|  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Bug #52093 Openssl_csr_sign (serial)
Submitted: 2010-06-16 11:34 UTC Modified: 2018-02-28 19:52 UTC
Avg. Score:4.0 ± 1.0
Reproduced:2 of 2 (100.0%)
Same Version:1 (50.0%)
Same OS:1 (50.0%)
From: dreuzel at belgacom dot net Assigned:
Status: Open Package: OpenSSL related
PHP Version: 5.3.2 OS: win7
Private report: No CVE-ID: None
Have you experienced this issue?
Rate the importance of this bug to you:

 [2010-06-16 11:34 UTC] dreuzel at belgacom dot net
The  Certificat  defintion OpenSSL   allows for  numerical serial numbers up to 
20 positions or more..    
In PHP  there is  build  in integer   rerstriction only allowing  half the serial
numbers .....   higher  numbers  have a cleared  part......

The serial needs to be  numerical no problem  but it need not be an integer
or limited by that  (allow  higher numbers)


Add a Patch

Pull Requests

Add a Pull Request


AllCommentsChangesGit/SVN commitsRelated reports
 [2017-08-02 14:27 UTC] narf at devilix dot net
There's a worse problem with this ... It's not even supposed to be a decimal number.
 [2018-02-28 19:52 UTC]
-Package: Unknown/Other Function +Package: OpenSSL related
PHP Copyright © 2001-2019 The PHP Group
All rights reserved.
Last updated: Tue Jul 23 13:01:26 2019 UTC