Yesterday an IBM i customer of ours emailed me an announcement he’d received from Zend concerning a vulnerability in PHP concerning floating point numbers. Zend also included instructions for installing their “hotfix.”
Fortunately, IBM i was never affected by this vulnerability, which stemmed from a “design flaw in the x87 floating point unit that is part of an old Intel X86 chipset,” affecting only Intel-based 32-bit PHP builds, according to this NetworkWorld article about the issue.
Here is a table supplied by Zend that shows which platforms were affected (emphasis on non-vulnerability of IBM i added by me):
|Linux (using 32-bit PHP build)||YES|
|Linux (using 64-bit PHP build)||NO|