Newsgroups: php.internals
Path: news.php.net
Xref: news.php.net php.internals:42137
Return-Path: <helly@php.net>
Mailing-List: contact internals-help@lists.php.net; run by ezmlm
Delivered-To: mailing list internals@lists.php.net
Received: (qmail 76935 invoked from network); 7 Dec 2008 18:36:37 -0000
Received: from unknown (HELO lists.php.net) (127.0.0.1)
  by localhost with SMTP; 7 Dec 2008 18:36:37 -0000
Authentication-Results: pb1.pair.com header.from=helly@php.net; sender-id=unknown
Authentication-Results: pb1.pair.com smtp.mail=helly@php.net; spf=unknown; sender-id=unknown
Received-SPF: unknown (pb1.pair.com: domain php.net does not designate 85.214.94.56 as permitted sender)
X-PHP-List-Original-Sender: helly@php.net
X-Host-Fingerprint: 85.214.94.56 aixcept.net Linux 2.6
Received: from [85.214.94.56] ([85.214.94.56:55600] helo=h1149922.serverkompetenz.net)
	by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP
	id 30/A4-51990-3B71C394 for <internals@lists.php.net>; Sun, 07 Dec 2008 13:36:36 -0500
Received: from MBOERGER-ZRH.corp.google.com (65-158.107-92.cust.bluewin.ch [92.107.158.65])
	(using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by h1149922.serverkompetenz.net (Postfix) with ESMTP id 4AB3611F207;
	Sun,  7 Dec 2008 19:36:32 +0100 (CET)
Date: Sun, 7 Dec 2008 19:33:42 +0100
Reply-To: Marcus Boerger <helly@php.net>
X-Priority: 3 (Normal)
Message-ID: <1349302921.20081207193342@marcus-boerger.de>
To: Ilia Alshanetsky <ilia@prohost.org>
CC: Scott MacVicar <scott@macvicar.net>, 
	PHP Internals <internals@lists.php.net>
In-Reply-To: <BE107CA1-A1B3-4429-9E5F-056F94A05A94@prohost.org>
References: <40E11268-D705-4F32-96E0-4C0AEA27AAC9@macvicar.net> <BE107CA1-A1B3-4429-9E5F-056F94A05A94@prohost.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Content-Transfer-Encoding: 8bit
Subject: Re: [PHP-DEV] Re: PHP 5.2.7 + magic_quotes_gpc broken
From: helly@php.net (Marcus Boerger)

Hello Ilia,

  brilliant :-)

Sunday, December 7, 2008, 7:16:43 PM, you wrote:

> I will be re-branching 5.2.7 with this revert for the purpose of 5.2.8  
> this week. This will allow the normal 5.2 bug fixing to continue as  
> normal.


> On 6-Dec-08, at 3:35 PM, Scott MacVicar wrote:

>> Hey,
>>
>> There have been several bug reports about magic_quotes_gpc being  
>> broken, at the moment in 5.2.7 the escaping is not performed even  
>> when enabled. So any applications that attempt to undo the work of  
>> magic_quotes_gpc will end up with problems.
>>
>> I've backed out the bug that broke this #42718
>>
>> Since this is a relative serious issue from a security stand point  
>> if people rely on it being enabled and a potential data loss for  
>> those trying to undo it, I'd like to see a release packaged asap.
>>
>> If Ilia agrees then could fixes to the 5.2 branch be restricted to  
>> build fixes only.
>>
>> Scott

> Ilia Alshanetsky








Best regards,
 Marcus