Impact ] Running fpm_get_status may result in a segmentation fault. [ Test Plan ] WIP [ Where problems could occur ] The change in question is straightforward: We are replacing a string interpolation for a string literal because the variables being substituted could result in a null pointer dereference. Unless some other software components are parsing the logs, which are being changed (which would result in chained failures across components), issues could occur due to unrelated issues with possible new dependencies after a full PHP rebuild. [ Other Info ] This is fixed upstream in php-8.3.1, php-8.2.14, and php-8.1.27. Hence, this should be fixed in noble, but needs fixing in mantic, jammy, and focal. [ Original report ] Like the title says, we do run fpm_get_status a lot. We're trying to get metrics about our systems performance this way. lsb_release -rd: Description: Ubuntu 20.04.6 LTS Release: 20.04 apt-cache policy php-fpm php-fpm: Installed: 2:7.4+75 Candidate: 2:7.4+75 Version table: *** 2:7.4+75 500 500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages 100 /var/lib/dpkg/status I expected it to return fpm status, instead it crashes and kills the process.	[ Impact ] Running fpm_get_status may result in a segmentation fault. [ Test Plan ] The following script is a reproducer for the described bug: #!/bin/bash set -eux trap cleanup EXIT UBUNTU_SERIES=${UBUNTU_SERIIES:-mantic} PHP_VERSION=${PHP_VERSION:-8.2} TEST_CONTAINER=php-fpm-segfault PHP_TEST_FILE=$(mktemp) cleanup() { rm -f ${PHP_TEST_FILE} lxc delete -f ${TEST_CONTAINER} } cat > ${PHP_TEST_FILE} <<EOF testing... <br/> <?php phpinfo(); fpm_get_status(); EOF lxc launch ubuntu-daily:${UBUNTU_SERIES} ${TEST_CONTAINER} lxc exec ${TEST_CONTAINER} -- apt update lxc exec ${TEST_CONTAINER} -- apt install -y php php-fpm apache2-utils apache2 libapache2-mod-fcgid lxc exec ${TEST_CONTAINER} -- systemctl start php${PHP_VERSION}-fpm lxc exec ${TEST_CONTAINER} -- a2dismod php${PHP_VERSION} mpm_prefork lxc exec ${TEST_CONTAINER} -- a2enconf php8.2-fpm lxc exec ${TEST_CONTAINER} -- a2enmod proxy_fcgi proxy mpm_event lxc file push ${PHP_TEST_FILE} ${TEST_CONTAINER}/var/www/html/test.php --mode 0644 lxc exec ${TEST_CONTAINER} -- systemctl restart apache2.service lxc exec ${TEST_CONTAINER} -- sh -c "curl -s localhost/test.php \| grep -o 'FPM/FastCGI'" lxc exec ${TEST_CONTAINER} -- ab -n 10000 -c 99 http://localhost/test.php echo 'Number of SIGSEGV failures:' lxc exec ${TEST_CONTAINER} -- sh -c "cat /var/log/php8.2-fpm.log \| grep -c SIGSEGV" Running the script above ensuring the php packages from proposed are installed should be enough for SRU verification purposes. [ Where problems could occur ] The change in question is straightforward: We are replacing a string interpolation for a string literal because the variables being substituted could result in a null pointer dereference. Unless some other software components are parsing the logs, which are being changed (which would result in chained failures across components), issues could occur due to unrelated issues with possible new dependencies after a full PHP rebuild. [ Other Info ] This is fixed upstream in php-8.3.1, php-8.2.14, and php-8.1.27. Hence, this should be fixed in noble, but needs fixing in mantic, jammy, and focal. [ Original report ] Like the title says, we do run fpm_get_status a lot. We're trying to get metrics about our systems performance this way. lsb_release -rd: Description: Ubuntu 20.04.6 LTS Release: 20.04 apt-cache policy php-fpm php-fpm: Installed: 2:7.4+75 Candidate: 2:7.4+75 Version table: *** 2:7.4+75 500 500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages 100 /var/lib/dpkg/status I expected it to return fpm status, instead it crashes and kills the process.
