Seiden Group Blog

IBM i was never affected by (quickly patched) PHP floating point vulnerability

January 5, 2011/1 Comment/in IBM i, PHP /by Alan Seiden

Yesterday an IBM i customer of ours emailed me an announcement he’d received from Zend concerning a vulnerability in PHP concerning floating point numbers. Zend also included instructions for installing their “hotfix.”

Fortunately, IBM i was never affected by this vulnerability, which stemmed from a “design flaw in the x87 floating point unit that is part of an old Intel X86 chipset,” affecting only Intel-based 32-bit PHP builds, according to a NetworkWorld article about the issue.

Here is a table supplied by Zend that shows which platforms were affected (emphasis on non-vulnerability of IBM i added by me):

Platform	Vulnerability
Windows	YES
Linux (using 32-bit PHP build)	YES
Linux (using 64-bit PHP build)	NO
Mac OS	NO
IBM i	NO

About Alan Seiden

Alan works to preserve your investment in IBM enterprise systems by designing and implementing modernization strategies that leverage your existing business logic.

With a passion ...Read More

1 reply

Alan Seiden says:
January 6, 2011 at 3:55 pm

My tests on v5r4 and v6r1 machines confirm that IBM i is not affected.
Reply

Want to join the discussion?
Feel free to contribute!

IBM i was never affected by (quickly patched) PHP floating point vulnerability

About Alan Seiden

Leave a Reply

Leave a Reply Cancel reply