Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:104466 Return-Path: Delivered-To: mailing list internals@lists.php.net Received: (qmail 976 invoked from network); 19 Feb 2019 04:32:02 -0000 Received: from unknown (HELO mail-pl1-f171.google.com) (209.85.214.171) by pb1.pair.com with SMTP; 19 Feb 2019 04:32:02 -0000 Received: by mail-pl1-f171.google.com with SMTP id d15so2400944plr.1 for ; Mon, 18 Feb 2019 17:16:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-language :content-transfer-encoding; bh=1J8OStzP/BrPZ+Z2vIo2MHYG5Xft4s5uoFzyA0Q9+Cc=; b=tx+zcbstoC6ZqxXOtwSd0Oq5XCJzhCmAHohm2EzFGs2qQXkdnka5bXANFH1Ab9XK+d 0GIHhf8m4Am9pn6W3K+hzX2wHaoXsGENlD2lNwujnvaw6oiguaSVyEl0tV/xNXMI6u3S 6iSL4GyAVTJtgWTwyjz2UaC3GPL9HldtY3PPEg/zoHt9NE2Y/SCeFI7qj8u62ez/mzc5 LplJA4U3MDduUIO48G1T+MZBrCY4+8Kl2owNChgvLeayL/owyhuJbRY7CbDKpH8AkmLH q17RlkCDLMLu/SY7XlTaeBPs3adGxmfS/pcPU4Q+ShqTVhhnuk6EiI0jQCJnejBQpLG8 RIIw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=1J8OStzP/BrPZ+Z2vIo2MHYG5Xft4s5uoFzyA0Q9+Cc=; b=XFwmpnIerxrHXUoPD14yTWx+Y35/M+XLWRuntjvmCw/RChbofonrmpuaiyqhZ+9nOL S5JJZUP1fAAttZBz282V/12gUauLjRL95SCfXSULOVezR4p4Yard4BYDWO8KQ1w3FUku GOxsfp8Tr2A7dYNpXXbK+I3a1uVtdwfdAgjKieQpTS6VOF+bLHMOzapHYFgBz7jbeVx2 P4C1JSOsENjfSbUs72YVXDclr90OCIeCX3jba9zwtXmNM3nO4y2sNEF7m+8vxHPdWh66 7GfJKc2A4y8lPTrW+VoYQhSOMieCIh2cqqFvbTr9PSYU4QYb32l9sJhJ3xL5/RBF654T kawQ== X-Gm-Message-State: AHQUAuZqNMr95WZ6kmcRqRdGq+kc91TbPaJDMnW8LqJnyzqUr6rYzFhk TzzBkkjmC8ybrQ5I/ADvRBKpYzg= X-Google-Smtp-Source: AHgI3IZmgZTYwAh640JOzbEMkkcHbIL0f5LKaGzR1TlFCr5ItvIRbNu+FXeJmYIRcTcZerIxXZaR2g== X-Received: by 2002:a17:902:aa01:: with SMTP id be1mr28047421plb.60.1550538991788; Mon, 18 Feb 2019 17:16:31 -0800 (PST) Received: from Stas-Pro-2016.local (c-24-4-176-254.hsd1.ca.comcast.net. [24.4.176.254]) by smtp.gmail.com with ESMTPSA id k66sm32608065pgc.24.2019.02.18.17.16.30 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 18 Feb 2019 17:16:30 -0800 (PST) To: "Christoph M. Becker" , PHP internals References: <46354329-38ca-82a2-352d-71394e0ce6bd@gmx.de> Openpgp: preference=signencrypt Autocrypt: addr=smalyshev@gmail.com; prefer-encrypt=mutual; keydata= mQMuBE9mqaARCACFSqcGmNunkjQQu3X+yXnTmFeEkvM4JXZTOBdR8aEevNGmmFEfyvjaDjWi 9hcwp4E/lYtC+P7VsVjM1OSX9eq0jC/lGL0ZyRXek+mNy0n5H1NSuTpf9Y18LMqhc4G+RU+L cNiZ9K0DJuOOvNLPxW7OHZguxb3wdKPXNVa2jyRfJAKm2uaJJMT1mTmFT9a0Q8SKr+mUrrJk uG0H2o6SzrKt8Wwoint1eh67zVsJaJtQFchnEZnlawIcqP2yC4nLGR3MkubowxoEBYCZet18 aHVVRbvpG2Qtob8Lu5xrsGbmXymTkHTdpvkfcJFADa8MzOL90zOxXwbGfbIZOlh5En8jAQCX lfnx2eQL3BSW/6XANa51dbWiEp1d1BAkpGKtZvlk0Qf+M9WAi+9aXMe3xP5krxtgnRNUf2WN 