2024-03-27 14:33:26	Athos Ribeiro	php8.2 (Ubuntu Mantic): status	Triaged	In Progress
2024-03-27 14:34:27	Athos Ribeiro	bug			added subscriber Ubuntu Stable Release Updates Team
2024-04-05 13:23:53	Timo Aaltonen	php8.2 (Ubuntu Mantic): status	In Progress	Fix Committed
2024-04-05 13:23:55	Timo Aaltonen	bug			added subscriber SRU Verification
2024-04-05 13:23:59	Timo Aaltonen	tags	server-todo	server-todo verification-needed verification-needed-mantic
2024-04-10 12:24:18	Launchpad Janitor	merge proposal linked		https://code.launchpad.net/~athos-ribeiro/ubuntu/+source/php8.1/+git/php8.1/+merge/464008
2024-04-10 12:37:56	Launchpad Janitor	merge proposal linked		https://code.launchpad.net/~athos-ribeiro/ubuntu/+source/php7.4/+git/php7.4/+merge/464010
2024-04-11 21:31:56	Athos Ribeiro	description	[ Impact ] Running fpm_get_status may result in a segmentation fault. [ Test Plan ] The following script is a reproducer for the described bug: #!/bin/bash set -eux trap cleanup EXIT UBUNTU_SERIES=${UBUNTU_SERIIES:-mantic} PHP_VERSION=${PHP_VERSION:-8.2} TEST_CONTAINER=php-fpm-segfault PHP_TEST_FILE=$(mktemp) cleanup() { rm -f ${PHP_TEST_FILE} lxc delete -f ${TEST_CONTAINER} } cat > ${PHP_TEST_FILE} <<EOF testing... <br/> <?php phpinfo(); fpm_get_status(); EOF lxc launch ubuntu-daily:${UBUNTU_SERIES} ${TEST_CONTAINER} lxc exec ${TEST_CONTAINER} -- apt update lxc exec ${TEST_CONTAINER} -- apt install -y php php-fpm apache2-utils apache2 libapache2-mod-fcgid lxc exec ${TEST_CONTAINER} -- systemctl start php${PHP_VERSION}-fpm lxc exec ${TEST_CONTAINER} -- a2dismod php${PHP_VERSION} mpm_prefork lxc exec ${TEST_CONTAINER} -- a2enconf php8.2-fpm lxc exec ${TEST_CONTAINER} -- a2enmod proxy_fcgi proxy mpm_event lxc file push ${PHP_TEST_FILE} ${TEST_CONTAINER}/var/www/html/test.php --mode 0644 lxc exec ${TEST_CONTAINER} -- systemctl restart apache2.service lxc exec ${TEST_CONTAINER} -- sh -c "curl -s localhost/test.php \| grep -o 'FPM/FastCGI'" lxc exec ${TEST_CONTAINER} -- ab -n 10000 -c 99 http://localhost/test.php echo 'Number of SIGSEGV failures:' lxc exec ${TEST_CONTAINER} -- sh -c "cat /var/log/php8.2-fpm.log \| grep -c SIGSEGV" Running the script above ensuring the php packages from proposed are installed should be enough for SRU verification purposes. [ Where problems could occur ] The change in question is straightforward: We are replacing a string interpolation for a string literal because the variables being substituted could result in a null pointer dereference. Unless some other software components are parsing the logs, which are being changed (which would result in chained failures across components), issues could occur due to unrelated issues with possible new dependencies after a full PHP rebuild. [ Other Info ] This is fixed upstream in php-8.3.1, php-8.2.14, and php-8.1.27. Hence, this should be fixed in noble, but needs fixing in mantic, jammy, and focal. [ Original report ] Like the title says, we do run fpm_get_status a lot. We're trying to get metrics about our systems performance this way. lsb_release -rd: Description: Ubuntu 20.04.6 LTS Release: 20.04 apt-cache policy php-fpm php-fpm: Installed: 2:7.4+75 Candidate: 2:7.4+75 Version table: *** 2:7.4+75 500 500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages 100 /var/lib/dpkg/status I expected it to return fpm status, instead it crashes and kills the process.	[ Impact ] Running fpm_get_status may result in a segmentation fault. [ Test Plan ] The following script is a reproducer for the described bug: #!