Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:42136
Return-Path: <ilia@prohost.org>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 71250 invoked from network); 7 Dec 2008 18:16:50 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 Dec 2008 18:16:50 -0000
Authentication-Results: pb1.pair.com smtp.mail=ilia@prohost.org; spf=permerror; sender-id=unknown
Authentication-Results: pb1.pair.com header.from=ilia@prohost.org; sender-id=unknown
Received-SPF: error (pb1.pair.com: domain prohost.org from 74.125.46.29 cause and error)
X-PHP-List-Original-Sender: ilia@prohost.org
X-Host-Fingerprint: 74.125.46.29 yw-out-2324.google.com  
Received: from [74.125.46.29] ([74.125.46.29:62672] helo=yw-out-2324.google.com)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id D3/A3-51990-1131C394 for <internals@lists.php.net>; Sun, 07 Dec 2008 13:16:50 -0500
Received: by yw-out-2324.google.com with SMTP id 5so340896ywb.83
        for <internals@lists.php.net>; Sun, 07 Dec 2008 10:16:46 -0800 (PST)
Received: by 10.64.201.16 with SMTP id y16mr2037581qbf.82.1228673806474;
        Sun, 07 Dec 2008 10:16:46 -0800 (PST)
Received: from ?192.168.1.132? (CPE0018f8c0ee69-CM000f9f7d6664.cpe.net.cable.rogers.com [72.138.241.182])
        by mx.google.com with ESMTPS id 9sm6626607qbw.15.2008.12.07.10.16.44
        (version=TLSv1/SSLv3 cipher=RC4-MD5);
        Sun, 07 Dec 2008 10:16:44 -0800 (PST)
Cc: PHP Internals <internals@lists.php.net>
Message-ID: <BE107CA1-A1B3-4429-9E5F-056F94A05A94@prohost.org>
To: Scott MacVicar <scott@macvicar.net>
In-Reply-To: <40E11268-D705-4F32-96E0-4C0AEA27AAC9@macvicar.net>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v929.2)
Date: Sun, 7 Dec 2008 13:16:43 -0500
References: <40E11268-D705-4F32-96E0-4C0AEA27AAC9@macvicar.net>
X-Mailer: Apple Mail (2.929.2)
Subject: Re: PHP 5.2.7 + magic_quotes_gpc broken
From: ilia@prohost.org (Ilia Alshanetsky)

I will be re-branching 5.2.7 with this revert for the purpose of 5.2.8  
this week. This will allow the normal 5.2 bug fixing to continue as  
normal.


On 6-Dec-08, at 3:35 PM, Scott MacVicar wrote:

> Hey,
>
> There have been several bug reports about magic_quotes_gpc being  
> broken, at the moment in 5.2.7 the escaping is not performed even  
> when enabled. So any applications that attempt to undo the work of  
> magic_quotes_gpc will end up with problems.
>
> I've backed out the bug that broke this #42718
>
> Since this is a relative serious issue from a security stand point  
> if people rely on it being enabled and a potential data loss for  
> those trying to undo it, I'd like to see a release packaged asap.
>
> If Ilia agrees then could fixes to the 5.2 branch be restricted to  
> build fixes only.
>
> Scott

Ilia Alshanetsky