6Zdy2MxL1RRJCFbytLhl0ronC49BsGYVGshdEH8xhBbiIOJKuVZ/DTl9bEm7P9c7CC7iJyVC khUAhouH6xzZQNLR+RU+QebYzXypVfl99Qk7EdMmr/WAZCHLuvanyqepC5EBsa3VnAfQemSN oBeGBKWWLiOsPjvS72+y1z4RUMAfXHn4l/sFMt8zt7/74AmJPwZquV41p4mPO12V4+xPyc6R sB84sfsk2QVivU8w8AkvGQeYjXoz7Iwao95+fWteVzZ36KRQvUckP8pGjHlDXnHxJ0HI1I/k OBZSjwRwUf0dd73y6erPhbLk+gf+NdI3H9KGJBzG5/rVyWKwUeQ9d5ud4jTJRkQGvAP5pg76 vEa9dogbpe4W5Z+0BfbiJSnQmQWSHiZddj/t33ptbup44Ck6ZTgdlmFYMLF1hR47PIZTDKER EuKYGci/vq8snZvEJP9YCw/TtiHcMdrMKcY/+Lp8lQO0GHLPB9glVhnC0db6l1Xpg1CMI8/R ozBMcij30EgATggC/y2zbiqAFoS9FN9nXPbe4phStqABEyeZ+nXudt7PUYTjVgcrqo8bHZCi sBobWC7OnKyUzxVxzUeuPkIfmZuzkLaMw2McQdvwwsNvQ0DzaLP30c1Xsm/7EIYJcOWpzlVJ 5QrdmE0/BbQyU3RhbmlzbGF2IE1hbHlzaGV2IChQSFAga2V5KSA8c21hbHlzaGV2QGdtYWls LmNvbT6IegQTEQgAIgUCT2aqtAIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AACgkQL3lW vF2gS12XMwD9HuRIolSwIK77u8EY461y2u6sbX36n5/uo/LDQuxoi3sA/0MvpnvzOhv9Iufv vsZEj3E7i3h+iD5648YMwfTFCij+uQINBE9mqaAQCADfZPMpjZkkGZj3BY/7ApoLq4mwqzbh +CpLXwNn20tFNvSXfb8RdeXvVEb7Scx+W9qYpiaun2iXJgCVH8fgpZpR856ulT1q6uCG++CX ubEvip/eJkZl93/84h04KQJwsgOrAh0Om3OePRn8Pr+++0LNS0EL8uX/YHeTOGOnnmTqYTey SBVFdov6L4mepddfjekicKQqhL7mZh/xuq29JijT0uNNX8v4vDWQDu5dlAcdd+uB3gcXMD/P ginD11zp+6wtrWCm/+yBqpvDwXQX5PGUnwvbRfl7Ay3MmwmoXiecZMg0dwTSc7e0lhB4HGRH ZdBMJB4rHUVGdzqujK/ctOvrAAMFB/0Utb76Qe6sCMlHxVAmeE/fbo7Pi05btZ/x01r67dHf aMSP0riCKJ7M0OW+jAXtu9+z/BVnYisW67WWfxl2cS5tZDgiHgJARXWUOO72+sScHP8KQmTl 1z16gyKbwY3SmyBkwcpOL35nhUWNLy93syPoY6sZUTikr2bZYukHDQ33XBPs4e6MbWKfsa9q aVmnlOF3k5UqChjutfHaEa4Q7VP4wBIpphHBi9MI16oJIzzBPbGl2uoedjwiZ6QeQZnSuOVY ZxU2d3lRA8PrtfFN1VSlpEm/VcAvtieHUYWHN0wOu+cp3Slr5XJVNjTjJhl28SlinMME54mK AGf2Ldr/dRwXiGEEGBEIAAkFAk9mqaACGwwACgkQL3lWvF2gS126EQD/VVd3FgjLKglClRQP zdfU847tqDK4zJjbmRv5vLLwoE0A+wbrQs7jVGU3NrS0AIl5vUmewpp2BKzSkepy23nWmejw Message-ID: Date: Mon, 18 Feb 2019 17:16:29 -0800 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:60.0) Gecko/20100101 Thunderbird/60.5.0 MIME-Version: 1.0 In-Reply-To: <46354329-38ca-82a2-352d-71394e0ce6bd@gmx.de> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 7bit Subject: =?UTF-8?Q?Re=3a_=5bPHP-DEV=5d_Mitigate_=e2=80=9cMagellan_vulnerabil?= =?UTF-8?B?aXRpdGVz4oCdIGluIFBIUCA3LjI/?= From: smalyshev@gmail.com (Stanislav Malyshev) Hi! > In my opinion, adding this ini setting to PHP-7.4 is a no brainer, but I > suggest that we backport it to PHP-7.2 as well. I don't see a reason why not - if the option is useful for improving security/stability, let's backport it. If it's security related, maybe even to 7.1 since it's still in security support (if it's not too hard). -- Stas Malyshev smalyshev@gmail.com