/bin/bash set -eux trap cleanup EXIT UBUNTU_SERIES=${UBUNTU_SERIES:-mantic} PHP_VERSION=${PHP_VERSION:-8.2} TEST_CONTAINER=php-fpm-segfault PHP_TEST_FILE=$(mktemp) cleanup() { rm -f ${PHP_TEST_FILE} lxc delete -f ${TEST_CONTAINER} } cat > ${PHP_TEST_FILE} <<EOF testing... <br/> <?php phpinfo(); fpm_get_status(); EOF lxc launch ubuntu-daily:${UBUNTU_SERIES} ${TEST_CONTAINER} lxc exec ${TEST_CONTAINER} -- apt update lxc exec ${TEST_CONTAINER} -- apt install -y php php-fpm apache2-utils apache2 libapache2-mod-fcgid lxc exec ${TEST_CONTAINER} -- systemctl start php${PHP_VERSION}-fpm lxc exec ${TEST_CONTAINER} -- a2dismod php${PHP_VERSION} mpm_prefork lxc exec ${TEST_CONTAINER} -- a2enconf php8.2-fpm lxc exec ${TEST_CONTAINER} -- a2enmod proxy_fcgi proxy mpm_event lxc file push ${PHP_TEST_FILE} ${TEST_CONTAINER}/var/www/html/test.php --mode 0644 lxc exec ${TEST_CONTAINER} -- systemctl restart apache2.service lxc exec ${TEST_CONTAINER} -- sh -c "curl -s localhost/test.php \| grep -o 'FPM/FastCGI'" lxc exec ${TEST_CONTAINER} -- ab -n 10000 -c 99 http://localhost/test.php echo 'Number of SIGSEGV failures:' lxc exec ${TEST_CONTAINER} -- sh -c "cat /var/log/php8.2-fpm.log \| grep -c SIGSEGV" Running the script above ensuring the php packages from proposed are installed should be enough for SRU verification purposes. [ Where problems could occur ] The change in question is straightforward: We are replacing a string interpolation for a string literal because the variables being substituted could result in a null pointer dereference. Unless some other software components are parsing the logs, which are being changed (which would result in chained failures across components), issues could occur due to unrelated issues with possible new dependencies after a full PHP rebuild. [ Other Info ] This is fixed upstream in php-8.3.1, php-8.2.14, and php-8.1.27. Hence, this should be fixed in noble, but needs fixing in mantic, jammy, and focal. [ Original report ] Like the title says, we do run fpm_get_status a lot. We're trying to get metrics about our systems performance this way. lsb_release -rd: Description: Ubuntu 20.04.6 LTS Release: 20.04 apt-cache policy php-fpm php-fpm: Installed: 2:7.4+75 Candidate: 2:7.4+75 Version table: *** 2:7.4+75 500 500 http://fi.archive.ubuntu.com/ubuntu focal/universe amd64 Packages 100 /var/lib/dpkg/status I expected it to return fpm status, instead it crashes and kills the process.
2024-04-16 11:16:36	Athos Ribeiro	php8.1 (Ubuntu Jammy): status	Triaged	In Progress
2024-04-16 11:16:40	Athos Ribeiro	php7.4 (Ubuntu Focal): status	Triaged	In Progress
2024-04-16 11:46:49	Athos Ribeiro	tags	server-todo verification-needed verification-needed-mantic	server-todo verification-done-mantic verification-needed
2024-04-22 11:53:57	Athos Ribeiro	tags	server-todo verification-done-mantic verification-needed	server-todo verification-needed verification-needed-mantic
2024-04-26 08:54:43	Timo Aaltonen	php8.1 (Ubuntu Jammy): status	In Progress	Fix Committed
2024-04-26 08:54:47	Timo Aaltonen	tags	server-todo verification-needed verification-needed-mantic	server-todo verification-needed verification-needed-jammy verification-needed-mantic
2024-04-26 09:17:52	Timo Aaltonen	php7.4 (Ubuntu Focal): status	In Progress	Fix Committed
2024-04-26 09:17:55	Timo Aaltonen	tags	server-todo verification-needed verification-needed-jammy verification-needed-mantic	server-todo verification-needed verification-needed-focal verification-needed-jammy verification-needed-mantic
2024-05-02 16:24:11	Launchpad Janitor	php7.4 (Ubuntu Focal): status	Fix Committed	Fix Released
2024-05-02 16:24:11	Launchpad Janitor	cve linked		2022-4900
2024-05-02 16:24:11	Launchpad Janitor	cve linked		2024-2756
2024-05-02 16:24:11	Launchpad Janitor	cve linked		2024-3096
2024-05-02 16:24:19	Launchpad Janitor	php8.1 (Ubuntu Jammy): status	Fix Committed	Fix Released
2024-06-12 15:07:59	Athos Ribeiro	php8.2 (Ubuntu Mantic): status	Fix Committed	Fix Released

Ubuntuphp7.4 package

Activity log for bug #2057576

Ubuntu
php7.4 package